[Rt4-whois] FW: Reviewing the Comments from ICANN Community

[Alice Jansen]

On 8/30/11 10:16 PM, "kathy at kathykleiman.com" <kathy at kathykleiman.com>
wrote:

>Hi All,
>I hope all is well. My family and I have survived the earthquake and
>hurricane on the East Coast this past week -- and are hoping for easier
>conditions in the future :-)!
>
>Like you, I am in the midst of my due diligence preparing for our meeting
>on Thursday (with the disclaimer that I may not be able to attend due to
>the change of date and my travel schedule). I am preparing my email
>comments to share with the group.
>
>As promised, I did my "deep dive" on the comments we received in June/July
>to our Discussion Paper. I complement the many groups that submitted
>interesting and informative comments -- a lot of work was spent responding
>to our queries.
>
>To Olof, I say Thank You!  His comment summary, and especially his sorting
>of the comments question by question is excellent. I urge you to review
>the document at
>http://www.icann.org/en/public-comment/report-comments-whoisrt-discussion-
>paper-05aug11-en.pdf
>
>However, a few commenters asked us to look at things a little differently.
>They asked us to include questions we had not asked, and history we had
>not included. Some have very long histories in the Whois Arena, as part of
>GAC, ALAC, Registrars and NCUC.  ** I created a short summary of these
>comments -- and some addition, important, points and questions they raise.
>
>I have tried to shorten and summarize with quotes (as Olof did -- thanks
>for the example, Olof!) --- below and attached.
>Best, Kathy
> ------------- expanding our inquiry -- comment highlights ----------
>
>AN EXPANDED VIEW OF THE WRT QUESTIONS
>(Responses to WRT Discussion Paper)
>
>Introduction: While Olof did an outstanding job of summarizing the
>questions by sorting them according to their responses to our 14
>questions, certain issues fell between the cracks ­ largely because groups
>and communities asked us to look at questions beyond those we had chosen
>to ask.  This paper takes a short look at what others asked us to see ­
>including overstretching the purpose of Whois, significant policy work in
>the limitations of Whois, and the importance of history and historical
>perspective in our work.  Thanks for taking a fast look at these
>summaries‹and feel free to return to the full comments (found at
>http://forum.icann.org/lists/whoisrt-discussion-paper/).
>
>1.      Christopher Wilkinson, former GAC & GAC Secretariat (EU) on
>purpose of
>Whois:
>
>³I rather doubt that the initial purposes of the Whois protocol and
>database extended to their current utilisation. It would appear that
>rather more is expected of Whois than it is capable of delivering in view
>of the legacy of past practice and the current and prospective scale of
>the Internet.² (In Discussion Paper Comments)
>
>2.      At Large Advisory Committee on the need to view the issues
>differently:
>
>³It is our view that this Team must treat with and declare (1) whether the
>WHOIS construct as originally devised and for the purpose intended is
>still necessary, (2) whether the WHOIS dataset as originally determined
>remains fit to its original purpose, and (3) whether the several
>identifiable uses made of both the WHOIS data and processes that have
>expanded the original intent are useful and in the public interest.²
>
>At Large Advisory Committee on the need to consider types of use in our
>compliance schemes: ³Neither is it rational for the same risk in class or
>kind to be ascribed to all domains; domains used primarily for support of
>business transactions on the Web have a higher risk of consequential
>fraudulent activities than do those used for more personal or
>informational pursuits. As such, certain adjustments in approach to
>compliance and our expectations of the impact from compliance might
>benefit from a change in the philosophical construct of compliance and the
>processes used to affect the assurance of compliance.²
>
>At Large Advisory Committee on the need to consider cycles of registration
>in our compliance schemes:
>
>³We believe that the all&#8208;round public interest may be better served
>by recognizing that the risks from the fraudulent actions of bad actors
