[council] RE: Version 2: Proposed motion regarding Personal Data that is collected and retained by registrars

Bruce Tonkin Bruce.Tonkin at melbourneit.com.au
Wed Jul 19 09:50:13 UTC 2006

Note I guess this motion should also have a backward reference as well:

"This motion arose from clause (3) of the  proposed WHOIS motion
discussed during the GNSO Council meeting in Marrakech".

> I propose the following new motion:
> "The GNSO Council notes that, consistent with generally 
> accepted privacy principles, Registrars are required under 
> clause of the Registrar Accreditation Agreement to 
> provide notice to each new or renewed Registered Name Holder stating:
> (i) The purposes for which any Personal Data collected from 
> the applicant are intended;
> (ii) The intended recipients or categories of recipients of 
> the data (including the Registry Operator and others who will 
> receive the data from Registry Operator);
> (iii) Which data are obligatory and which data, if any, are 
> voluntary; and
> (iv) How the Registered Name Holder or data subject can 
> access and, if necessary, rectify the data held about them.
> To further understand the range of purposes for which data is 
> intended, the GNSO proposes the following steps:
> (1) The ICANN staff will review a sample of registrar 
> agreements with Registered Name Holders to identify some of 
> the purposes for which registrars collect Personal Data in 
> the course of registering a domain name for their customers.
> (2) The ICANN staff will review a sample of cctld registry or 
> cctld registrar agreements with registrants to identify some 
> of the purposes for which these organisations collect 
> Personal Data from registrants.
> (3) The ICANN staff will summarise the current material that 
> has resulted from WHOIS discussions since 2002 that document 
> the current uses of the data that is currently made public 
> through the WHOIS service.
> (4) Based on the material produced in steps (1), (2) and (3) 
> above, the Council will undertake a dialogue with the ICANN 
> Advisory Committee's such as the GAC, SSAC and ALAC regarding 
> the purposes for collecting Personal Data, and discuss 
> whether any policy development is required in this area 
> consistent with ICANN's mission and core values.
> The dialogue should seek to examine and understand consumer 
> protection, privacy/data protection and law enforcement perspectives."

More information about the council mailing list