[council] Regarding data collected and the purpose of collecting data

[Anthony Harris]

Mawaki,

> Here in the US and was registering under gTLDs.

I see, so if your country of residence doesnt protect
your privacy, you want to impose it on the generic
domain name space, which is extra-territorial (a
definition I actually coined from someone in your
own constituency BTW).

> But I don't see what is the equivalent of IACNN (a private
> corporation) by whom the registrar will say they are _required_ to
> publish your personal data. Besides, having an electronic database
> publicly available, is not the same as having the data published in
> hard copy even if the data is stored in an electronic form (and
> governed with privacy/data protection guidelines, e.g. in a country
> like France where I lived several years), but I guess things might
> vary from a country to another...

You are entitled to your opinion of course. However there would
appear to be a worldwide tendency for electronic databases to
be replacing hard copy directories, and thus some similarities
might be detected?

> Well, in my case, it turns out (as I said some time ago) that I used
> to have a very small number of spam on that account, the increase has
> been dramatic short after registering a DN related to that account,
> while at the same time I started getting calls about web site hosting
> (am also addressing here Bruce's remark about this). Eventually, I
> asked the last person who called me where she got my contacts from,
> she said they were given a list and she didn't know, but kindly
> offered that if I wish she could remove my phone contact from the
> list, and they will just send me emails about their services, which I
> accepted. Of course I wouldn't infer as a scientific truth (I
> presented this as a story, and I think it's worth anything you can
> read in newspaper) that that necessarily causes this; for this is
> just one occurrence, and it might be, or not, a coincidence. But in
> the mean time and at my micro-level, I can only say chances are...
>
> Anyway, even if you have evidence that my experience is not
> generalizable (which does not necessary mean the spam increase isn't
> related to the Whois being public, in my specific case), the whole
> argument remains.

So you would have been better off paying the registrar for not
publishing your data ?

Tony Harris


----- Original Message ----- 
From: "Mawaki Chango" <ki_chango at yahoo.com>
To: "Anthony Harris" <harris at cabase.org.ar>; <council at gnso.icann.org>
Sent: Tuesday, April 11, 2006 11:13 PM
Subject: Re: [council] Regarding data collected and the purpose of 
collecting data


