[gnso-rds-pdp-wg] Action item - gap assessment

Victoria Sheckler vsheckler at riaa.com
Wed Aug 17 11:25:48 UTC 2016 

What evidence do you have to support that claim?

Sent from my iPad

On Aug 17, 2016, at 6:42 AM, Ayden Férdeline <icann at ferdeline.com<mailto:icann at ferdeline.com>> wrote:

As to how readily data would be available from registrars, that may or may not be true (and issues of burdensomeness come into play as well). Will every registrar have a 24/7 contact available to give out information in real time to victims of abuse and infringement and those working on their behalf?

Do you really think that is appropriate? If I was to receive harassing telephone calls, I would not expect to be able to call a telecommunications company “24/7” and to be immediately provided with their customer’s records. I would expect access to their database to be heavily restricted. It is not difficult to imagine the trouble that would result from free, unrestricted, anonymous public access to a database of telephone number account holders. Sure, a few crimes might be solved, but a thousand times more would be instigated by identify thieves, spammers, and stalkers. The same concerns apply here to WHOIS or whatever form the RDS may take.

- Ayden

-------- Original Message --------
Subject: Re: [gnso-rds-pdp-wg] Action item - gap assessment
Local Time: August 17, 2016 5:59 AM
UTC Time: August 17, 2016 4:59 AM
From: gregshatanipc at gmail.com<mailto:gregshatanipc at gmail.com>
To: stephanie.perrin at mail.utoronto.ca<mailto:stephanie.perrin at mail.utoronto.ca>
gnso-rds-pdp-wg at icann.org<mailto:gnso-rds-pdp-wg at icann.org>

Yes, I did mean16, not 19. I guess that was a result of turning the case on its head....

I think that this shows both sides of the case, rather than turning it on its head: that the victims in this case may well need access to WHOIS data, irrespective of where the data used against them came from.

As to how readily data would be available from registrars, that may or may not be true (and issues of burdensomeness come into play as well). Will every registrar have a 24/7 contact available to give out information in real time to victims of abuse and infringement and those working on their behalf?


I don't know who Martha is, but with great respect, I disagree with her.

Greg

On Tuesday, August 16, 2016, Stephanie Perrin <stephanie.perrin at mail.utoronto.ca<mailto:stephanie.perrin at mail.utoronto.ca>> wrote:

Did you mean 16?  It seems so.  With great respect Greg, I think you are turning this case on its head.  Yes, WHOIS has been and likely will continue to be a useful source of info for identifying perpetrators of abuse.  We don't need a separate case for each type of abuse (child porn,  selling counterfeit goods, post intimate relationship hassment, etc etc).  This use case identified the risk that abusers will get the data they need to abuse from the WHOIS.  Lets be clear, investigators of abuse can go to the registrar.  It is not as if this data suddenly becomes unavailable if it is not publicly displayed. It is just not available so readily.  And that, as Martha might say, is a good thing.

Stephanie Perrin

On 2016-08-16 19:31, Greg Shatan wrote:
I think that Case 19 ("WHOIS misused to shame, anger or scare a registrant") suggests a potential gap or at least a counter-case ("WHOIS used to find those posting personally identifiable information to shame, anger or scare a registrant"').  As Case 19 posits, this involves posting information on the Internet.  In many cases, the information is posted on websites using domains registered for such purpose, or sent using email addresses using domains registered for that purpose.  WHOIS data is an important and much-used tool in determining the identity of those disseminating the PII under those circumstances.

I have personal experience with this. When my client was the victim of a doxing attack (and this involved publishing confidential documents, not merely publicly available contact information), WHOIS data was critical in tracking down the identity of the individuals responsible.  There was much more to it, but the WHOIS data was the first lead in the chain.  Without that data, the results may have been quite different.

Rather than drafting a whole new use case, I think that this use case is similar enough to existing use cases 06, 09, 21 and 22 to point to those cases for more detail.  I would point in particular to use case 21's statement that "telltales may be found in resources used to register the domain" which in turn lead to other information necessary to move forward.  "Telltales" may also be found in information that is not completely accurate.  This point should not be lost -- WHOIS records can reveal telltales and "breadcrumbs" even when the information is not a bald-faced registration in the name of the "miscreant" (as use case 22) put its.

Of course, if it's deemed necessary, I can create a separate use case for this.

Greg

On Fri, Aug 12, 2016 at 2:18 PM, Lisa Phifer <lisa at corecom.com> wrote:

Dear all,

To address the following action item:

Action item: WG members to review example use cases and identify any gaps that should be filled - preferably volunteering to draft and present them

Example use cases identified by this WG to date are listed below and can be found here: https://community.icann.org/x/JA6bAw


<part3.CCB4B344.F63B1712 at mail.utoronto.ca<mailto:part3.CCB4B344.F63B1712 at mail.utoronto.ca>>


In addition, cases originally drafted by the EWG are listed here:
EWG Report - Example Use Case and Related Data Annexes.doc<https://community.icann.org/download/attachments/60490860/EWG%20Report%20-%20Use%20Case%20and%20Data%20Annexes.doc?version=1&modificationDate=1468862831000&api=v2>
Contact staff if you would like to a copy of any EWG draft use case.

As we are trying to examine a representative but not exhaustive set of examples prior to deliberation (see https://community.icann.org/x/JA6bAw), if you believe that a different and important example is missing from the above table, please raise that gap to the WG's attention.

Best regards,
Lisa


_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg at icann.org
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg




_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg at icann.org
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg at icann.org<mailto:gnso-rds-pdp-wg at icann.org>
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160817/d716803d/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: part3.CCB4B344.F63B1712 at mail.utoronto.ca
Type: image/jpeg
Size: 303051 bytes
Desc: part3.CCB4B344.F63B1712 at mail.utoronto.ca
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160817/d716803d/part3.CCB4B344.F63B1712mail.utoronto.ca>

More information about the gnso-rds-pdp-wg mailing list