[RDS-WHOIS2-RT] WHOIS Information Must Remain Available

[Carlton Samuels]

That's how I read it too. More to point, if you extract meaning from use
cases specifically mentioned, 'easy access' to data that is currently
available.

To even individual Internet users.

-Carlton


==============================
*Carlton A Samuels*

*Mobile: 876-818-1799Strategy, Planning, Governance, Assessment &
Turnaround*
=============================

On Mon, Jan 29, 2018 at 6:49 PM, <Cathrin.BAUER-BULST at ec.europa.eu> wrote:

> I found the full excerpt to be a bit more balanced but indeed the gist of
> it is "easy access".
>
> Best regards
> Cathrin
>
> *Available here:* *https://www.ntia.doc.gov/speechtestimony/2018/remarks-assistant-secretary-redl-state-net-2018
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ntia.doc.gov_speechtestimony_2018_remarks-2Dassistant-2Dsecretary-2Dredl-2Dstate-2Dnet-2D2018&d=DwMGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=OXAmtSkabJcE3LcLyRxBuuh5gIbOIs3sSIA-yo7vmZY&s=as5QekVHDjDyEqbIIZQ_VpN17ZKdBqu57UISNDB0ZXk&e=>*
>
>
>
> *Remarks of David Redl*
> * Assistant Secretary of Commerce for Communications and Information State
> of the Net 2018 Washington, D.C.January 29, 2018*
>
> *--As Prepared for Delivery--*
>
> Thank you. It's great be here at State of the Net once again. I want to
> thank Tim Lordan for inviting me, and also offer him congratulations for
> the exciting program he's put together for today. Two items on the agenda
> stand out for me, personally - the excellent cybersecurity panel featuring
> NTIA's own Evelyn Remaley, and the discussion between Robert McDowell and
> my old boss, Chairman Walden.
>
> For my time today, I'd like to lay out some of NTIA's early international
> policy priorities in the new Administration. We plan to be aggressive in
> advocating for U.S. interests and values in our engagement across the
> globe, at ICANN, the International Telecommunication Union and other fora.
> I'll also discuss the Department of Commerce's cybersecurity work,
> including our efforts to improve the security of the Internet of Things and
> 5G networks, and the Administration's plan to counter the threat of botnets.
>
> The Internet has become what it is today in part because of a
> longstanding, bipartisan consensus around the principle of
> multi-stakeholder policymaking and standards development - the idea that
> all stakeholders should participate in open and transparent decision-making
> processes. We must continue to fight for this principle - for an Internet
> that is open, interoperable, and governed through collaboration between all
> stakeholders.
>
> Right now, NTIA has two main priorities internationally. The first is the
> preservation of the WHOIS service, which has become one of NTIA's most
> pressing issues related to ICANN over the last several months.
>
> If you don't know much about the WHOIS service, it is an incredibly
> valuable tool for governments, businesses, intellectual property rights
> holders, and individual Internet users around the world. Put simply, WHOIS
> is a service that provides easily accessible information about the entities
> that purchase and manage domain names.
>
> This information is often the starting point for law enforcement agencies
> when investigating malicious online activity, and for private-sector and
> government actors seeking to protect critical systems from dangerous
> cyberattacks, which are growing more frequent all the time. I mentioned our
> work on botnets -we know that those on the front lines of botnet mitigation
> rely on WHOIS information to do their work effectively.
>
> WHOIS information is also valuable for combatting infringement and misuse
> of intellectual property, and for savvy consumers looking to ensure that
> the website they're visiting is legitimate. This is a simple service, but
> it's a cornerstone of trust and accountability for the Internet.
>
> Those of you who participate in ICANN know that WHOIS has been under
> constant review and the subject of debate for years.  However, its
> essential character has not changed much since its inception in the early
> '80s.  This is for a good reason - its utility remains critically important
> to those who rely upon it.
>
> Over the last few months, however, this service's essential character has
> been threatened. In response to the European Union's General Data
> Protection Regulation - or GDPR - ICANN initiated a process to assess how
> this rule could affect WHOIS, given that it includes limited personal
> information about individuals with registered domains.
>
> Here are the facts: the text of the GDPR balances the interests of
> cybersecurity, law enforcement, and consumer protection, and many European
> officials have noted that limited changes to the WHOIS would be necessary
> to achieve GDPR compliance. Still, there are some who are trying to take
> advantage of the situation by arguing that we should erect barriers to the
> quickly and easily accessible WHOIS information. Some have even argued that
