[gnso-rds-pdp-wg] Apologies, and some reflections on requirements

Ayden Férdeline icann at ferdeline.com
Mon Jul 4 11:51:31 UTC 2016


VA, hi-
I apologise for getting your name wrong in my previous message.
I appreciate that we have approached this issue from different perspectives, but
I do not accept that security strategies must trump individual freedoms. In
particular, I disagree with your suggestion that “security drives policy which
drives business.” I would like to put forward that the opposite is true – red
tape hinders business, it does not drive it.
In my view, policy should be set only when there is an outcome that is either
desired or should be prevented. If I take your example, that having an accurate
directory of contact information for registrants is desirable from the
perspective of maintaining law and order online, I would like to suggest that
restricting one’s ability to register a domain name unless they provide verified
personal data is a poor means of achieving your desired goal. It might well have
significant collateral damage for, say, those blogging against repressive
governments.
I agree with you that the security of the Internet is a responsibility that we
all share. We will all be secure only when we are protecting ourselves, our
neighbours, the vulnerable, etc… So for this reason I have to say that I object
to your characterisation of only those persons prepared to sacrifice their
fundamental right to privacy as being “well-meaning and law-abiding citizens”. I
refer you to this public comment by Karl Auerbach in 2006, where he noted that, “The Whois database for DNS names has already
caused real and substantial harm. Every one of us has received spam and phone
calls based on whois data. But the harm goes much deeper. It goes so deep that
women have been stalked based on DNS whois data. It goes so deep that families
who use the internet to communicate are forced by DNS whois to expose their
names, their addresses, their phone numbers, their afilliations - not just of
parents but also of their children - to anyone, including predators, 24x7x365.”
These are people who I would classify as well-meaning and law-abiding citizens.
A security ‘solution’ which does not foster confidence in the Internet, but
causes more harm than good, is not something I would be comfortable supporting.
Finally, I’m not sure what the “laws of the land” are which you refer to? We
haven’t even agreed on whether data should be localised, distributed, federated…
so we are jumping a head a little. I presume you are referring to national laws,
and if so, I would like to add that I do not want ICANN to be involved in
questions to do with jurisdiction, and certainly not until such time as global
tensions around ensuring due process for all, and respecting human rights in
online contexts, are resolved. I am imagining a scenario where we determine,
say, we will have gated access for individuals (and I fully appreciate that we
have yet to enter into deliberations on this front… this is simply an example).
If a website’s owner is based, say, in Taiwan, their website is hosted on a
server in Canada, the webhost is incorporated in Panama, their domain name
registrar is in the Netherlands, and ICANN’s central repository of registration
data is in the United States (if we went with a federated approach); what would
happen if a request was received from law enforcement in China requesting the
registrant’s personal data? Should it be fulfilled, even if there was reasonable
suspicion that it would result in harm to the registrant? This may seem an
extreme example but I suspect there will be overlapping if not conflicting
territorial criteria somewhere along the way that is going to risk destroying
the nature and benefits that the Internet, as a global network of networks, has
brought about, and so we should steer well clear of any such discussions.
So please. Let us avoid questions of jurisdiction, and not sacrifice our
fundamental rights, freedoms and values in order to maintain ‘security’. I like
the Benjamin Franklin quote that Volker ended his email with. It's very fitting.
Best wishes,
Ayden





On Mon, Jul 4, 2016 12:13 PM, Catalyst-Vaibhav Aggarwal va at bladebrains.com wrote:
Ayden, 1. The Name is Vaibhav Aggarwal for your reference. 2. The Fostering responsibility is to inculcated at all levels. Crony capitalism
cannot drive security – but global studies have demonstrated Security drives
policy which drives businesses. Businesses always adapt, policy doesn't. 2a. Privacy or Data Security point is perfectly brought. Severe penalties should be
built in onto businesses and legal liabilities be created in line with the laws
of the land, for leaks in data. Any verified data is protected by a private and
confidential clause in the service agreement with the customer. 3. Well meaning and Law Abiding Citizens always are up for easy forms of
verifications. And Such data will be available in Studies globally in different
countries, Diff. industries, diff. environments and situations and they are
happy to accommodate;
Lets deliberate in the time to come. This is a vast topic but specific, Mr.
M.M.Oberoi (INDIAN POLICE SERVICE)– Cyber Security Head of Interpol Asia is at
Singapore – I also recommend people like him can be roped in. I know that people
from US agencies like the CIA and NSA and FBI Cyber Division, and the other
countries will be more than willing to contribute to this, if need be. I have
friends, will be happy to help.
Regards, -VA

