<blockquote type="cite" class="protonmail_quote" style="padding: 0px 0px 0px 1rem; margin: 0px; border-left: 4px solid rgb(229, 229, 229); color: rgb(34, 34, 34); font-family: Arial, "Helvetica Neue", Helvetica, sans-serif; font-size: 14px; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; line-height: 23.1px; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px;"><div>As to how readily data would be available from registrars, that may or may not be true (and issues of burdensomeness come into play as well). Will every registrar have a 24/7 contact available to give out information in real time to victims of abuse and infringement and those working on their behalf?<br></div></blockquote><div><br></div><div>Do you really think that is appropriate? If I was to receive harassing telephone calls, I would not expect to be able to call a telecommunications company “24/7” and to be immediately provided with their customer’s records. I would expect access to their database to be heavily restricted. It is not difficult to imagine the trouble that would result from free, unrestricted, anonymous public access to a database of telephone number account holders. Sure, a few crimes might be solved, but a thousand times more would be instigated by identify thieves, spammers, and stalkers. The same concerns apply here to WHOIS or whatever form the RDS may take.<br></div><div><br></div><div class="protonmail_signature_block"><div>- Ayden <br></div><div><br></div></div><blockquote class="protonmail_quote" type="cite"><div>-------- Original Message --------<br></div><div>Subject: Re: [gnso-rds-pdp-wg] Action item - gap assessment<br></div><div>Local Time: August 17, 2016 5:59 AM<br></div><div>UTC Time: August 17, 2016 4:59 AM<br></div><div>From: gregshatanipc@gmail.com<br></div><div>To: stephanie.perrin@mail.utoronto.ca<br></div><div>gnso-rds-pdp-wg@icann.org<br></div><div><br></div><div>Yes, I did mean16, not 19. I guess that was a result of turning the case on its head....<br></div><div><br></div><div>I think that this shows both sides of the case, rather than turning it on its head: that the victims in this case may well need access to WHOIS data, irrespective of where the data used against them came from.<br></div><div><br></div><div>As to how readily data would be available from registrars, that may or may not be true (and issues of burdensomeness come into play as well). Will every registrar have a 24/7 contact available to give out information in real time to victims of abuse and infringement and those working on their behalf?<br></div><div><br></div><div><br></div><div>I don't know who Martha is, but with great respect, I disagree with her.<br></div><div><br></div><div><div>Greg<br></div><div><br></div><div>On Tuesday, August 16, 2016, Stephanie Perrin <<a href="mailto:stephanie.perrin@mail.utoronto.ca">stephanie.perrin@mail.utoronto.ca</a>> wrote:<br></div><blockquote style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex" class="gmail_quote"><div bgcolor="#FFFFFF"><p><span style="font-size:undefinedpx" class="size"><span style="font-family:Lucida Grande" class="font">Did you mean 16? It
seems so. With great respect Greg, I think you are turning
this case on its head. Yes, WHOIS has been and likely will
continue to be a useful source of info for identifying
perpetrators of abuse. We don't need a separate case for each
type of abuse (child porn, selling counterfeit goods, post
intimate relationship hassment, etc etc). This use case
identified the risk that abusers will get the data they need
to abuse from the WHOIS. Lets be clear, investigators of
abuse can go to the registrar. It is not as if this data
suddenly becomes unavailable if it is not publicly displayed.
It is just not available so readily. And that, as Martha might
say, is a good thing.</span></span><br></p><p><span style="font-size:undefinedpx" class="size"><span style="font-family:Lucida Grande" class="font">Stephanie Perrin</span></span><br></p><div><br></div><div>On 2016-08-16 19:31, Greg Shatan wrote:<br></div><blockquote type="cite"><div dir="ltr"><div style="font-family:verdana,sans-serif" class="gmail_default">I think that Case 19
("WHOIS misused to shame, anger or scare a registrant")
suggests a potential gap or at least a counter-case ("WHOIS
used to find those posting personally identifiable information
to shame, anger or scare a registrant"'). As Case 19 posits,
this involves posting information on the Internet. In many
cases, the information is posted on websites using domains
registered for such purpose, or sent using email addresses
using domains registered for that purpose. WHOIS data is an
important and much-used tool in determining the identity of
those disseminating the PII under those circumstances.<br></div><div style="font-family:verdana,sans-serif" class="gmail_default"><br></div><div style="font-family:verdana,sans-serif" class="gmail_default">I have personal
experience with this. When my client was the victim of a
doxing attack (and this involved publishing confidential
documents, not merely publicly available contact information),
WHOIS data was critical in tracking down the identity of the
individuals responsible. There was much more to it, but the
WHOIS data was the first lead in the chain. Without that
data, the results may have been quite different.<br></div><div style="font-family:verdana,sans-serif" class="gmail_default"><br></div><div class="gmail_default"><span style="font-family:verdana, sans-serif" class="font">Rather
than drafting a whole new use case, I think that this use
case is similar enough to existing use cases 06, 09, 21 and
22 to point to those cases for more detail. I would point
in particular to use case 21's statement that "telltales
may be found in resources used to register the domain" which
in turn lead to other information necessary to move forward.