>are not the same throughout the WHOIS data cycle but tend to be cyclical ­
>higher following the establishment of new domains and decreasing
>thereafter.² (In Discussion Paper Comments)
>
>3.      Noncommercial Users Constituency on Why Privacy and Accuracy are
>Not at
>Odds:
>
>³Privacy and accuracy go hand-in-hand. Rather than putting sensitive
>information into public records, some registrants use "inaccurate" data
>as a means of protecting their privacy. If registrants have other
>channels to keep this information private, they may be more willing to
>share accurate data with their registrar.²
>
>³The problem for many registrants is indiscriminate public access to the
>data. The lack of any restriction means that there is an unlimited
>potential for bad actors to access and use the data, as well as
>legitimate users and uses of these data.²
>
>Noncommercial Users Constituency on Why the Operational Point of Contact
>Proceeding Marks a Critical Point of Agreement in the GNSO on a narrow
>purpose to Whois:
>
>³ICANN stakeholders devoted a great deal of time and energy to this
>question in GNSO Council-chartered WHOIS Task Forces. At the end of the
>Task Force discussion in 2006, the group proposed that WHOIS be modified
>to include an Operational Point of Contact (OPOC):
><http://gnso.icann.org/issues/whois-privacy/prelim-tf-rpt-22nov06.htm>²
>
>³Under the OPOC proposal, "accredited registrars [would] publish three
>types of data:
>1) Registered Name Holder
>2) Country and state/province of the registered nameholder
>3) Contact information of the OPoC, including name, address, telephone
>number, email."
>
>³Registrants with privacy concerns could name agents to serve as
>OPoC,thereby keeping their personal address information out of the
>public records.² (In Discussion Paper Comments)
>
>4.      Why Registrars under Tucows leadership strongly sought a balance
>to
>simply Whois data, while improving it.
>
>Slides of Ross Rader, of Registrars Constituency and registrar Tucows,
>discussing goals and advantages of Operational Point of Contact, endorsed
>and a multi-year GNSO team. These slides and ideas were reference by
>Elliot Noss, Pres of Tucows at the Registrars/WRT meeting in San Fran as
>well as by the NCUC in the recent comment period.
>
>Goals (Operational Point of Contact- Powerpoint Slides)
>³€ to simply Whois data output
>€ reduce facilitation of domain related scams, illegal data mining,
>phishing and identity theft
>€ maintain or increase the value of Whois for all stakeholders
>€ provide solid foundation for enhanced access to data by key stakeholders
>€ promote data accuracy² (Link to slides in NCUC Discussion Paper
>Comments)
>
>5.      Dr. Mueller:  Why technical History is important ­ because it
>shows us
>where we stopped thinking about purpose and goals.
>
>Dr. Milton Mueller asks us to examine his academic paper on the Whois
>issues, and considers history to be a very important factor ­ before and
>during ICANN.  Here are some highlights.
>
>³This article examines how the Internet¹s
>Whois service has evolved into a surrogate
>identity system. The Whois service allows any
>Internet user to type a domain name into a Web
>interface and be immediately returned the name
>and contact details of whoever has registered
>the domain. It is used by police to bring down
>Web sites committing crimes; its information is
>harvested by spammers and marketers seeking
>to send their solicitations; it is used by people
>curious to know who is behind a Web site or
>e-mail address; above all, it is used by trademark
>and copyright attorneys to keep an eye on
>their brands in cyberspaceŠ
>
>³We recount the story of Whois because it
>forces us to re-examine our understanding of
>the relationship between technological systems
>and global governance institutions. To understand
>the importance of the Whois service, one
>need only think of the license plate of an automobile
>on the road, and imagine that anyone
>who saw the license plate would be able to type
>it into a computer and be returned the name of
>the car owner and his or her street address, telephone
>number, and e-mail address.
>
>³That is what Whois does to domain name registrants. It
>links the vehicle for navigating the complex
>arena of cyberspace (domains) to a responsible
>individual, a location, or a jurisdiction.