From: Ayden Férdeline < icann at ferdeline.com >
Date: Monday, July 4, 2016 at 4:19 PM
To: Vaibhav Aggarwal < va at bladebrains.com >
Cc: Volker Greimann < vgreimann at key-systems.net >, < gnso-rds-pdp-wg at icann.org >
Subject: Re: [gnso-rds-pdp-wg] Apologies, and some reflections on requirements

Catalyst, hi-
I agree that we all have a responsibility to address Internet security issues.
However, in doing so, I would like to put forward that we all have a
responsibility to respect fundamental human rights and values, including the
right to privacy.
We will never be able to entirely eliminate the threats posed by bad actors. As
you said, fake email addresses and burner phones are all possibilities today. If
we put too many barriers in place to registering a domain name, we are not going
to stop those who are registering domain names for malicious purposes. They will
always find ways to get content online. We will hurt and inconvenience only
well-meaning and law-abiding citizens who rely on domain names to express their
ideas, to manage their micro enterprise, or to otherwise engage in lawful
activities.
In all that we do as a working group I would like us to foster confidence in the
Internet and to protect opportunities online for economic and social prosperity.
Best wishes,
Ayden





On Mon, Jul 4, 2016 10:49 AM, Catalyst-Vaibhav Aggarwal va at bladebrains.com wrote:
The Responsibility is of the party who is driving profit or providing

service. The Registrant is the party who is to be checked for his / her

credentials to prevent misuse. The situation is alarming- this is evident

of the data being published y various Registries or Governments from time

to time related to Bogus Registrations, Misused Domain names cancelled or

and Spam Originating Domain Names. A Stake Holder from Maccabee / Norton /

Sentinel / MXBlackList / Avast etc such Engines can be referred to for

such data collection for the use of consultations.

And any such suggestion can easily be implemented with the Automation of

the entire Verification process. For Eg. Gmail has a two Step

Authentication - One on the Password and the other on the Phone Number of

the User. To begin with, the phone is the Personal verified connection by

the local authorities. A Burner Phone in the US may not be Digitally

Authenticated, but the NSA in the US has a way to it. AUTOMATED.




This can be elaborated as and when the case come up for hearing in the WG,

in a formal setting. And if this is not done today due to extensive

lobbying efforts by a particular section / Industry members, it will be

done as a Mandate tomorrow. We might as well prepare today and keep

provisions as the overhaul of the framework and the systems, is inevitable.




This is a issue regaining the safety of me, my family, I don¹t think, I am

or anybody will be willing to compromise. And the Lives being lost and the

Resources being insufficient to tract these anti-social activities are

being proven insufficient again and again, there is little contribution we

can do to the safety of us.




Sincerely,

-VA







On 7/4/16, 2:57 PM, "Volker Greimann" < gnso-rds-pdp-wg-bounces at icann.org

on behalf of vgreimann at key-systems.net > wrote:




>I disagree. The only party that should be responsible for maintaining

>good data is the registrant. The responsibilities of registrars,

>registries and proxy services should revolve only on the correct

>maintenance of that data and on acting when informed about actual issues

>with the whois data.

>

>

>Best,

>

>Volker

>

>

>Am 30.06.2016 um 22:19 schrieb Mark Svancarek via gnso-rds-pdp-wg:

>> I think it's perfectly reasonable to expect accurate WhoIs data, proxy

>>services included, so long as contracts are enforced. That isn't the

>>case today as far as I can tell, but with ICANN under new management I

>>think we should hold ICANN, registries, registrars AND proxy providers

>>accountable to provide good data with penalties consistently enforced.

>>

>> -----Original Message-----

>> From: gnso-rds-pdp-wg-bounces at icann.org

>>[ mailto:gnso-rds-pdp-wg-bounces at icann.org ] On Behalf Of Andrew Sullivan

>> Sent: Thursday, June 30, 2016 11:07 PM

>> To: gnso-rds-pdp-wg at icann.org

>> Subject: Re: [gnso-rds-pdp-wg] Apologies, and some reflections on

>>requirements

>>

>> On Thu, Jun 30, 2016 at 07:51:58PM +0000, Mark Svancarek wrote:

>>> One more comment regarding who collects the data and who they share it

>>>with: privacy proxy services can sit between the registrant and

>>>registrar - Andrew's models didn't explicitly mention that. Keep

>>>that in mind when we discuss what is collected, who its shared with,

>>>and where its stored.

