<<< Date Index >>>     <<< Thread Index >>>

[At-Large] Fwd: Re: Response on GAC principles Whois ?



All,

on another mailing list, this draft of GAC principles about Whois was
circulated. I find it horrible, starting from the extensive definition
of uses, that says that Whois is there to help people fight against
"theft of intellectual property".

It looks that the GAC is asking for comment to consumer groups, so while
we as the ALAC/RALOs are not entitled to interfere with the work of the
GAC, any ALS could get in touch with the GAC representative from their
country and provide an opinion in defense of the registrants' privacy.

More comments interspersed below.

Michiel Leenaars ha scritto:
> GAC PRINCIPLES REGARDING USES OF WHOIS DATA
> 
> Presented by the Governmental Advisory Committee
> March 29, 2007
> 
> Preamble
> 
> 1.1    The purpose of this document is to identify a set of general
> public policy principles related to the generic top level domain (gTLD)
> WHOIS service, in line with the recommendations of the Tunis Agenda of
> the World Summit on the Information Society in November, 2005.
> 
> 1.2Individual GAC members have consulted with privacy, law enforcement,
> consumer and intellectual property protection bodies in their
> governments.
> 
> Objective of this document
> 
> 2.1These principles are intended to guide the work within ICANN
> pertaining to the WHOIS service and to inform the ICANN Board of the
> consensus views of the GAC regarding the range of public policy uses of
> WHOIS data.
> 
> Public Policy Aspects of WHOIS Data
> 
> 3.1   The GAC recognizes that the original function of the gTLD WHOIS
> service, a directory database of resources and users connected to the
> network, has evolved as the Internet has expanded and now serves a
> number of legitimate uses, including, but not limited to:
> 
> 1.Supporting Internet network operators responsible for the operation,
> security, and stability of the Internet;
> 
> 2.Allowing users to determine the availability of domain names;
> 
> 3.Assisting law enforcement agencies  in investigations and in
> enforcing national and international laws and supporting international
> cooperation procedures;
> 
> 4.Facilitating enquiries and subsequent steps to conduct trademark
> clearances and to counter intellectual property infringement, misuse
> and theft;

...apart from the use of the term "theft", which, today, only the really
hard pro-intellectual property people use, of course by saying that
Whois is there to help IP owners, you give for granted that IP owners
have the right to have access to the personal information of whoever
creates a website, and I don't like this.

> 
> 5.Building user confidence in the Internet and e-commerce by helping
> users identify contact details of entities online; and 
> 
> 6.Assisting businesses, financial institutions, and other organizations
> in protecting their business interests, combating fraud, complying with
> relevant laws, and safeguarding the interests of their customers and
> consumers.
> 
> 
> 3.2The GAC also recognizes that there are concerns about abuses of
> WHOIS data, which are contrary to the provisions of the Universal
> Declaration of Human Rights.

This is really dangerous; it seems to imply that the only concerns are
about the abuses of data, e.g. if someone is in direct risk of
retribution for, say, publishing opinions on the Web that do not please
their government. This paragraph seems carefully built to promote one of
the proposals currently under examination by ICANN's GNSO, the one that
says that you would be allowed to keep your data private only if you
could prove that you are under a clear and direct risk created by that
publication. The European approach is exactly the opposite; your data
should remain private unless there is a clear reason to disclose them.
There should be a recognition of the fact that under many legislations
users have a natural right not to disclose their information without
their consensus. It's not just about abuse.

> 4.1The GAC believes the definition, purpose, and operation of gTLD
> WHOIS services should reflect and respect the different interests and
> concerns of legitimate users of WHOIS data, as outlined in Section 3
> above.  In addition, gTLD WHOIS services should utilize appropriate
> conditions and procedures intended to promote legitimate uses, and must
> comply with applicable national laws and regulations.

Again, this para talks about "promoting legitimate use" (eg,
facilitating IP owners and businesses in accessing your data), but does
not mention the concerns of the *owners* of WHOIS data. In fact, is
there any mention of the rights and needs of the owners of the personal
information anywhere in this document?

> 4.2The GAC also believes that the managers of WHOIS data services
> should provide accurate and complete data about domain name registrants
> in a manner that: 
> 
> 1. Supports the stability and security of the Internet, from both a
> technical and public trust perspective; and
> 
> 2. Facilitates continued, timely and global access to accurate WHOIS
> data.

...and again, the focus is only on ensuring that personal information is
readily accessible. No mention, for example, of the fact that the
managers of Whois should allow data owners to effectively enforce their
rights, such as right to update and to removal.

> 5.1Recommendations for Industry Action
> 
> 1. The GAC encourages stakeholders to work with ICANN to improve the
> accuracy of WHOIS data, and in particular, to take action to reduce the
> incidence of deliberately false WHOIS data.

...and again...

> 2.The GAC strongly urges ICANN to work with stakeholders to conduct a
> study of the characteristics of domain name registrants, as a first
> step toward determining:   whether and how WHOIS data is misused;

(which implies, if there are no misuses of Whois data then you should
lose your right to privacy of your information; again, the approach is
reverted - according to this document, it's not people that want your
data that have to explain why, it's you that have to justify why you
want to keep your privacy)

> how
> to prevent the abuse or criminal use of WHOIS data, without
> compromising access to the data for legitimate purposes; 

...and again...

> and to
> facilitate the adoption of technical and procedural measures aimed at
> identifying emerging practices that could be considered misuse or abuse
> and bring them to the attention of the public.

All in all, this draft seems written by a control freak that sees domain
names as a mass surveillance tool over what people do and say over the
Internet, or by the lawyers of the RIAA. Maybe I am overreacting, but
I've rarely seen such a privacy-unfriendly document about Whois, and I
am astonished that the European government representatives would even
consider discussing on these bases.
-- 
vb.                   Vittorio Bertola - vb [a] bertola.eu   <--------
-------->  finally with a new website at http://bertola.eu/  <--------


_______________________________________________
ALAC mailing list
ALAC@xxxxxxxxxxxxxxxxxxxxxxx
http://atlarge-lists.icann.org/mailman/listinfo/alac_atlarge-lists.icann.org

www.alac.icann.org
www.icannalac.org