[council] NCUC analysis of WHOIS purpose definitions
Robin Gross
robin at ipjustice.org
Tue Apr 11 03:50:49 UTC 2006
I would like to share with my fellow GNSO Council Members this analysis
regarding the two WHOIS purpose formulations from NCUC member and WHOIS
TASK FORCE member Kathryn Kleiman, who is also a DC attorney:
ICANN has a very narrow technical mission. It is that defined mandate
that gives ICANN its legitimacy. ICANN is the technical coordinator of
the domain name system. Its mission does not extend to the use of a
domain name.
Use is a matter of discretion and balance. What is posted on a website,
what is sent in an email, what is shared in a listserv all involve the
use of a domain name, but far exceed the narrow bounds of ICANN’s work.
It is for countries, by law and treaty, to determine how they want to
share and disclose data if someone does not like the religious or
political content posted on a website, shared in an email, or conveyed
on a list.
Only Formulation 1 continues to keep the purpose of Whois within the
narrow technical scope of “issues related to the configuration of the
records associated with the domain name within a DNS nameserver.” This
use directly involves the registration of a domain name, its resolution,
and technical problems associated directly with DNS issues – powers
clearly given to ICANN.
Revised Formulation 2 gives certain constituencies unlimited access to
personal data for any purpose even remotely related to their Internet
work. While the words “technical” and “networking” resonate nicely in
our ears, the Business and ISP constituencies repeatedly told the Whois
Task Force the broad definition they have for these terms. “Technical”
and “networking” is anything online! It includes any use, question or
concern an ISP or large online business might have about anyone coming
to their website, transacting business with them or even having mail
routed through their servers. ICANN never received unlimited power to
regulate all technical and networking activities online, and it is a
scope few would want it to have.
“Legal issues related to registration or use of a gTLD domain name” is
similarly undefined and unbounded. Any question of content that any
attorney may have is covered by this definition. Should he/she want to
use the Whois personal data to harass, criticize or intimidate a domain
name registrant for content on a website, listserv or email, the
attorney would have the right to do so under Revised Formulation 2
because the content involves “use of a domain name.” Nowhere is there
any standard that the attorney has to state a cause of action or even
present a non-frivolous claim. Any attorney can state a legal issue for
any type of problem (just ask them!) But allowing such action would also
foster intimidation and abuse of all who hold and share minority
opinions online using domain names – minority personal, political and
religious speech could be driven off the Net.
An example of balance between personal data and legal needs occurred in
the US a few years ago. ISPs used to disclose chatroom identities on
demand. Attorneys would come to ISPs claiming that people had defamed
their companies, engaged in violations of insider trading, etc.
Attorneys received the personal data, but it turns out that in many
cases, they were really trying to find out and silence whistleblowers
(those pointing out illegalities in businesses or government contracts),
stop those complaining of workplace harassment, or just harass anyone
who criticized their company’s products or services (even legitimately)
in a chatroom. The legal claims were trumped up.
Now to seek disclosure of chatroom identities in the US, attorneys must
go to court in “John Doe” suits. They must first demonstrate to the
court that they have solid evidence of illegality, a true cause of
action under law, and clear evidence that the chatroom identity they
seek is really the one involved in the unlawful conduct they allege. No
more fishing expeditions or intimidation of speakers.
Formulation 1 provides a similar balance – a purpose for Whois within
the narrow technical DNS mandates of ICANN. The personal data remains in
the hands of registrars for all other legitimate purposes. It is
available for access to resolve all other technical, networking, legal
or social issues or concerns consistent with law and due process.
More information about the council
mailing list