[CPWG] ICANN orgs responds to digital Services Act initiative Public Consultation launched by European Commission

[Lutz Donnerhacke]

> This is a welcome, good and balanced response by ICANN to the WHOIS
> damage caused by GDPR.

The damage was not done by GDPR, it was done by ICANN as they insist on a
centralized model despite different approaches were given. The major pitfall
of the centralized approach is the assumption, that there could be a
worldwide, consistent law for this purpose.

Whois allows delegation of data to different servers under different
jurisdictions, so each registrar can run a whois server in his own local law
area and serve the registrants directly from there. Data collection on
direct contracts are legal under local law, so no problem here.

Then the registrar orders the domain from the registry, which in turn is a
different contract, and can be handled by the registry whois server. This
data collection (about the registar!) is legal, too.

ICANN has contracts with registries to handle TLDs, which is operated by
IANA. Consequently, if you ask whois.iana.org for anything, it will respond
with the details of the contracted registry and a delegation to the registry
whois server.

This is well known to ICANN, but they decided to ignore all legal and lawful
issue in order to please the law enforcement agencies (which are too lazy to
fill out the legally required forms for data access), the IP property
companies (which consider themselves as the private part of the LEAs), and
the domain marketing industry (which likes bulk access for wet Big Data
Dreams).

So GDPR is not the cause of the problem. It only makes a long standing
ignorance of ICANN public. So please do not shot the messenger.

Thank you.