> Anthony,
>
> --- Anthony Harris <harris at cabase.org.ar> wrote:
>
>> Mawaki,
>>
>> 1) In what country were you living when you
>>     registered a domain name? Was there no
>>     country code domain you could resort to,
>>     and thus be protected by the national legal
>>     privacy framework?
>
> Here in the US and was registering under gTLDs.
>
>> 2) I beleive that to be unlisted in a phone book,
>>     there is normally a charge?
>
> But I don't see what is the equivalent of IACNN (a private
> corporation) by whom the registrar will say they are _required_ to
> publish your personal data. Besides, having an electronic database
> publicly available, is not the same as having the data published in
> hard copy even if the data is stored in an electronic form (and
> governed with privacy/data protection guidelines, e.g. in a country
> like France where I lived several years), but I guess things might
> vary from a country to another...
>
>> 3) I get 300 spams a day, mostly from Asia, and
>>     I dont have a domain name of any sort, nor am
>>     I listed in any whois database.
>
> Well, in my case, it turns out (as I said some time ago) that I used
> to have a very small number of spam on that account, the increase has
> been dramatic short after registering a DN related to that account,
> while at the same time I started getting calls about web site hosting
> (am also addressing here Bruce's remark about this). Eventually, I
> asked the last person who called me where she got my contacts from,
> she said they were given a list and she didn't know, but kindly
> offered that if I wish she could remove my phone contact from the
> list, and they will just send me emails about their services, which I
> accepted. Of course I wouldn't infer as a scientific truth (I
> presented this as a story, and I think it's worth anything you can
> read in newspaper) that that necessarily causes this; for this is
> just one occurrence, and it might be, or not, a coincidence. But in
> the mean time and at my micro-level, I can only say chances are...
>
> Anyway, even if you have evidence that my experience is not
> generalizable (which does not necessary mean the spam increase isn't
> related to the Whois being public, in my specific case), the whole
> argument remains.
>
> Mawaki
>
>
>> 4) Your repeated references to the problem of access
>>      to data have been exhaustively discussed within the
>>      Whois task force, actually since mid 2001.... Tiered
>>      access for entitled parties is of course a natural solution.
>>      (And we did think of it quite a while back!)
>> 5. The current discussion is constricted to defining the
>>     purpose of Whois, access to data I beleive is a subject
>>     for future discussions?
>>
>> Tony Harris
>>
>> ----- Original Message ----- 
>> From: "Mawaki Chango" <ki_chango at yahoo.com>
>> To: "Council GNSO" <council at gnso.icann.org>
>> Sent: Tuesday, April 11, 2006 8:31 PM
>> Subject: Re: [council] Regarding data collected and the purpose of
>> collecting data
>>
>>
>> > Just a story, and a last reflection on this -
>> >
>> > The last time I registered a domain name, I was informed that to
>> > comply with the ICANN requirements, the registrar will display my
>> > personal data in the WHOIS database which is public. However,
>> they
>> > offered that for additional fee (I forgot the amount, but it was
>> > higher that the registration fee itself), they could keep my data
>> > private to avoid the hassle (spam, etc.) related to the fact that
>> > anyone would access my personal data, otherwise. And reading
>> more, I
>> > realized the fee was not collected per registrant, but per name
>> > registered (even with the same registrar, for each time one
>> > registers, one must provide one's personal data through the same
>> > process), so I decided not to pay that fee, and since then I of
>> > course receive all the spam I can get, etc.
>> >
>> > This story shows that (i) the data can be kept private (and of
>> course
>> > they will be released when requested by legal process), and (ii)
>> > everyone knows that having the data publicly available feeds spam
>> and
>> > alike, and could cause hassle (even threaten authors of dissident
>> > speech in various and unpredicted circomstances).
>> >
>> > I have nothing against people making business out of their
>> innovative
>> > ideas, etc. I just don't think it is ICANN's mission to secure
>> > business opportunities (especially like that one), while for the
>> sake
>> > of it, exposing people's privacy without their consent, and
>> > poptentially people's life.
>> >
>> > Mawaki
>> >
>> >
>> > --- Ross Rader <ross at tucows.com> wrote:
>> >
>> >> Philip originally wrote;
>> >> >>> I agree. It is not my logic. I am NOT making the assertion
>> in
>> >> (2).
>> >> >>> You assume that because a Registrar agreement TODAY requires
>> >> public
>> >> >>> access, that is the status quo upon which we are defining
>> the
>> >> purpose
>> >> >>> of WHOIS.
>> >> >>> In other words you are defining purpose only in the context
>> of
>> >> the
>> >> >>> current means of access.
>> >> >>
>> >>
>> >> <snip>
>> >>
>> >> Ross replied;
>> >> > The implication is quite obviously different than how it
>> appears
>> >> to you.
>> >> > The assumptions made have nothing to do with the status quo,
>> and
>> >> > everything to do with refining the status quo to make it more
>> >> useful and
>> >> > more meaningful to a broader set of participants. This is what
>> >> our
>> >> > policy development processes are all about - change.
>> >> >
>> >>
>> >> Apologies, its early around these parts - this last paragraph
>> >> should
>> >> have read:
>> >>
>> >> The implication is quite obviously different than how it appears
>> to
>> >> you.
>> >> The assumptions made have nothing to do with setting definitions
>> in
>> >>
>> >> terms of the the status quo, and everything to do with refining
>> the
>> >>
>> >> status quo to make it more useful and more meaningful to a
>> broader
>> >> set
>> >> of participants. This is what our policy development processes
>> are
>> >> all
>> >> about - change.
>> >>
>> >
>> >
>> >
>>
>>
>
>
>