FW: [council] Regarding data collected and the purpose of collecting data

Philip Sheppard philip.sheppard at aim.be
Wed Apr 12 08:10:20 UTC 2006 

Mawaki, you ask some direct questions. Here are my replies.

Q1. If I understand well, are you saying that your proposed definition of the purpose for
which the data is collected does not imply that the WHOIS data must remain publicly
accessible?
A: Correct. These are separate issues.

Q2. It turns out to be that, whether you like it or not, the objective of this policy
development and TF is to address the issue of the WHOIS data being made public, as any one
can clearly see from the three points of the ToR recalled by Ross:
a) Figure out if the current data being published is appropriate (whether it should be
broadened or narrowed)
b) Figure out if all of this data should be made public.
c) Specify how data that is not being made public can be accessed.

A: YES. This is exactly the issue. Different people are making different starting
assumptions. But my assumption is a different sequence to Ross's. 

a) Define the purposes for which we want data.   b) THEN, determine access to that data
taking into account privacy needs. (I am absolutely in favour of data privacy - my own
included!).

Q3. Do you think the question of determining whether the WHOIS data must be publicly
available or not (as your refined proposal remains silent on this, while it was the job of
the TF to find out), so do
you think it is a question the GNSO Council should not bother asking?
A: This is a key question for the GNSO.

Q4. Do you think it ICANN's mission to cater for law enforcement, just because there might
be unlawful deeds over the Net? 

A: ICANN's earliest and most successful consensus policy is the UDRP. That is all about
fairness and consumer protection.We cannot ignore this key issue. If we do governments will
rightly condemn us.If we have no interest in this why did we start the PDP? 

Q5. Don't you think the law provides, or can provide, enough itself with the means of its
own enforcement, so that it doesn't need ICANN to take on the mission of a surrogate for law
enforcement?
A: We are seeking to make the way we are now using WHOIS compliant with law, not vice versa.
Under EU data protection laws (and most other such laws) it is illegal to use data for any
purpose other than that for which it was originally collected. So if we as ICANN say WHOIS
data is only for purposes of connectivity, we are saying it should never be used for reasons
of consumer/user protection. At this point we have to rely on the hundreds of diverse
Registrar and reseller contracts to get the wording right. I trust Ross's organisation. I
trust my own registrar. I don't trust all of them. That is to my mind a lack of due
diligence.

Philip

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/council/attachments/20060412/a897131e/attachment.html>

More information about the council mailing list