[gnso-rds-pdp-wg] List topics for this week

Dotzero dotzero at gmail.com
Thu Jun 15 12:42:46 UTC 2017 

Apologies for accidentally hitting send before completing the email.
Continuing on:

1) That as a knowledgeable individual and business person he has shown that
one can complete a

domain registration without disclosing anything personal about himself.

2) That he is willing to put his personal information on the internet (link
to LinkedIn profile on his website) for commercial purposes.

3) That one of his goals is to ensure that access to whois data, or it's
replacement, for domains under his control, is at his sole and arbitrary
discretion and not subject to any external governance.

My apologies for the length of my response, but sometimes getting into the
weeds allows us to see whether the positions staked out in this group are
truly representative of the individuals goals or simply a means to some
other end.

Michael Hammer

On Thu, Jun 15, 2017 at 8:37 AM, Dotzero <dotzero at gmail.com> wrote:

> Apologies to Greg and the group as the discussion is currently supposed to
> be about "thin" or "public" data but the current discussion just seems to
> refuse to go away.
>
> Rob has asserted that he should have the right to control his data as a
> private individual and that having any registrant information published in
> whois or a replacement for whois is a violation of his rights as a private
> individual registering gTLDs. Let's examine these assertions a bit.
>
> The first question is whether Rob is acting as a private individual. I
> would assert not. He is registering domains as part of a fairly large scale
> commercial activity. One only need go to the astutium.com website to see
> the commercial activity involved.
>
> If we look at the astutium.com domain registration information pulled
> from the ICANN whois site (https://whois.icann.org/en/
> lookup?name=astutium.com) we find the following:
>
> Contact Information
> Registrant Contact
> Name: Domain Admin
> Organization:
> Mailing Address: 1st Floor, London London EC2R 8JR GB
> Phone: +44.8712776875 <+44%20871%20277%206875>
> Ext:
> Fax: +44.8712776875 <+44%20871%20277%206875>
> Fax Ext:
> Email:domain.admin at astutium.com
> Admin Contact
> Name: Domain Admin
> Organization:
> Mailing Address: 1st Floor, London London EC2R 8JR GB
> Phone: +44.8712776875 <+44%20871%20277%206875>
> Ext:
> Fax: +44.8712776875 <+44%20871%20277%206875>
> Fax Ext:
> Email:domain.admin at astutium.com
> Tech Contact
> Name: Domain Admin
> Organization:
> Mailing Address: 1st Floor, London London EC2R 8JR GB
> Phone: +44.8712776875 <+44%20871%20277%206875>
> Ext:
> Fax: +44.8712776875 <+44%20871%20277%206875>
> Fax Ext:
> Email:domain.admin at astutium.com
>
> Is anyone going to assert that his personal and private information has
> been disclosed in the above registration information?
>
> I would also point out that apart from website hosting and other services
> offered, he/his company is acting as a registrar. Rob is also using whois
> as a mechanism for advertising additional services provided by his company
> (Again, pulled from the ICANN whois website):
>
> "Now Available - VPS and Cloud Servers from http://www.astutium.com"
>
>
> I'd also like to point out the terms of use that Rob asserts applies to
> whois provided by astutium.com:
>
> TERMS OF USE: You are not authorised to access or query our WHOIS
> database through the use of electronic processes that are high-volume and
> automated except as reasonably necessary to register domain names or
> modify existing registrations; the Data in Astutium Limited's ("Astutium")
> WHOIS database is provided by Astutium for information purposes only, and
> to assist persons in obtaining information about or related to a domain
> name registration record. Astutium does not guarantee its accuracy. By
> submitting a WHOIS query, you agree to abide by the following terms of
> use: You agree that you may use this Data only for lawful purposes and
> that under no circumstances will you use this Data to: (1) allow, enable,
> or otherwise support the transmission of mass unsolicited, commercial
> advertising or solicitations via e-mail, telephone, or facsimile; or (2)
> enable high volume, automated, electronic processes that apply to Astutium
> (or its computer systems). The compilation, repackaging, dissemination or
> other use of this Data is expressly prohibited without the prior written
> consent of Astutium. You agree not to use electronic processes that are
> automated and high-volume to access or query the WHOIS database except as
