[Gnso-impl-thickwhois-rt] Additional triggers and privacy law
theo geurts
gtheo at xs4all.nl
Sat Jan 21 19:30:06 UTC 2017
Hello all,
I am not in favor in creating a "trigger" based on the data retention
waiver. First of all, that process was horrible and costly, and I can
only conclude that there still Registrars out there that started in
2013, still not have obtained a waiver in 2017.
We as an IRT concluded that it is up to the Registrars own due diligence
to determine if there is an issue with privacy laws.
The rationale behind that is/was simple:
2011, 76 countries having data privacy laws.
2016, 109 countries having privacy laws.
2017, 35 more countries are currently drafting privacy laws.
As mentioned before this is a moving target and not up to us to address.
That being said, the current solution when it comes to the migration and
issues with privacy law is not a solution. I appreciate the fact that
Verisign noted it during the comment period, but as several Registrars
has mentioned in the past, it is not a good solution.
After the latest GNSO meeting I hoped to see some progress on the WHOIS
IAG matter, but frankly, with the current speed, I am afraid that the
WHOIS IAG will be overtaken by stationary objects.
That either means there is a problem or there is not, and I would like
to get some input from the IRT on it.
If there is no problem, please provide me with some info on why it is
not an issue.
If it is an issue then how do we address it? We can't tell Registrars
you must migrate WHOIS data before X date and if there is a problem then
just break the law.
We also cannot create a situation that if a Registrar can not migrate
the data, run into compliance issues that might end up in
de-accreditation of that Registrar, I think we all agree that is just
plain silly and the wrong message.
My solution here would be, and it is not great, to be honest, that until
the matter can be resolved the Registry operator supports both thin and
thick whois registrations and shall carry the burden for both systems.
The Registrar might also carry a burden here. As they might come into a
situation, they are forced to implement RDAP at some point as the rest
of the world moves to RDAP. I already see ccTLDs Registries announce
RDAP, go figure ;)
Would the above solve the issue? And yes I am aware that the above
language cannot be added to the draft in its current state, but I am
sure staff can come up with something workable here.
If the whole idea is plain silly, feel free to kick me under the table
here.
Theo
More information about the Gnso-impl-thickwhois-rt
mailing list