<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body dir="auto">
<div>+1 Allison<br>
<br>
Marina A. Lewis
<div>(415) 290-1245</div>
<div><a href="mailto:marina@dns-law.com">marina@dns-law.com</a></div>
</div>
<div><br>
On May 31, 2017, at 4:04 PM, allison nixon <<a href="mailto:elsakoo@gmail.com">elsakoo@gmail.com</a>> wrote:<br>
<br>
</div>
<blockquote type="cite">
<div>
<div dir="ltr">Your e-mail stated:<br>
>>Data that is gleaned from a file related to an individual, ie in this case their registration data, even if it is nameservers and the like, is their personal data.
<div><br>
</div>
<div>And it was stated in support of restricting public access to this information. </div>
<div><br>
</div>
<div>Eliminating the other data elements may make troubleshooting harder, but eliminating nameservers on the basis of privacy means the registrars won't be able to disseminate it at all, and it will literally break the Internet. Were you thinking of the absurd
possibilities when you wrote it?</div>
<div><br>
</div>
<div>Your references don't change the fact of how DNS resolution works. If you're going to object to that characterization, then I formally object to this one, which is similar to the sentiment that has underpinned this group since the beginning:<br>
</div>
<div><br>
</div>
<div>>>At a time when increasing imbalance in ‘informational power’, when governments and business organizations alike amass hitherto unprecedented amounts of data about individuals, and are increasingly in the position to compile detailed profiles that will
predict their behavior (reinforcing informational imbalance and reducing their autonomy), it is ever more important to ensure that the interests of the individuals to preserve their privacy and autonomy be protected.</div>
<div><br>
</div>
<div>In the context of WHOIS, it's ridiculous borderline conspiracy theory. A tiny percent of the population owns any domains, and an even smaller percent disclose anything in the WHOIS. This isn't intrusive like ad tracking or companies selling health data.
This is information that people enter when they stake a claim in a public space. Blinding defenders from being able to judge if we want to interact with inbound traffic reduces our autonomy and only empowers the massive problem of abuse. Mischaracterizing
public WHOIS info, which has been public for decades, as some sort of scandalous leak of data is ridiculous. It also falsely shades the motivations of the people who are asking for it to remain open. The truth is that this data is useless for what is insinuated,
and we aren't asking to keep the data open so we can snoop on some dissident by knowing what their junk email and domain creation date is. </div>
<div><br>
</div>
<div>And just because someone in the world is(and they certainly are), it doesn't mean we must shut down the whole system.</div>
<div><br>
</div>
<div>On top of that, no one is forced to disclose damaging info. If you want to use an ICANN domain, fill out the form. If you don't want to, get an .onion, get a dynamic domain, go somewhere else. Or use WHOIS privacy. Or use junk info.</div>
<div><br>
</div>
<div>You can demand respect, but many arguments in this group do not inspire respect. </div>
<div>
<ul>
<li>When people claim to be concerned about spam as a motivation for eliminating WHOIS, and then don't listen when actual anti-spam people tell them it will destroy a major tool in the fight against spam, that does not inspire respect. </li><li>When people propose to put basic functionality on the chopping block, that does not inspire respect. <br>
</li><li>When theoretical edge cases are dreamed up as rebuttals to real and frequent issues, that does not inspire respect.</li><li>When anti-abuse is judged as anathema to privacy and are disrespected, that does not inspire respect.</li></ul>
<div>I along with many other security professionals here are not opposed to following the law. Collectively much of our work involves ensuring compliance with the law, including privacy laws, HIPAA, data breach laws, et cetera. Despite frequently being mischaracterized
as wannabe cops by list members, we are not cops. We actually implement the protection of privacy, including the need to prevent data breaches- which can incur massive fines thanks to some privacy laws. Yet here we are, butting heads with "privacy experts",
who by and large don't want to hear about operational issues or the wider impact of their narrow agenda.</div>
</div>
<div><br>
</div>