> the service must go dark, and become a relic of the Internet's history.
>
> Today, I would like be clear -- the WHOIS service can, and should, retain
> its essential character while complying with national privacy laws,
> including the GDPR. It is in the interests of all Internet stakeholders
> that it does. And for anyone here in the U.S. who may be persuaded by
> arguments calling for drastic change, please know that the U.S. government
> expects this information to continue to be made easily available through
> the WHOIS service.
>
> Our second priority area is making preparations for the International
> Telecommunication Union's treaty-making conference - the ITU
> Plenipotentiary - scheduled for October.
>
> I believe the United States needs to press for changes to the ITU,
> including establishing effective membership oversight of the ITU's
> finances. This is particularly important given that the United States is
> currently one of the two largest donors to the institution. We will also
> need to fight against the continued efforts to aggressively move the ITU
> beyond its limited mandate and into Internet-related and cybersecurity
> matters.
>
> We need an ITU that can effectively and efficiently perform its vital
> functions in the area of radio communications, and one that fosters, rather
> than hinders, pro-competitive policies for telecommunications, particularly
> in developing countries.
>
> As many if you know, the ITU has five elected positions: Director General,
> Deputy Director General, and the Directors of the three Bureaus of the
> ITU.  I am pleased to reiterate NTIA's strong support for the candidacy of
> Doreen Bogdan-Martin as Director of the ITU Telecommunications Development
> Bureau. The D-Sector as it is generally known is the part of the ITU that
> brings connectivity to parts of the world that have yet to realize the
> economic and societal benefits of the connectivity that many of us take for
> granted.  Ms. Bogdan-Martin is a former NTIA official, a veteran of the
> ITU's processes, and I am certain that Doreen would make an outstanding
> director of the D-sector.
>
> Going forward, NTIA remains committed to working with the Internet
> community. In particular, there are four areas we think are especially
> important. The first is the free flow of information, second is the
> multi-stakeholder approach to Internet governance, third is privacy and
> security, and the fourth is emerging technology.
>
> The free flow of information online is a bedrock American principle, and
> access to information and freedom of expression are basic human rights.
> Still, governments around the world are increasingly blocking access to
> websites and content, curtailing online freedoms, or even shutting down the
> Internet entirely.
>
> In other cases, governments are imposing top-down, heavy-handed
> intergovernmental regulation of the Internet. In the past few years, we've
> seen court rulings that have forced American companies to remove
> information that would have been considered protected speech in the U.S.
> These sorts of restrictions threaten economic growth and the social and
> educational benefits of the Internet - and they must be opposed.
>
> A second focus area is: How can NTIA continue to support and promote the
> multi-stakeholder approach to Internet governance? We'll be asking
> stakeholders about ICANN. What, in addition to GDPR, should be NTIA's
> priorities within the Governmental Advisory Committee? Are there any other
> Domain Name System-related activities NTIA should pursue?
>
> We plan to continue our longstanding engagement in the Internet Governance
> Forum at the United Nations - the premier global forum of multi-stakeholder
> dialogue on cross-cutting Internet policy issues. But there is always room
> for improvement. We're seeking input on the opportunities and challenges
> that the IGF faces, and how we can we raise national awareness about the
> IGF and its contributions to the Internet governance discussion globally.
> We want to know what we can do to help lower barriers to participation.
>
> Third, we'll ask for thoughts on how to leverage NTIA's resources to
> better shore up cybersecurity and online privacy.  I'll speak more about
> the Commerce Department's current cybersecurity work in a moment, but I
> hope this meeting is an opportunity for the community to weigh in on what
> we're doing and to help us identify areas where the Department of Commerce
> could be even more impactful.
>
> Finally, NTIA, as part of the Department of Commerce, always seeks input
> on the Department's work on emerging technologies. Commerce has led the
> U.S. government when it comes to new and emerging technologies.  But that
> leadership requires continued engagement from American industry, and from
> all of you.  In order to ensure that American entrepreneurs are able to
> take risks and to find global markets for their digital products and
> services, we need to make sure that we're charting the right path.  On such
> issues as artificial intelligence, blockchain, and 5G, we're looking for
