[gnso-rds-pdp-wg] Action item - gap assessment

Greg Shatan gregshatanipc at gmail.com
Wed Aug 17 04:59:55 UTC 2016 

Yes, I did mean16, not 19. I guess that was a result of turning the case on
its head....

I think that this shows both sides of the case, rather than turning it on
its head: that the victims in this case may well need access to WHOIS data,
irrespective of where the data used against them came from.

As to how readily data would be available from registrars, that may or may
not be true (and issues of burdensomeness come into play as well). Will
every registrar have a 24/7 contact available to give out information in
real time to victims of abuse and infringement and those working on their
behalf?


I don't know who Martha is, but with great respect, I disagree with her.

Greg

On Tuesday, August 16, 2016, Stephanie Perrin <
stephanie.perrin at mail.utoronto.ca> wrote:

> Did you mean 16?  It seems so.  With great respect Greg, I think you are
> turning this case on its head.  Yes, WHOIS has been and likely will
> continue to be a useful source of info for identifying perpetrators of
> abuse.  We don't need a separate case for each type of abuse (child porn,
> selling counterfeit goods, post intimate relationship hassment, etc etc).
> This use case identified the risk that abusers will get the data they need
> to abuse from the WHOIS.  Lets be clear, investigators of abuse can go to
> the registrar.  It is not as if this data suddenly becomes unavailable if
> it is not publicly displayed. It is just not available so readily.  And
> that, as Martha might say, is a good thing.
>
> Stephanie Perrin
>
> On 2016-08-16 19:31, Greg Shatan wrote:
>
> I think that Case 19 ("WHOIS misused to shame, anger or scare a
> registrant") suggests a potential gap or at least a counter-case ("WHOIS
> used to find those posting personally identifiable information to shame,
> anger or scare a registrant"').  As Case 19 posits, this involves posting
> information on the Internet.  In many cases, the information is posted on
> websites using domains registered for such purpose, or sent using email
> addresses using domains registered for that purpose.  WHOIS data is an
> important and much-used tool in determining the identity of those
> disseminating the PII under those circumstances.
>
> I have personal experience with this. When my client was the victim of a
> doxing attack (and this involved publishing confidential documents, not
> merely publicly available contact information), WHOIS data was critical in
> tracking down the identity of the individuals responsible.  There was much
> more to it, but the WHOIS data was the first lead in the chain.  Without
> that data, the results may have been quite different.
>
> Rather than drafting a whole new use case, I think that this use case is
> similar enough to existing use cases 06, 09, 21 and 22 to point to those
> cases for more detail.  I would point in particular to use case 21's
> statement that "telltales may be found in resources used to register the
> domain" which in turn lead to other information necessary to move forward.
>  "Telltales" may also be found in information that is not completely
> accurate.  This point should not be lost -- WHOIS records can reveal
> telltales and "breadcrumbs" even when the information is not a bald-faced
> registration in the name of the "miscreant" (as use case 22) put its.
>
> Of course, if it's deemed necessary, I can create a separate use case for
> this.
>
> Greg
>
> On Fri, Aug 12, 2016 at 2:18 PM, Lisa Phifer <lisa at corecom.com
> <javascript:_e(%7B%7D,'cvml','lisa at corecom.com');>> wrote:
>
>> Dear all,
>>
>> To address the following action item:
>>
>> *Action item*: WG members to review example use cases and identify any
>> gaps that should be filled - preferably volunteering to draft and present
>> them
>>
>> Example use cases identified by this WG to date are listed below and can
>> be found here: https://community.icann.org/x/JA6bAw
>>
>> [image: Emacs!]
>>
>> In addition, cases originally drafted by the EWG are listed here:
>> EWG Report - Example Use Case and Related Data Annexes.doc
>> <https://community.icann.org/download/attachments/60490860/EWG%20Report%20-%20Use%20Case%20and%20Data%20Annexes.doc?version=1&modificationDate=1468862831000&api=v2>
>> Contact staff if you would like to a copy of any EWG draft use case.
>>
>> As we are trying to examine a representative but not exhaustive set of
>> examples prior to deliberation (see https://community.icann.org/x/JA6bAw),
>> if you believe that a different and important example is missing from the
>> above table, please raise that gap to the WG's attention.
>>
>> Best regards,
>> Lisa
>>
>>
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> <javascript:_e(%7B%7D,'cvml','gnso-rds-pdp-wg at icann.org');>
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing listgnso-rds-pdp-wg at icann.org <javascript:_e(%7B%7D,'cvml','gnso-rds-pdp-wg at icann.org');>https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160817/2cd9feb5/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 303051 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160817/2cd9feb5/attachment.jpe>

More information about the gnso-rds-pdp-wg mailing list