[gnso-rds-pdp-wg] key concepts: say "contact data" when that is what we mean

[Rob Golding]

> "Should gTLD registration data be accessible for any purpose or only
> for specific purposes?"  The question assumes we're talking about
> contact data.

I don't think it does presuppose we're talking about _Registrant 
Information_

There are other data items _currently_ shown which may not be 
legal/permissable/acceptable/whatever, which have been "lumped" into 
"thin data" in this model

> With thin data, I suggest that the question doesn't
> matter much -- none of that data's sensitive.

Lots of it is "sensitive" to varying degrees

For example Reseller is very sensitive

That data element ...
* gives you an attack vector on my customer
* it facilitates criminal activity and social engineering
* it masssively increases the cold-calls, spam and junk they get
* it makes them a potential target for who-Knows-what
* it gives you a list of my customers (something almost no business 
would ever consider giving away,and may not legally be allowed to even 
talk about)
  and so on.

> The question only
> really matters when we're talking about contact data (PII).

No the question matters about every single item which is suggested will 
be in "RDS"

> I'm simply wondering if everyone can agree that having an RDS is
> essential

We don't have one currently, so it's hardly *essential*
Maybe Useful ? Convenient ? Likely to do more good than harm overall ?

The best description I can think of is that "RDS is likely to break 
anything that relies on WHOIS" ;)

> and that publishing at least the thin data via it is
> essential for many valid and public purposes.

The making available of specified data elements to users of defined 
access/authorisation levels supports many purposes, the valid purposes 
being (TBD)


Rob