[CCWG-ACCT] Proposed WHOIS language

Paul Szyndler paul.szyndler at auda.org.au
Wed Sep 2 04:31:49 UTC 2015 

All,

 

I typically lurk on this list but feel compelled to contribute on this
particular issue.

 

I am reminded of a time in the AUSFTA negotiations (in 2003-04, well
before the AoC) where I was one of two Australian bureaucrats facing a
room full of negotiators, including a number of people in suits from
unidentified law enforcement agencies.

Our simple Article in Chapter 17
<http://dfat.gov.au/about-us/publications/trade-investment/australia-unite
d-states-free-trade-agreement/Pages/chapter-seventeen-intellectual-propert
y-rights.aspx>  regarding "Domain Names on the Internet" became a
significant point of contention, over a draft reference to "completeness"
of, and "unrestricted access" to information. Thankfully, we eventually
concluded with a (now familiar to many) commitment that:

 

Each Party shall require that the management of its ccTLD provide online
public access to a reliable and accurate database of contact information
for domain-name registrants.

 

Counterparts from Peru, Singapore, Chile and elsewhere arrived at similar
bilateral agreements (with Chile including an explicit reference to local
laws regarding the protection of personal data)

These limitations on ccTLD-level WHOIS have evolved further in the TPP, as
anyone can find online in leaked versions of the draft Agreement.

ICANN itself (predominantly within the GNSO) has been addressing conflicts
between ICANN contractual requirements and national privacy laws in the
gTLD environment since the turn of the millennium. 

 

In short, the (intentionally provocative) question I have is: during this
time of review and future-gazing, is it appropriate to religiously
advocate dated policy / contract frameworks that already contradict
national privacy legislation in many jurisdictions and numerous bi-lateral
and (potentially) multi-lateral agreements that the USG is itself a party
to? 

 

Regards,

 

Paul

 

 

From: accountability-cross-community-bounces at icann.org
[mailto:accountability-cross-community-bounces at icann.org] On Behalf Of
Stephanie Perrin
Sent: Wednesday, 2 September 2015 12:35 PM
To: accountability-cross-community at icann.org
Subject: Re: [CCWG-ACCT] Proposed WHOIS language

 

May I draw to everyone's attention the fact that there are now 101
national privacy laws in the world. (Greenleaf, 2014).  All input received
from the assembled data commissioners in charge of overseeing compliance
with those laws has indicated that they contradict the next sentence:
Such existing policy requires that ICANN implement measures to maintain
timely, unrestricted and public access to accurate and complete WHOIS
information, including registrant, technical, billing, and administrative
contact information. 

This advice, elaborating how the various components of that sentence are
not in compliance with data protection rights has been sent to ICANN in
various ways since 2000 (I am rounding off there, there were certainly
earlier indications of problems provided from the inception of ICANN).
Does it not seem that it is time to review the wisdom of a policy that
disregards privacy rights?
Kind regards, 
Stephanie Perrin

 

On 2015-09-01 21:31, Steve DelBianco wrote:

Thanks, Bruce.  For comparison purposes, I pasted the CCWG's proposed
language below your text.

 

From: <accountability-cross-community-bounces at icann.org
<mailto:accountability-cross-community-bounces at icann.org> > on behalf of
Bruce Tonkin
Date: Tuesday, September 1, 2015 at 9:24 PM
To: "accountability-cross-community at icann.org
<mailto:accountability-cross-community at icann.org> "
Subject: [CCWG-ACCT] Proposed WHOIS language

 

Below is some suggested language regarding WHOIS reviews for consideration
by the CCWG when considering what to incorporate into the bylaws regarding
the AoC reviews.

 

Note the Board has no plans to cancel the current AoC - so the language in
the AoC -  still stands until the community and NTIA wish to change it.   

 

This language however tries to contemplate an environment where we are
introducing a new gTLD Directory Service as a result of policy development
within  the GNSO, as well as most likely continuing to run the existing
WHOIS service for some time.

 

Regards,

Bruce Tonkin

 

ICANN commits to enforcing its policy relating to the current WHOIS and
any future gTLD Directory Service, subject to applicable laws, and working
with the community to explore structural changes to improve accuracy and
access to gTLD registration data, as well as consider safeguards for
protecting data. 

 

This Review includes a commitment that becomes part of ICANN Bylaws,
regarding enforcement of the current WHOIS and any future gTLD Directory
Service policy requirements.

 

The Board shall cause a periodic Review to assess the extent to which
WHOIS/Directory Services policy is effective and its implementation meets
the legitimate needs of law enforcement, promotes consumer trust, and
safeguards data. 

 

The Review Team shall assess the extent to which prior Review
recommendations have been completed, and the extent to which
implementation has had the intended effect.

 

This periodic Review shall be convened no less frequently than every five
years, measured from the date the Board took action on previous review
recommendations.

_______________________________________________

>From CCWG 2nd draft proposal, page 81:

 

ICANN commits to enforcing its existing policy relating to WHOIS/Directory
Services, subject to applicable laws. Such existing policy requires that
ICANN implement measures to maintain timely, unrestricted and public
access to accurate and complete WHOIS information, including registrant,
technical, billing, and administrative contact information.

 

The Board shall cause a periodic Review to assess the extent to which
WHOIS/Directory Services policy is effective and its implementation meets
the legitimate needs of law enforcement and promotes consumer trust. 

 

This Review will consider the OECD guidelines regarding privacy, as
defined by the OECD in 1980 and amended in 2013.

 

The Review Team shall assess the extent to which prior Review
recommendations have been implemented.

 

This periodic Review shall be convened no less frequently than every five
years, measured from the date the previous Review was convened.






_______________________________________________
Accountability-Cross-Community mailing list
Accountability-Cross-Community at icann.org
<mailto:Accountability-Cross-Community at icann.org> 
https://mm.icann.org/mailman/listinfo/accountability-cross-community

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/accountability-cross-community/attachments/20150902/68b06a31/attachment.html>

More information about the Accountability-Cross-Community mailing list