<div>This observation isn't solely about you personally, and your work history is irrelevant here. It is an observation about the group as a whole since I became active. This isn't privacy versus security. This is quite literally, privacy versus privacy. And
one side of the argument has operational experience. Security in the Internet sense involves- confidentiality, integrity, and availability. And most efforts are focused on the first item. We are not the NSA hunting terrorists or tapping phones or whatever
youall imagine we are. We are trying to prevent data breaches and identity theft and phishing and quite literally everything that privacy laws are written to address. That's why these arguments are so ridiculous.</div>
<div><br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, May 31, 2017 at 3:42 PM, Stephanie Perrin <span dir="ltr">
<<a href="mailto:stephanie.perrin@mail.utoronto.ca" target="_blank">stephanie.perrin@mail.utoronto.ca</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<p><font size="+1"><font face="Lucida Grande">I would like to formally object to this kind of characterization of the people who are working in good faith on this working group: "self-proclaimed privacy advocates". I can only speak for myself, so I will do
only that.....I am not a self-proclaimed privacy advocate. I have been working as a privacy professional since 1984, when I became one of the first privacy coordinators for the Department of Communications of Canada. I was the first president in 1986 of
CAPA, the privacy professionals association which we formed and which collaborated for many years with ASAP, the US equivalent. I could go on and on and if you require references as to whether or not our views should be accepted as having merit, regardless
of whether you agree with them or not, I am happy to provide them. But please, let us treat one another with a bit more respect.</font></font></p>
<span class="HOEnZb"><font color="#888888">
<p><font size="+1"><font face="Lucida Grande">Stephanie Perrin</font></font><br>
</p>
</font></span>
<div>
<div class="h5"><br>
<div class="m_-3414513183451100299moz-cite-prefix">On 2017-05-31 13:39, allison nixon wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Good faith does not excuse ignorance. Such a mistake reveals the extreme tunnel vision by many self proclaimed privacy advocates here. It shows why they butt heads with people who work every day in the trenches to actually protect privacy of
real- not theoretical- victims. </div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, May 31, 2017 at 1:30 PM, Jeremy Malcolm <span dir="ltr">
<<a href="mailto:jmalcolm@eff.org" target="_blank">jmalcolm@eff.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">Again, I really think we need to dial down the level of sarcasm here. The proportionality proposal was made in good faith.<br>
<br>
However, I'm from a privacy advocacy organization and even I have agreed that there are operational problems with any proposal to limit unauthenticated access to thin WHOIS data. I agree that while privacy is an absolutely key principle to be upheld, so is
the generativity of the Internet, and that unauthenticated access to thin WHOIS data, much of which just replicates the information that end users make available through their own nameservers, is part of the permissionless innovation that underpins many real
world Internet applications.
<div>
<div class="m_-3414513183451100299h5"><br>
<br>
<div class="m_-3414513183451100299m_-4927271185857328544moz-cite-prefix">On 31/5/17 10:14 am, allison nixon wrote:<br>
</div>
</div>
</div>
<blockquote type="cite">
<div>
<div class="m_-3414513183451100299h5">
<div dir="ltr">Which includes nameservers, which are collected and propagated by the registrars. If this is deemed sensitive information, then the registrars should be careful sharing that data via other outlets without tight restrictions!</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, May 31, 2017 at 1:09 PM, Michael Peddemors <span dir="ltr">
<<a href="mailto:michael@linuxmagic.com" target="_blank">michael@linuxmagic.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<span>On 17-05-31 10:07 AM, allison nixon wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
the rest of it can't be. You can't put a DNS query behind a EULA. We<br>
can't pretend there are restrictions on this data.<br>
<br>
</blockquote>
<br>
</span>We aren't discussing DNS or any other places that data is available as part of this working group. Only the informed consent of data held in whois thin data.
