[gnso-rds-pdp-wg] CIRCL - Luxembourg CERT Statement on WHOIS
John Bambenek
jcb at bambenekconsulting.com
Sun Apr 15 13:51:10 UTC 2018
We are again at the first principle. If you think the purpose of ICANN is simply function as a trade association of registrars and registries whose sole mission to enable the transfer of a domain from registrar to registrant, then yes whois/rds in not strictly necessary.
But that is not the sole purpose of the system or of ICANN.
--
John Bambenek
> On Apr 15, 2018, at 03:40, Tapani Tarvainen <ncsg at tapani.tarvainen.info> wrote:
>
>> On Apr 14 16:42, Paul Keating (Paul at law.es) wrote:
>>
>> To me this is abundantly clear:
>>
>> constitutes a legitimate interest of the data controller concerned.
>
> I'm not sure I follow. Any interest of the data controller does not,
> at least not in any obvious way, justify giving personal data they
> are processing to any third parties, let alone the world at large.
>
>> Insofar as what data is "strictly necessary and proportionate for the
>> purposes of ensuring network
>> and information security,", that certainly includes the following:
>>
>> Name (or other means of permitting attribution and identification)
>> Email (same)
>> IP address
>> Creation date
>
> Without going now into that beyong noting that even those are debatable,
> what definitely isn't strictly necessary is publishing all that to the
> entire world.
>
> --
> Tapani Tarvainen
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
More information about the gnso-rds-pdp-wg
mailing list