[Gnso-ppsai-pdp-wg] Privacy/Proxy and spam/botnets
Kathy Kleiman
kathy at kathykleiman.com
Mon Jan 20 18:26:17 UTC 2014
Actually, FWIW, I don't think Whois data was intended to be public. When
it was created, as part of the NSFNET, it was information shared in a
trusted network among members of the trusted (and closed) network.
Further, it was never personal or home information. Domain names were
registered largely by universities, e.g., Harvard.edu, and the Whois
data was Scott Bradner's (Harvard IT) and other university IT office
locations (and some government and military agencies) - in a closed
network).
The DNS then expanded broadly in the 1990s, NSF forwarded to the US
Department of Commerce and then it was sent on to the new ICANN (someone
has written about this transition and lack of evaluation of Whois as an
academic piece; Milton I think).
I've spoken with Scott Bradner about this...
Best,
Kathy
>
>> As a European, I believe in data protection and data privacy.
>> Information that needs to be public should be. Information that does
>> not should not. "The public" indeed does not need that data. If you
>> think that is extreme...
>>
>> BTW: I also have an issue with tapping phones, logging connection
>> data, logging private communication, etc.
>>
>> Volker
>>
>> Am 20.01.2014 18:36, schrieb Bob Bruen:
>>> Hi Volker,
>>>
>>> Law Enforcement has been compaining for years about access to whois
>>> and still do. This is just an obstacle thrown up to slow down
>>> finding who the bad actors are. Getting court orders and warrants
>>> just to see who owns a domain (commercial) is way out there. The
>>> information was intended to be public in the first place.
>>>
>>> It appears that you have decided that the general public does not
>>> deserve access to public whois data. Again, I do not know what to
>>> say to something so extreme.
>>>
>>> --bob
>>>
>>>
>>> On Mon, 20 Jan 2014, Volker Greimann wrote:
>>>
>>>> No identities of criminals are effectively protected by privacy
>>>> services, provided they are required to reveal such
>>>> identities to law enforcement of appropriate jurisdiction.
>>>>
>>>> Private individuals, vigilantes or other interested parties on the
>>>> other hand have no real legitimate interest to receive
>>>> data on alleged criminals data unless they want to take matters
>>>> best left to LEAs into their own hands.
>>>>
>>>> There is a reason why even criminals have the right to privacy and
>>>> not to have their full names and likenesses published.
>>>> Heck, in Japan, TV stations even mosaic handcuffs of suspects.
>>>>
>>>> Volker
>>>>
>>>>
>>>> Hi Tim,
>>>>
>>>> The harm is protecting the identities of criminnals. And I
>>>> consider undermining whois a harm, as well
>>>>
>>>> --bob
>>>>
>>>>
>>>> On Mon, 20 Jan 2014, Tim Ruiz wrote:
>>>>
>>>> What are the problems commercial entities that use p/p
>>>> have caused?
>>>>
>>>> On Jan 20, 2014, at 8:11 AM, "Bob Bruen"
>>>> <bruen at coldrain.net> wrote:
>>>>
>>>>
>>>> Hi Volker,
>>>>
>>>> I was merely responding to Stephanie's comments
>>>> about the difficulties, not advocating a
>>>> position.
>>>>
>>>> However, as you are aware, I do advocate barring
>>>> commercial entities from using p/p,
>>>> because the use has already caused harm and we
>>>> should fix that. The providers created
>>>> the problem in the first place, so allowing them
>>>> to continue to control it simply
>>>> continues the problem.
>>>>
>>>> The discussion of all this is the point of this
>>>> group (and other groups).
>>>>
>>>> --bob
>>>>
>>>> On Mon, 20 Jan 2014, Volker Greimann wrote:
>>>>
>>>> I agree that it would be possible to bar
>>>> commercial entities from using p/p
>>>> services, however I am not sure it is the
>>>> sensible thing to do. Certainly, there is
>>>> abuse, but by creating a blanket
>>>> prohibition, i fear more damage will be
>>>> done to
>>>> legitimate interests than good is done to
>>>> illegitimate ones.
>>>> In the end it should be up to the provider
>>>> which categories of clients it
>>>> accepts.