<div class="m_-3414513183451100299m_-4927271185857328544HOEnZb">
<div class="m_-3414513183451100299m_-4927271185857328544h5"><br>
<br>
<br>
-- <br>
"Catch the Magic of Linux..."<br>
------------------------------<wbr>------------------------------<wbr>------------<br>
Michael Peddemors, President/CEO LinuxMagic Inc.<br>
Visit us at <a href="http://www.linuxmagic.com" rel="noreferrer" target="_blank">
http://www.linuxmagic.com</a> @linuxmagic<br>
------------------------------<wbr>------------------------------<wbr>------------<br>
A Wizard IT Company - For More Info <a href="http://www.wizard.ca" rel="noreferrer" target="_blank">
http://www.wizard.ca</a><br>
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.<br>
------------------------------<wbr>------------------------------<wbr>------------<br>
<a href="tel:604-682-0300" value="+16046820300" target="_blank">604-682-0300</a> Beautiful British Columbia, Canada<br>
<br>
This email and any electronic data contained are confidential and intended<br>
solely for the use of the individual or entity to which they are addressed.<br>
Please note that any views or opinions presented in this email are solely<br>
those of the author and are not intended to represent those of the company.<br>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="m_-3414513183451100299m_-4927271185857328544gmail_signature" data-smartmail="gmail_signature">
______________________________<wbr>___<br>
Note to self: Pillage BEFORE burning.</div>
</div>
<br>
<fieldset class="m_-3414513183451100299m_-4927271185857328544mimeAttachmentHeader">
</fieldset> <br>
</div>
</div>
<span>
<pre>______________________________<wbr>_________________
gnso-rds-pdp-wg mailing list
<a class="m_-3414513183451100299m_-4927271185857328544moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a>
<a class="m_-3414513183451100299m_-4927271185857328544moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank">https://mm.icann.org/mailman/l<wbr>istinfo/gnso-rds-pdp-wg</a></pre>
</span></blockquote>
<pre class="m_-3414513183451100299m_-4927271185857328544moz-signature" cols="72">--
Jeremy Malcolm
Senior Global Policy Analyst
Electronic Frontier Foundation
<a class="m_-3414513183451100299m_-4927271185857328544moz-txt-link-freetext" href="https://eff.org" target="_blank">https://eff.org</a>
<a class="m_-3414513183451100299m_-4927271185857328544moz-txt-link-abbreviated" href="mailto:jmalcolm@eff.org" target="_blank">jmalcolm@eff.org</a>
Tel: <a href="tel:%28415%29%20436-9333" value="+14154369333" target="_blank">415.436.9333 ext 161</a>
:: Defending Your Rights in the Digital World ::
Public key: <a class="m_-3414513183451100299m_-4927271185857328544moz-txt-link-freetext" href="https://www.eff.org/files/2016/11/27/key_jmalcolm.txt" target="_blank">https://www.eff.org/files/2016<wbr>/11/27/key_jmalcolm.txt</a>
PGP fingerprint: 75D2 4C0D 35EA EA2F 8CA8 8F79 4911 EC4A EDDF 1122</pre>
</div>
______________________________<wbr>_________________ gnso-rds-pdp-wg mailing list
<a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer" target="_blank">
https://mm.icann.org/mailman/l<wbr>istinfo/gnso-rds-pdp-wg</a> </blockquote>
</div>
<div></div>
--
<div class="m_-3414513183451100299gmail_signature" data-smartmail="gmail_signature">
______________________________<wbr>___ Note to self: Pillage BEFORE burning.</div>
</div>
<fieldset class="m_-3414513183451100299mimeAttachmentHeader"></fieldset>
<pre>______________________________<wbr>_________________
gnso-rds-pdp-wg mailing list
<a class="m_-3414513183451100299moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a>
<a class="m_-3414513183451100299moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a></pre>
</blockquote>
</div>
</div>
</div>
<br>
______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature" data-smartmail="gmail_signature">_________________________________<br>
Note to self: Pillage BEFORE burning.</div>
</div>
</div>
</blockquote>
<blockquote type="cite">
<div><span>_______________________________________________</span><br>
<span>gnso-rds-pdp-wg mailing list</span><br>
<span><a href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a></span><br>
<span><a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a></span></div>
</blockquote>
</body>
</html>