"Telltales" may also be found in information that is not
completely accurate. This point should not be lost -- WHOIS
records can reveal telltales and "breadcrumbs" even when the
information is not a bald-faced registration in the name of
the "miscreant" (as use case 22) put its.</span><br></div><div style="font-family:verdana,sans-serif" class="gmail_default"><br></div><div style="font-family:verdana,sans-serif" class="gmail_default">Of course, if it's
deemed necessary, I can create a separate use case for this.<br></div><div style="font-family:verdana,sans-serif" class="gmail_default"><br></div><div style="font-family:verdana,sans-serif" class="gmail_default">Greg<br></div></div><div class="gmail_extra"><div><br></div><div class="gmail_quote"><div>On Fri, Aug 12, 2016 at 2:18 PM, Lisa
Phifer <span dir="ltr"><<a>lisa@corecom.com</a>></span>
wrote:<br></div><div>
<br></div><blockquote style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex" class="gmail_quote"><div><div>Dear all,<br></div><div>
<br></div><div>
To address the following action item:<br></div><div>
<br></div><div>
<b><i>Action item</i></b>: WG members to review example
use cases and
identify any gaps that should be filled - preferably
volunteering to
draft and present them<br></div><div>
<br></div><div>
Example use cases identified by this WG to date are listed
below and
can be found here:
<a href="https://community.icann.org/x/JA6bAw" rel="noreferrer">
https://community.icann.org/x/<wbr>JA6bAw</a><br></div><div>
<br></div><div>
<br></div><div class="image loading"><img width="649" height="611" alt="Emacs!" data-embedded-img="cid:part3.CCB4B344.F63B1712@mail.utoronto.ca" class="proton-embedded" src="cid:part3.CCB4B344.F63B1712@mail.utoronto.ca"><br></div><div><br></div><div><br></div><div>In addition, cases originally drafted by the EWG are
listed here: <br></div><div>
<a href="https://community.icann.org/download/attachments/60490860/EWG%20Report%20-%20Use%20Case%20and%20Data%20Annexes.doc?version=1&modificationDate=1468862831000&api=v2" rel="noreferrer">
EWG Report - Example Use Case and Related Data
Annexes.doc</a><br></div><div>
Contact staff if you would like to a copy of any EWG draft
use
case.<br></div><div>
<br></div><div>
As we are trying to examine a representative but not
exhaustive set of
examples prior to deliberation (see
<a href="https://community.icann.org/x/JA6bAw" rel="noreferrer">https://community.icann.org/x/<wbr>JA6bAw</a>),
if you believe that a different
and important example is missing from the above table,
please raise that
gap to the WG's attention.<br></div><div>
<br></div><div>
Best regards,<br></div><div>
Lisa<br></div><div>
<br></div></div><div><br></div><div>______________________________<wbr>_________________<br></div><div>
gnso-rds-pdp-wg mailing list<br></div><div>
<a>gnso-rds-pdp-wg@icann.org</a><br></div><div>
<a rel="noreferrer" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg">https://mm.icann.org/mailman/l<wbr>istinfo/gnso-rds-pdp-wg</a><br></div></blockquote></div><div><br></div></div><div><br></div><div><br></div><pre>______________________________<wbr>_________________
gnso-rds-pdp-wg mailing list
<a>gnso-rds-pdp-wg@icann.org</a>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a><br></pre></blockquote></div></blockquote></div></blockquote><div><br></div>