>>>> Volker
>>>> Am 20.01.2014 02:08, schrieb Bob Bruen:
>>>>
>>>> Hi Stephanie,
>>>>
>>>> It is entirely possible to decide to
>>>> bar commercial entities, create a
>>>> definition of "comercial entities" and
>>>> then deal with those which appear to
>>>> problematical.
>>>>
>>>> The fraudsters probably will not be a
>>>> set up as a legitimate bussiness,
>>>> but their sites can be identified as
>>>> spam, malware, etc types and thus
>>>> taking money, therefore a business. I
>>>> am sure there are other methods to deal
>>>> with problem domain names.
>>>>
>>>> In general, exceptions or problems
>>>> should not derail a process.
>>>>
>>>> --bob
>>>>
>>>> On Sun, 19 Jan 2014, Stephanie Perrin
>>>> wrote:
>>>>
>>>> I dont want to keep beating a
>>>> dead horse here....but if there is
>>>> a resounding
>>>> response of "yes indeed, bar
>>>> commercial entities from using P/P
>>>> services", then
>>>> how are you going to propose
>>>> that p/p proxy service providers
>>>> determine who is a
>>>> commercial entity, particularly
>>>> in jurisdictions which have
>>>> declined to regulate
>>>> the provision of goods and
>>>> services over the Internet? I don't
>>>> like asking
>>>> questions that walk us into
>>>> corners we cannot get out of. Do the
>>>> fraudsters we
>>>> are worried about actually apply
>>>> for business numbers and
>>>> articles of
>>>> incorporation in the
>>>> jurisdictions in which they operate? I
>>>> operate in a
>>>> jurisdiction where this
>>>> distinction is often extremely difficult
>>>> to make. THe
>>>> determination would depend on
>>>> the precise use being made of the
>>>> domain
>>>> name....which gets ICANN
>>>> squarely into content analysis, and
>>>> which can hardly be
>>>> done for new registrations, even
>>>> if t were within ICANN's remit.
>>>> I am honestly
>>>> not trying to be difficult, but
>>>> I just have not heard a good
>>>> answer to this
>>>> problem.
>>>> Stephanie Perrin
>>>> On 2014-01-19, at 4:38 PM, Holly
>>>> Raiche wrote:
>>>>
>>>> Jin and all
>>>> I agree with Jim here (and Don
>>>> earlier). The important task here
>>>> is
>>>> agreeing on the questions to be
>>>> asked of the SO/ACs. So we need
>>>> to get
>>>> back to framing the questions -
>>>> not answering them, however
>>>> tempting that
>>>> may be.
>>>>
>>>> So the question of whether
>>>> 'commercial entities' should be barred
>>>> is still
>>>> a useful question to ask. The
>>>> next question would be whether
>>>> there are
>>>> possible distinctions that
>>>> should be drawn between an entity that
>>>> can use
>>>> the service and one that can't
>>>> and, if so, where is the line
>>>> drawn. I agree
>>>> with the discussion on how
>>>> difficult that will be because many
>>>> entities
>>>> that have corporate status also
>>>> have reasonable grounds for
>>>> wanting the
>>>> protection of such a service
>>>> (human rights organisations or
>>>> women's refuges
>>>> come to mind). But that is the
>>>> sort of response we are seeking
>>>> from
>>>> others outside of this group -
>>>> so let's not prejudge answers.
>>>> Let's only
>>>> frame the questions that will
>>>> help us come to some sensible
>>>> answers.
>>>> Otherwise, we'll never get to
>>>> the next steps.
>>>>
>>>> And my apologies for the next
>>>> meeting. I have a long day ahead
>>>> on
>>>> Wednesday (Sydney time) and
>>>> taking calls at 2.00am won't help.
>>>> So Ill read
>>>> the transcript and be back in a
>>>> fortnight (2 weeks for those who
>>>> do not use
>>>> the term)
>>>>
>>>> Holly
>>>>
>>>> On 16/01/2014, at 5:39 AM, Jim
>>>> Bikoff wrote:
>>>>
>>>> Don and all,
>>>>
>>>> As we suggested earlier, and
>>>> discussed in the last Group
>>>> teleconference, it might be
>>>> helpful, as a next step, if we
>>>> reached a
>>>> consensus on the groups of
>>>> questions before sending them out to
>>>> SO/ACs and SG/Cs.
