<div dir="ltr">Can someone clearly and plainly explain why social media exposure is permissible but whois is not, given that both have privacy settings that can be invoked<div><br></div><div>there is no logical consistency for why social media is fine as-is but whois must be locked down. This only makes sense logically if the privacy controls youall offer to your customers are broken and do not legally qualify as obtaining consent. so please explain</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Sep 26, 2017 at 12:13 PM, Dotzero <span dir="ltr"><<a href="mailto:dotzero@gmail.com" target="_blank">dotzero@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>You are raising a different discussion/issue Andrew. A discussion of what the working group thinks is appropriate is a different discussion vs assertions as to the legal requirements from various jurisdictions as to what we are obliged to do.<br><br>I keep on hearing law invoked and therefore asked what precedent there is specific to whois and CBDF. It's a straight forward question and with the various privacy and legal experts on the list, one that should be easily answered if there are precedents specific to whois out there. Volker threw up a laundry list of references that don't really apply to the question I asked. <br><br></div>Michael Hammer<br><div class="gmail_extra"><br><div class="gmail_quote"><span class="">On Tue, Sep 26, 2017 at 11:12 AM, Andrew Sullivan <span dir="ltr"><<a href="mailto:ajs@anvilwalrusden.com" target="_blank">ajs@anvilwalrusden.com</a>></span> wrote:<br></span><div><div class="h5"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class="m_1207958936456866203gmail-">On Tue, Sep 26, 2017 at 10:59:15AM -0400, Dotzero wrote:<br>
> predecessor regulations have been around for quite some time and if the<br>
> whois privacy issues we have been debating are truly a significant problem<br>
> to the extent that some represent them to be, I would expect that there<br>
> would have been at least some sort of precedents specific to whois.<br>
<br>
</span>I think that, regardless of any legal cases, the current whois leaks<br>
way too much information. ICANN has an enormous bureaucracy around<br>
"whois accuracy" partly (but only partly) because ordinary people<br>
don't want to pay extra to keep their home telephone numbers off from<br>
being wide open on the Internet, so they lie about it. There is _no<br>
reason_ that we are still using an ancient protocol that was designed<br>
for a completely different network environment.<br>
<br>
The IAB recommends, in RFC 6973, that protocols do something about<br>
data minimization (see section 6.1). The evidence we have is that<br>
greater exposure of data provides a vector for attacks we haven't even<br>
thought about. Therefore, we should not expose data to everyone<br>
unless we are sure that it is necessary (and some of this data _is_<br>
necessary to expose to everyone); and we should be able to track who<br>
got the data if we're exposing data that is not published to everyone.<br>
<br>
I don't think any of this should be news, and I think it is really<br>
strange that we seem still to be discussing whether it is something we<br>
need to embrace.<br>
<span class="m_1207958936456866203gmail-"><br>
Best regards,<br>
<br>
A<br>
<br>
<br>
--<br>
Andrew Sullivan<br>
<a href="mailto:ajs@anvilwalrusden.com" target="_blank">ajs@anvilwalrusden.com</a><br>
______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a><br>
</span><a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/l<wbr>istinfo/gnso-rds-pdp-wg</a><br>
</blockquote></div></div></div><br></div></div>
<br>______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a><br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature">_________________________________<br>Note to self: Pillage BEFORE burning.</div>
</div>