[gnso-rds-pdp-wg] Principle on Proportionality for "Thin Data"access

Dotzero dotzero at gmail.com
Thu Jun 1 17:01:11 UTC 2017 

>From a strictly necessary perspective, DNS is not required for the
operation of the Internet. People can use IP addresses or they could match
host names to IPs using host files. The Internet would be significantly
less useful and interesting if this were to be the case but is strict
necessity the correct metric for the discussion?

I have been in meetings and conferences where government regulators from
various jurisdictions have spoken/participated regarding privacy in the
context of anti-abuse/security and they have left me with an understanding
that does not match what some privacy advocates are stating here.

I think it may be appropriate for the moderator (Greg?) to step in to place
boundaries on what is in scope, what has or has not been settled and how
this group is to move forward. Given the timelines involved, it is clear
that there will not be a replacement for whois in place prior to the May
2018 implementation of GDPR.

If the current whois implementation is out of scope (from a privacy
perspective) is out of scope for this group, is there an ICANN group that
is examining the issue? As some registries/registrars are indicating they
will "go dark", do we all just throw our collective hands in the air or do
we (for some definition of we) try to address the issue?

Michael Hammer

On Thu, Jun 1, 2017 at 12:39 PM, Volker Greimann <vgreimann at key-systems.net>
wrote:

> I am not saying that publishing the creation date is screwing over people,
> I merely pointed out that it is currently being used for that very purpose.
> Domain registrant are getting conned, abused and worse because that data
> point is being used (in connection with other data points) This data point
> allows this abuse to be much more targeted and therefore successful.
>
> I am sure there are other purposes that it is being used for as well, some
> honorable, some useful, some neutral to the overall state of the universe,
> but in the end I merely asked if it was stricly necessary for the purpose
> of the operation of the internet, without making any assumption on other
> yet to be defined purposes.
>
> Best,
>
> Volker
>
> Am 01.06.2017 um 18:34 schrieb John Bambenek:
>
> Because you a priori invalidate all our data and use cases as irrelevant.
> The operations of the internet are more complicated than mere transferring
> a domain for registrar to operator.
>
> I gave you an example of using creation date as a factor in filtering. You
> immediately labeled it as screwing over people. Do you really expect me to
> keep jumping through your hoops? I mean I am just a mere self-proclaimed
> security researcher.
>
> Sent from my iPhone
>
> On Jun 1, 2017, at 11:22, Volker Greimann <vgreimann at key-systems.net>
> wrote:
>
> Note that I did not say "a need" in general, but specifically "a need for
> the purpose of the operationality of the internet". I have not seen any
> convincing use cases for that need for these three data points.
>
> Best,
>
> VG
>
> Am 01.06.2017 um 18:19 schrieb John Bambenek:
>
> The people who are engaged daily on anti-abuse are saying yes. Why are
> those who are not engaged in anti-abuse so eager to tell us what we need or
> don't need in doing our jobs? How many ways and use cases do we have to
> present until its accepted that, yes, the anti-abuse community needs this?
>
> Sent from my iPhone
>
> On Jun 1, 2017, at 04:25, Volker Greimann <vgreimann at key-systems.net>
> wrote:
>
> Even if there if no PII in thin data (and I am leaning to that direction
> myself), if there really a need for all these fields to be public for the
> purpose of the operationality of the internet? I am thinking of the
> created, updated and expiration dates in particular since those are the
> ones leading to the most abusive use.
>
> Am 31.05.2017 um 19:22 schrieb jonathan matkowsky:
>
> Thin Whois data doesn't have PII - We were saying that for registration
> DETAILS that can be queried from the existence of a domain name (which are
> NOT in thin Whois data), the way to deal with that is informed consent. The
> thin Whois data is cross-referenced against the domain name that was
> created. The domain itself exists. We very much can say that there is no
> PII in thin Whois data for domain names. DNS queries and SOA records are
> not part of this working group. And the fact you can use the Whois PROTOCOL
> to query RIRs also has nothing whatsoever to do with the Whois DATABASE,
> especially thin Whois. We can still be privacy champions without turning
> everything into a privacy concern, especially where none exists. The
> privacy issues to the extent they do exist, are not within the subject
> matter at issue. And therefore, there is simply no proportionality
> principle that need be applied here.
>
>
> On Wed, 31 May 2017 at 20:10 Michael Peddemors <michael at linuxmagic.com>
> wrote:
>
>> On 17-05-31 10:07 AM, allison nixon wrote:
>> > the rest of it can't be. You can't put a DNS query behind a EULA. We
>> > can't pretend there are restrictions on this data.
>> >
>>
>> We aren't discussing DNS or any other places that data is available as
>> part of this working group. Only the informed consent of data held in
>> whois thin data.
>>
>>
>> --
>> "Catch the Magic of Linux..."
>> ------------------------------------------------------------------------
>> Michael Peddemors, President/CEO LinuxMagic Inc.
>> Visit us at http://www.linuxmagic.com @linuxmagic
>> ------------------------------------------------------------------------
>> A Wizard IT Company - For More Info http://www.wizard.ca
>> "LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
>> ------------------------------------------------------------------------
>> 604-682-0300 <(604)%20682-0300> Beautiful British Columbia, Canada
>>
>> This email and any electronic data contained are confidential and intended
>> solely for the use of the individual or entity to which they are
>> addressed.
>> Please note that any views or opinions presented in this email are solely
>> those of the author and are not intended to represent those of the
>> company.
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>
> --
> jonathan matkowsky, vp - ip & head of global brand threat mitigation
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing listgnso-rds-pdp-wg at icann.orghttps://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
>
> --
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>
> Mit freundlichen Grüßen,
>
> Volker A. Greimann
> - Rechtsabteilung -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
> Fax.: +49 (0) 6894 - 9396 851 <+49%206894%209396851>
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.netwww.domaindiscount24.com / www.BrandShelter.com
>
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken
> Umsatzsteuer ID.: DE211006534
>
> Member of the KEYDRIVE GROUPwww.keydrive.lu
>
> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>
> --------------------------------------------
>
> Should you have any further questions, please do not hesitate to contact us.
>
> Best regards,
>
> Volker A. Greimann
> - legal department -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
> Fax.: +49 (0) 6894 - 9396 851 <+49%206894%209396851>
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.netwww.domaindiscount24.com / www.BrandShelter.com
>
> Follow us on Twitter or join our fan community on Facebook and stay updated:www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken
> V.A.T. ID.: DE211006534
>
> Member of the KEYDRIVE GROUPwww.keydrive.lu
>
> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
>
> --
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>
> Mit freundlichen Grüßen,
>
> Volker A. Greimann
> - Rechtsabteilung -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
> Fax.: +49 (0) 6894 - 9396 851 <+49%206894%209396851>
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.netwww.domaindiscount24.com / www.BrandShelter.com
>
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken
> Umsatzsteuer ID.: DE211006534
>
> Member of the KEYDRIVE GROUPwww.keydrive.lu
>
> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>
> --------------------------------------------
>
> Should you have any further questions, please do not hesitate to contact us.
>
> Best regards,
>
> Volker A. Greimann
> - legal department -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
> Fax.: +49 (0) 6894 - 9396 851 <+49%206894%209396851>
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.netwww.domaindiscount24.com / www.BrandShelter.com
>
> Follow us on Twitter or join our fan community on Facebook and stay updated:www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken
> V.A.T. ID.: DE211006534
>
> Member of the KEYDRIVE GROUPwww.keydrive.lu
>
> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>
>
>
>
>
> --
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>
> Mit freundlichen Grüßen,
>
> Volker A. Greimann
> - Rechtsabteilung -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
> Fax.: +49 (0) 6894 - 9396 851 <+49%206894%209396851>
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.netwww.domaindiscount24.com / www.BrandShelter.com
>
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken
> Umsatzsteuer ID.: DE211006534
>
> Member of the KEYDRIVE GROUPwww.keydrive.lu
>
> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>
> --------------------------------------------
>
> Should you have any further questions, please do not hesitate to contact us.
>
> Best regards,
>
> Volker A. Greimann
> - legal department -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.netwww.domaindiscount24.com / www.BrandShelter.com
>
> Follow us on Twitter or join our fan community on Facebook and stay updated:www.facebook.com/KeySystemswww.twitter.com/key_systems
>
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken
> V.A.T. ID.: DE211006534
>
> Member of the KEYDRIVE GROUPwww.keydrive.lu
>
> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>
>
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170601/04e5ebab/attachment-0001.html>

More information about the gnso-rds-pdp-wg mailing list