[IAG-WHOIS conflicts] Response to final report
Stephanie Perrin
stephanie.perrin at mail.utoronto.ca
Mon Nov 23 03:36:39 UTC 2015
Thanks very much Holly....NCSG was also unfortunately late in its
comments. There is too much going on at the moment....
Stephanie Perrin
On 2015-11-22 14:38, Holly Raiche wrote:
> The following is an informal statement that represents the view of
> many of the ALAC members. We simply did not have the bandwidth or
> time to formally approve this statement, so it cannot be considered as
> a formal ALAC response. That said, this issue has been discussed and
> does have support within ALAC. Again, my apologies in not managing to
> have the time for this to go through formal ALAC processes. I’m
> happy to take any questions on its content.
> Holly
>
> The ALAC has deep concerns with the Implementation Advisory Group’s
> proposed alternative ‘triggers’ and supports the “Minority Views’ of
> Stephanie Perrin and Christopher Wilkinson.
> The original goal of this policy (concluded by the GNSO in November
> 2005) was to develop procedures that could reconcile mandatory laws on
> privacy with the requirements on registries and registrars under
> contract with ICANN for the collection, display and distribution of
> WHOIS personal information.
> Unfortunately, the Task Force charged with implementing the policy
> adopted a ‘solution’ that is virtually unworkable and has never been
> used. Under the ‘solution’ the registrar/registry should notify ICANN
> within 30 days of situations (an inquiry, litigation or threat of
> sanctions) when the registry/registrar can demonstrate that it cannot
> comply with WHOIS obligations due to local or national privacy laws.
> There are two fundamental reasons why the policy is unworkable. The
> first is the bizarre outcome that registrars and registries must seek
> ICANN permission to comply with their applicable local laws. The
> second obvious flaw is that it means registrars/registries must wait
> until there is an ‘inquiry or investigation etc of some sort before
> the process can be triggered.
> This Implementation Working Group (IWG) was formed to ‘ consider the
> need for changes to how the procedure is invoked and used’. The
> difficulty with that approach is that it does not address the basic
> flaws in the processes proposed: it still assumes that ICANN has a
> role in determining registry/registrar compliance with applicable
> local law and it still believes that solution lies in legal events
> that ‘trigger’ a resolution process.
> The ISG report proposes an “Alternative Trigger’ (Appendix 1) or a
> Written Legal Opinion (Dual Trigger) (Appendix 2). The Alternative
> Trigger process is far simpler and preferable. Indeed, the language
> suggests that the process might be used to reconcile ICANN WHOIS
> requirements with relevant privacy law more generally, and not on just
> on a case by case basis.
> There are, however, difficulties with the Alternative Trigger
> proposal, as follows.
>
> * It relies on advice from law firms (whose advice would not bind
> the relevant privacy agency), or on agencies themselves (who are
> most often reluctant to provide such advice)
> * The onus is on individual registries/registrars to invoke the
> process. There are many smaller registries/registrars that would
> not have the resources to fund such advice, particularly if it is
> needed on a case by case basis
> * Because laws/regulations on the handling of personal information
> vary from area to area (whether national or regional), different
> registries/registrars will be bound by different sets of
> requirements – in order to comply with the same contractual terms
> * It is also not clear why GAC advice is included in both proposed
> ‘triggers’. The expertise of individual GAC members relates to
> ICANN’s remit: domain names, IP addresses and protocols.
>
> The ALAC supports both of the proposals made by Christopher Wilkinson
> (Appendix 4) which address the issues raised . The first is – at the
> least – a ‘block exemption’ for all registries/registrars in the
> relevant jurisdiction. This would eliminate the ‘case by case’
> approach to the issue and provide certainty for all
> registries/registrars (whether large or small) in that area.
> A better approach is his call for a ‘best practice’ policy on the
> collection, retention and revealing of WHOIS information. This would
> ensure that, regardless of the jurisdiction of the
> registrar/registries – and registrants – all would receive the same
> privacy protection.
>
> Holly Raiche
> Carlton Samuels
>
>
> _______________________________________________
> Whois-iag-volunteers mailing list
> Whois-iag-volunteers at icann.org
> https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/whois-iag-volunteers/attachments/20151122/79377970/attachment-0001.html>
More information about the Whois-iag-volunteers
mailing list