>>>

>> Well, yes, but from the point of view of the registration system the

>>registrant is actually the proxy service. The "real" registrant in

>>effect has an agreement with the proxy service that the proxy service

>>will abide by the "real" registrant's instructions. It's a matter of

>>contract whether that happens, of course -- the registrar simply can't

>>tell who the "real" registrant is.

>>

>> I sort of alluded to this in my original remarks. This is also part of

>>the reason why I think the entire "accurate whois data" shuffle is such

>>an absurd waste of time. There is literally no way to prevent these

>>kinds of proxy registrations from happening, because the actual proxy

>>activity happens outside the registration context. One can of course

>>make them more expensive with increasingly baroque rules, but that's not

>>the same thing as somehow managing to make them disappear.

>>

>> (Compare this with the "sublet" market for rent-controlled apartments

>>in some jurisdictions in order to see why this is the case.)

>>

>> Best regards,

>>

>> A

>>

>> --

>> Andrew Sullivan

>> ajs at anvilwalrusden.com

>> _______________________________________________

>> gnso-rds-pdp-wg mailing list

>> gnso-rds-pdp-wg at icann.org

>>

>> https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2fmm.icann

>>.org%2fmailman%2flistinfo%2fgnso-rds-pdp-wg&data=01%7c01%7cmarksv%40micro

>>soft.com%7cf38dec4589b048b7524e08d3a122326d%7c72f988bf86f141af91ab2d7cd01

>>1db47%7c1&sdata=S703VAg7xNmJKcfrG%2bwQcrANtef9QhGqILmSBfHfbNQ%3d

>> _______________________________________________

>> gnso-rds-pdp-wg mailing list

>> gnso-rds-pdp-wg at icann.org

>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

>

>--

>Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.

>

>Mit freundlichen Grüßen,

>

>Volker A. Greimann

>- Rechtsabteilung -

>

>Key-Systems GmbH

>Im Oberen Werk 1

>66386 St. Ingbert

>Tel.: +49 (0) 6894 - 9396 901

>Fax.: +49 (0) 6894 - 9396 851

>Email: vgreimann at key-systems.net

>

>Web: www.key-systems.net / www.RRPproxy.net

>www.domaindiscount24.com / www.BrandShelter.com

>

>Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:

>www.facebook.com/KeySystems

>www.twitter.com/key_systems

>

>Geschäftsführer: Alexander Siffrin

>Handelsregister Nr.: HR B 18835 - Saarbruecken

>Umsatzsteuer ID.: DE211006534

>

>Member of the KEYDRIVE GROUP

>www.keydrive.lu

>

>Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen

>Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder

>Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese

>Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns

>per E-Mail oder telefonisch in Verbindung zu setzen.

>

>--------------------------------------------

>

>Should you have any further questions, please do not hesitate to contact

>us.

>

>Best regards,

>

>Volker A. Greimann

>- legal department -

>

>Key-Systems GmbH

>Im Oberen Werk 1

>66386 St. Ingbert

>Tel.: +49 (0) 6894 - 9396 901

>Fax.: +49 (0) 6894 - 9396 851

>Email: vgreimann at key-systems.net

>

>Web: www.key-systems.net / www.RRPproxy.net

>www.domaindiscount24.com / www.BrandShelter.com

>

>Follow us on Twitter or join our fan community on Facebook and stay

>updated:

>www.facebook.com/KeySystems

>www.twitter.com/key_systems

>

>CEO: Alexander Siffrin

>Registration No.: HR B 18835 - Saarbruecken

>V.A.T. ID.: DE211006534

>

>Member of the KEYDRIVE GROUP

>www.keydrive.lu

>

>This e-mail and its attachments is intended only for the person to whom

>it is addressed. Furthermore it is not permitted to publish any content

>of this email. You must not use, disclose, copy, print or rely on this

>e-mail. If an addressing or transmission error has misdirected this

>e-mail, kindly notify the author by replying to this e-mail or contacting

>us by telephone.

>

>

>

>_______________________________________________

>gnso-rds-pdp-wg mailing list

> gnso-rds-pdp-wg at icann.org

> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg







_______________________________________________

gnso-rds-pdp-wg mailing list

gnso-rds-pdp-wg at icann.org

https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg






Ayden Férdeline Statement of Interest

Ayden Férdeline Statement of Interest
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160704/5730c09a/attachment.html>


More information about the gnso-rds-pdp-wg mailing list