>Of course in the real world, access to drivers¹
>license databases is restricted to law enforcement
>authorities and motor vehicle departments. It is
>not difficult to imagine both the benefits‹and
>the trouble‹that might be caused by free,
>anonymous, unrestricted public access to drivers¹
>license databases. No doubt some additional
>crimes would be solved and perhaps some
>amazing new information services could be
>developed by a Google of the future. No doubt,
>also, incidents of road rage and stalking would
>be taken to new heights. The same concerns
>apply to Whois. In addition to facilitating
>accountability on the Internet, open access to
>registrant contact data raises privacy issues and
>concerns about abuse of sensitive personal data
>by spammers, stalkers, and identity thieves.
>
>³Š Defaults tilt the playing
>field toward one option by giving the
>specified value the benefit of inertiaŠa Whois directory originated
>as a feature of the Internet when it was a smallscale,
>closed, scientific network. As the Internet
>evolved into a large-scale, public, commercial
>system, the Whois capability remained in place
>by default.
>
>(Historical evolution)
>
>³The first RFCs make it clear that the Whois
>protocol was intended to make available to
>users a general directory of other ARPANET/
>Internet users. At the time, ARPANET was
>what we would now call an intranet that
>linked a few hundred computer scientists and
>researchers at less than a hundred geographically
>distributed sites. A critical fact about this
>directory, then, is that it was intended to serve a
>closed, relatively homogeneous, and‹compared
>to today¹s Internet‹very small group of networked
>computer users.8 The early standards
>documents do not specify exactly what the purpose
>of this directory was. One can infer from
>context that it served a variety of purposes, and
>was seen as a convenience to the community of
>defense contractors involved in building the
>early Internet. Another critical fact is that for
>most users, participation in the directory was
>encouraged, but was not operationally, legally,
>or contractually required.9 It may be that the
>request to register in the centralized Whois
>database was made to facilitate technical coordination,
>but this is not documented in the
>RFC, and evidence supporting this has not
>been found anywhere else. The RFC states
>only that the purpose is to provide ³a directory
>service² (RFC 954, 1985, p. 1) to the network
>usersŠ
>
>³Phase 2: Internet Opened to the Public and to Commerce
>While the number of host computers connected
>to it grew rapidly, the Internet was still a closed
>community of specialized users throughout the
>1980s. From 1991 to 1995, a critical change
>occurred: The Internet was opened to commercial
>users and to the general public. This change was
>accelerated by the creation and deployment of the
>World Wide Web (WWW) and user-friendly
>Web browsers, which made the Internet usable
>and interesting to ordinary members of the public.
>The number of computers connected to the Internet
>exceeded 1.3 million before the end of 1992,
>and was somewhere between 6 and 8 million by
>the middle of 1995.10 This was no longer a ³community²
>of computer scientists and researchers,
>but a mass, heterogeneous public engaged in commerce
>and in public and personal communication.
>It was also an increasingly contentious and litigious
>publicŠ During this tornado of change, the Whois
>service that was implemented between 1982
>and 1985 remained in place. The user base of
>the Internet was no longer closed, no longer
>homogeneous, no longer situated within a noncommercial
>community, and no longer relatively
>small and manageable. But the technical
>protocol and the practices supporting a directory
>of Internet users remained the same. The
>only significant change was that the burden of
>supplying the Whois service shifted from
>defense contractor Stanford Research Institute
>to civilian National Science Foundation contractor
>Network Solutions, Inc. As the Internet
>moved from the small, noncommercial, and
>closed world of the 1980s to the open, public,
>and commercial world of the mid-1990s, no
>one made a conscious decision to retain the
>open-access Whois service of RFC 954; Whois
>was an unnoticed default value.
>
>(In Discussion Paper Comments)
>
>Final note from KK: I look forward to our discussion!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: New Issues Raised in Comments.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.documen
Size: 21176 bytes
Desc: New Issues Raised in Comments.docx
Url : http://mm.icann.org/pipermail/rt4-whois/attachments/20110911/a06557cc/NewIssuesRaisedinComments.docx 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ATT00001.txt
Url: http://mm.icann.org/pipermail/rt4-whois/attachments/20110911/a06557cc/ATT00001.txt