> industry to help us make the right choices as a government.
>
> As I noted, cybersecurity is a key priority for the Department of Commerce
> and this Administration. As many of you know, last May, the President
> issued an Executive Order on Strengthening the Cybersecurity of Federal
> Networks and Critical Infrastructure. Among other items, the Order sought
> to promote action against botnets and other automated, distributed threats.
> Botnet attacks can be extremely damaging, and they put the broader Internet
> and its users at risk.
>
> The Departments of Commerce and Homeland Security were asked to identify
> actions that can be taken by stakeholders - recognizing that we cannot
> solve this through government regulation. Earlier this month, the
> Departments issued a draft report on enhancing resilience against botnets.
> We relied on an open and transparent process to generate the ideas in the
> report, and I want to thank those of you here who participated. The report
> outlines a positive vision for the future, as well as five complementary
> goals that would improve the resilience of the Internet. It also suggests
> supporting activities to be undertaken by both government and private
> sector actors.
>
> Botnet attacks are a global problem - no single government or sector can
> solve it in isolation. Any solution will require the entire ecosystem
> acting in concert. But we aren't starting from scratch. There are effective
> tools available today can mitigate these threats, but they are not widely
> used. Changing this will require more education and awareness, as well as
> an alignment of market incentives that will find a sweet spot between
> security and convenience.
>
> Behind the scenes, there was a lot of collaboration between various
> government agencies as this report was being drafted. Combined with
> essential input from the private sector, we now know that there is a common
> understanding about what we need to do, and where we need to go to make
> this positive future a reality. If you haven't already, I encourage you to
> read the report and provide us feedback - you can find the request for
> comments on our website. There will also be a workshop hosted by Department
> of Commerce next month at NIST's National Cybersecurity Center of
> Excellence. Commerce will incorporate the comments we receive into the
> report before delivering the final version to the President in May.
>
> In a parallel effort, Commerce has been working to foster a more secure
> Internet of Things environment. Late last year, stakeholders in one of
> NTIA's open multi-stakeholder processes developed a series of documents on
> IoT security and patching. Some great products came out of that process,
> including a high-level specification of the components of an IoT security
> update, and suggestions for how manufacturers can communicate
> "patchability" to consumers.  We will continue to engage with the IoT and
> security communities to promote the principles and ideas within those
> documents.
>
> This year, Commerce will be working on software component transparency,
> with a particular eye toward the third-party components used in IoT
> devices.  Most modern software is not written completely from scratch, but
> includes existing components, modules, and libraries from the open-source
> and commercial software world. Products are being developed quickly, and in
> a dynamic IT marketplace, it can be a challenge to track the use and
> security of these software components.
>
> The growth of the Internet of Things makes this challenge all the more
> difficult. In addition to the increased number of devices, more traditional
> vendors are assuming the role of software developers to add "smart"
> features or connectivity to their existing products.
>
> While the majority of libraries and components do not have known
> vulnerabilities, some do, and the sheer quantity of software means that
> products will ship with vulnerable or out-of-date components.
>
> Transparency can be an important tool here. It can reward vendors that can
> demonstrate a secure development process, and help defenders understand
>
>
>
> -----Original Message-----
> *From: *Carlton Samuels [carlton.samuels at gmail.com]
> *Received: *29. Jan, 23:34
> *To: *RDS WHOIS2-RT List [rds-whois2-rt at icann.org];
> registration-issues-wg at atlarge-lists.icann.org [registration-issues-wg@
> atlarge-lists.icann.org]; lac-discuss-en at atlarge-lists.icann.org [
> lac-discuss-en at atlarge-lists.icann.org]
> *Subject: *[RDS-WHOIS2-RT] WHOIS Information Must Remain Available
>
>
> ...never mind the GDPR purists, says our Uncle Sam.
>
> https://domainnamewire.com/2018/01/29/u-s-gov-whois-info-
> must-remain-available/
>
> -Carlton
>
>
> ==============================
> *Carlton A Samuels*
>
> *Mobile: 876-818-1799 <(876)%20818-1799> Strategy, Planning, Governance,
> Assessment & Turnaround*
> =============================
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/rds-whois2-rt/attachments/20180129/e9cd7c45/attachment-0001.html>