<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>Greg, the poll question was worded to separate future deliberation on authentication and any potential access controls from current deliberation on the concept of purpose and whether and how purpose would apply to policy. </div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">Would it address your concern if you gave in your rationale for not supporting any of the 4 options listed the explanation that you gave in your email? </div><div id="AppleMailSignature"><br></div><div id="AppleMailSignature">Lisa<br><br>Sent from Lisa Phifer's iPhone</div><div><br>On Dec 14, 2016, at 10:30 AM, Greg Aaron <<a href="mailto:gca@icginc.com">gca@icginc.com</a>> wrote:<br><br></div><blockquote type="cite"><div>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><a name="_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Dear Lisa:<o:p></o:p></span></a></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></span></p>
<div>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">The poll is missing an option that describes the status quo, and the option came up in yesterday’s discussion. That option could
be stated: “Thin data’ about gTLD domain names should be accessible to all users anonymously and without declaration of purpose, with illegitimate uses expressly prohibited by policy.”<o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Can the poll be re-done with the addition option available? I don’t want to choose any of the current options, and the option above
is important since it describes the current situation. <o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">The poll doesn’t present this option. Crucially, all the current choices say that data would be “accessible” only if users first
meet a condition. For example, option “a” means that all users would be required to declare their use/intent (and therefore possibly their identity) before being allowed to access any data. That’s the only way to deny access for “illegitimate purposes”.<o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Currently, data is accessible in WHOIS to anyone who wants to look at it, and policy dictates that there are some things one should
not then USE it for. On the call, someone mentioned that these prohibited uses are mentioned in the RAA. (In paragraph 3.3.5 to be precise.) To put it another way: access to data is currently given to all, and the policy is that people shouldn’t then use
the data for things like spamming. The policy does not gate access to the data; the policy is a terns of use.
<o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">On yesterday’s call, Alan Greenberg and I made comments along the lines that it’s problematic to make all the users of WHOIS declare
their intent/use before getting (on-PII) data. It would make all legitimate users jump through hoops, and it wouldn’t be an enforceable policy anyway. (Did I paraphrase correctly, Alan?)<o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Thanks,<o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">--Greg<o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">RAA 3.3.5: “In providing query-based public access to registration data as required by Subsections 3.3.1 and 3.3.4, Registrar shall
not impose terms and conditions on use of the data provided, except as permitted by any Specification or Policy established by ICANN. Unless and until ICANN establishes a different Consensus Policy, Registrar shall permit use of data it provides in response
to queries for any lawful purposes except to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, postal mail, facsimile or other means of mass unsolicited, commercial advertising or solicitations to entities other than the data
recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of any Registry Operator or ICANN-Accredited registrar, except as reasonably necessary to register domain names or modify
existing registrations.”<o:p></o:p></span></span></p>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:10.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></span></p>
</div>
<p class="MsoNormal"><span style="mso-bookmark:_MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><o:p> </o:p></span></span></p>
<span style="mso-bookmark:_MailEndCompose"></span>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> <a href="mailto:gnso-rds-pdp-wg-bounces@icann.org">gnso-rds-pdp-wg-bounces@icann.org</a> [<a href="mailto:gnso-rds-pdp-wg-bounces@icann.org">mailto:gnso-rds-pdp-wg-bounces@icann.org</a>]
<b>On Behalf Of </b>Lisa Phifer<br>
<b>Sent:</b> Wednesday, December 14, 2016 9:54 AM<br>
<b>To:</b> RDS PDP WG <<a href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a>><br>
<b>Subject:</b> [gnso-rds-pdp-wg] Input requested: RDS PDP WG Poll on Purpose - 13 December<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Dear all,<br>
<br>
During the 13 December RDS PDP WG call, we started deliberation on the following charter question and sub-question:<br>
<br>
<i>2. Who should have access to gTLD registration data and why?<br>
2.1 Should gTLD registration data be accessible for any purpose or only for specific purposes?
<br>
<br>
</i>focusing first on how these questions apply to "thin data."<br>
<br>
To give all WG members an opportunity to share opinions about concepts that surfaced during this call, we have launched the following poll:<br>
<br>
<a href="https://www.surveymonkey.com/r/6BMJLB2">https://www.surveymonkey.com/r/6BMJLB2<br>
<br>
</a>Poll participation is optional, but sharing your thoughts through this poll will help us organize inputs for continued deliberation.<br>
<br>
All poll responses received by COB Saturday 17 December will be aggregated and used as input to the next WG call.
<br>
<br>
Best regards,<br>
Lisa<o:p></o:p></p>
</div>
</div></blockquote></body></html>