> reasonably necessary to register domain names or modify existing
> registrations. Astutium reserves the right to restrict your access to the
> WHOIS database in its sole discretion to ensure operational stability.
> Astutium may restrict or terminate your access to the WHOIS database for
> failure to abide by these terms of use. Astutium reserves the right to
> modify these terms at any time.
>
> Lastly, I would point out that Rob, on his commercial website, puts his personal
> information out there for the world to see on this page by posting his name, title
> and a link to his LinkedIn page: https://www.astutium.com/company/about-astutium.php
>
> To summarize, while Rob is making assertions in this group about his personal privacy and the
> importance of not allowing whois, or it's replacement,  to infringe on that privacy, his ongoing practices
>
> as both an individual and as a commercial enterprise show the following:
>
> 1) That as a knowledgeable individual and business person he has shown that one can complete a
>
> domain registration without
>
>
>
>
>
>
>
> On Thu, Jun 15, 2017 at 7:39 AM, Rob Golding <rob.golding at astutium.com>
> wrote:
>
>> Hi
>>
>> There's a huge difference between domains and telephone numbers
>>>
>>
>> The type of directory is irrelevant to my rights to control my data
>>
>> I don't think an article dated from 2000 brings relevant points.
>>>
>>
>> That we've still not brought policy or technology upto almost 20 year old
>> legislation just shows how unfit for purpose WHOIS has become
>>
>> Much of that is because enforcement of existing legislation has been lax,
>> but the Snowden issue, repealling on the Data Retention Directive,
>> scrapping of Safe-Harbour and a need to toughen up both the rules and the
>> enforcement are what's led to the GDPR, which is now in force, and next
>> year will be actively enforced.
>>
>> Multi-million $ fines rather than slap-on-wrists with 20k fines might
>> start to change attitudes a bit as the penalties have been inflation
>> adjusted, and now the data-subject is also entitled to compensation for the
>> unauthorised use of their data - so there will be an "incentive" to start
>> sueing people
>>
>> The local supermarket will pay me £44 (appx $60) for my postal address [
>> in vouchers, discounts, freebies etc ] - that 's the "value" of my data to
>> one user - if there was suitable recompense to registrants & registrars &
>> registries for access to whois data , I'm sure there would be less
>> objection to the system !
>>
>>
>>
>> -Social norms regarding handling spam have drastically shifted in the
>>> past decades
>>>
>>
>> Spam is just one of the numerous (ab)uses of the data. I imagine very few
>> people have "consented" to spam, even if it was listed as a "proposed
>> legitimate use" for which they could actively consent.
>>
>> If you don't choose to disclose
>>> your information in whois, then no one has a right to it
>>>
>>
>> Whether I choose to be listed in a directory (which I dont _really_ have
>> much choice over as a registrant of numerous gtlds) or not doesn't change
>> that it's *MY* data, nor that most of the (tld dependant) "privacy" options
>> now available are relatively new (whois has been there for 30 years)
>>
>> If you do
>>> disclose, knowing full well that whois is public, you shouldn't be
>>> surprised at the results.
>>>
>>
>> And therein lies what I think is the mindset problem, the "results" are
>> (legally) ONLY what I give explicit permission for it to be used for, any
>> other use is not permitted, and I have the right to revoke that permission,
>> free of charge (to me) at any stage.
>>
>> The entitlements you listed(control over sharing, how data is used), on
>>> the Internet in
>>> 2017, are wholly unenforceable for anything publicly available.
>>>
>>
>> Google pay thousands of times as much as ICANN to lawyers and yet they
>> lost over the "right to be forgotten" issue under the older and much laxer
>> legislation - so we'll see what is "enforceable"
>>
>> If we want to talk about ways to prevent abuse of whois data, first of
>>> all, the "reverse lookup" and "historical" directories in their
>>> current state are unlikely to be involved in abuse at all-
>>>
>>
>> The directories themselves would constitute an "abuse" - in the main
>> they've breached both law and contract to obtain that data
>>
>> Maybe we need a definition of what "public" means ?
>>
>> Rob
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170615/482bb490/attachment-0001.html>

More information about the gnso-rds-pdp-wg mailing list