>>>>
>>>> This would involve two steps:
>>>> First, agreeing on the name of each
>>>> group; and second, streamlining
>>>> the questions in each group.
>>>>
>>>> In the first step, we could
>>>> consider alternative headings
>>>> (perhaps
>>>> REGISTRATION instead of
>>>> MAINTENANCE).
>>>>
>>>> And in the second step, we could
>>>> remove duplicative or vague
>>>> questions.
>>>>
>>>> This crystallization would make
>>>> the questions more approachable,
>>>> and
>>>> encourage better responses.
>>>>
>>>> I hope these ideas are helpful.
>>>>
>>>> Best,
>>>>
>>>> Jim
>>>>
>>>> James L. Bikoff
>>>> Silverberg, Goldman & Bikoff, LLP
>>>> 1101 30th Street, NW
>>>> Suite 120
>>>> Washington, DC 20007
>>>> Tel: 202-944-3303
>>>> Fax: 202-944-3306
>>>> jbikoff at sgbdc.com
>>>>
>>>>
>>>>
>>>> From: Don Blumenthal
>>>> <dblumenthal at pir.org>
>>>> Date: January 14, 2014 11:09:23
>>>> AM EST
>>>> To: PPSAI
>>>> <gnso-ppsai-pdp-wg at icann.org>
>>>> Subject: [Gnso-ppsai-pdp-wg]
>>>> Carlton's closing chat question
>>>> Carlton posted an issue
>>>> that shouldn't wait a week:
>>>>
>>>> "John came up with 4 groups. Do
>>>> we have a notion that others
>>>> might be extracted? And where
>>>> do we include/modify questions
>>>> to address Stephanie's issue?"
>>>>
>>>> Jim had four groups and an
>>>> umbrella Main category, which may be
>>>> instructive in itself in guiding
>>>> how we proceed
>>>> organizationally. Regardless,
>>>> the consensus of commenters has
>>>> been that his document is a
>>>> significant improvement over where
>>>> we were before, and I suggest
>>>> that we use it as a baseline.
>>>> However, we still have work to
>>>> do on it. Feel free to suggest
>>>> modifications.
>>>>
>>>> Don
>>>>
>>>> _______________________________________________
>>>> Gnso-ppsai-pdp-wg mailing
>>>> list
>>>> Gnso-ppsai-pdp-wg at icann.org
>>>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
>>>>
>>>> _______________________________________________
>>>> Gnso-ppsai-pdp-wg mailing list
>>>> Gnso-ppsai-pdp-wg at icann.org
>>>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
>>>>
>>>> _______________________________________________
>>>> Gnso-ppsai-pdp-wg mailing list
>>>> Gnso-ppsai-pdp-wg at icann.org
>>>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
>>>> _______________________________________________
>>>> Gnso-ppsai-pdp-wg mailing list
>>>> Gnso-ppsai-pdp-wg at icann.org
>>>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
>>>>
>>>>
>>>> --
>>>> Dr. Robert Bruen
>>>> Cold Rain Labs
>>>> http://coldrain.net/bruen
>>>> +1.802.579.6288
>>>> _______________________________________________
>>>> Gnso-ppsai-pdp-wg mailing list
>>>> Gnso-ppsai-pdp-wg at icann.org
>>>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
>>>> _______________________________________________
>>>> Gnso-ppsai-pdp-wg mailing list
>>>> Gnso-ppsai-pdp-wg at icann.org
>>>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Gnso-ppsai-pdp-wg mailing list
>>>> Gnso-ppsai-pdp-wg at icann.org
>>>> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
>>>>
>>>>
>>>>
>>>
>>
>>
>
>
>
> _______________________________________________
> Gnso-ppsai-pdp-wg mailing list
> Gnso-ppsai-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-ppsai-pdp-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-ppsai-pdp-wg/attachments/20140120/2228d9e4/attachment-0001.html>
More information about the Gnso-ppsai-pdp-wg
mailing list