[CPWG] [GTLD-WG] Unified Access Model published for community input

mail@christopherwilkinson.eu CW mail at christopherwilkinson.eu
Thu Aug 23 19:06:37 UTC 2018 

Dear Greg Shatan:

Thankyou for this draft. Please find below a few comments on my part. 
May I draw particular attention to the point about no bulk access.

Regards


Christopher Wilkinson


-------------------------------


Proposed Framework for Unified Access Model – GDPR/WHOIS

I would have the following comments and suggestions on the draft that we have received.
They are noted in the order in which they appear in the document, not in the order of importance.
I have focussed on a few high-profile issues. Most of the rest of the draft seems to be quite reasonable, if rather long in this context.

A. Introduction


1. Intellectual Property Rights Holders. (p.3): It would be useful to specify from the beginning that this refers to the individual rights holder of a specific IPR and not to any agent or other third party. This definition should be incorporated into the qualifications for predictable access.


B. Brief Summary…

2. 'appropriate balance… is not over ridden…' (p. 3): This formulation is unsettling. Some parts of the ICANN community seem to still think that the status quo ante was an appropriate balance, whereas it was largely infringing European data protection and privacy law, long before GDPR.

3. Terms of Use (pp 3-4): Speak of 'the eligible user'. It is not clear who are the 'groups', if any.

E. Community Views (p.7):

I can imagine the advantages of the 'decentralized' authentication process, but it should come with certain strict caveats.


* certainly NOT separate authenticating bodies for each type of eligible user group. That would be a classic poacher/gamekeeper situation.


* if decentralization is done on a geographical basis, there should be no extraterritoriality, notably with law-enforcement.

* (NB the use of the word 'returned' is ambiguous to most uninstructed readers; returned by who to whom?)


* The option of a 'centralized repository' (p.14) would doubtless prove to be unfeasible in light of the languages, scripts and jurisdictions involved.

F. Summary Description:

'User groups might include IPR holders' (p.9). On the basis of authenticating only the primary right holder, not agents and other third parties.

Who provides access? (p. 10): This has to be BOTH Registries and Registrars. The boundary between the two business categories has become blurred since the flawed vertical integration practice was allowed.

It would be helpful to clarify that in the case of a Registrar holding multiple Registries, where exactly is the WHOIS data retained?

'Scope of data available…' (p.12): We have known for more than 20 years that bulk access breached data protection laws. That ICANN still adumbrates this option is frankly surprising. Strongly recommend deletion of that paragraph (pp. 11-12).

'Terms of use' (pp. 14-15): The proposal provides that data shall not be forwarded to unauthorized third parties, of course. But the paper is silent about the duration of retention and final deletion of accessed data. The authorized users should not be able to accumulate data that they acquire through their access to Whois.

Christopher Wilkinson

23 August 2018

> 
>     El 23 de agosto de 2018 a las 6:25 Greg Shatan <greg at isoc-ny.org> escribió:
> 
>     All,
> 
>     As mentioned on today's CPWG call, ICANN org published a blog earlier this
>     week releasing the proposed Unified Access Model for community input.
> 
>     https://www.icann.org/news/blog/possible-unified-access-model
>     -published-for-community-input
> 
>     The proposal itself can be found here: Draft Framework for a Possible
>     Unified Access Model for Continued Access to Full WHOIS Data – For
>     Discussion
>     <https://www.icann.org/en/system/files/files/framework-elements-unified-access-model-for-discussion-20aug18-en.pdf>
> 
>     I am the penholder on this comment. Please reply to this email if your are
>     interested in commenting. Thanks!
> 
>     Greg
>     --
>     Greg Shatan
>     greg at isoc-ny.org
> 
>     "The Internet is for everyone"
> 
>     _______________________________________________
>     CPWG mailing list
>     CPWG at icann.org
>     https://mm.icann.org/mailman/listinfo/cpwg
> 
>     _______________________________________________
>     GTLD-WG mailing list
>     GTLD-WG at atlarge-lists.icann.org
>     https://atlarge-lists.icann.org/mailman/listinfo/gtld-wg
> 
>     Working Group direct URL: https://community.icann.org/display/atlarge/New+GTLDs
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/cpwg/attachments/20180823/4759137e/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cw comments.pdf
Type: application/pdf
Size: 74180 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/cpwg/attachments/20180823/4759137e/cwcomments-0001.pdf>

More information about the CPWG mailing list