[whois-sc] TR: Whois @ ICANN Carthage.
- To: <whois-sc@xxxxxxxxxxxxxx>
- Subject: [whois-sc] TR: Whois @ ICANN Carthage.
- From: "GNSO SECRETARIAT" <gnso.secretariat@xxxxxxxxxxxxxx>
- Date: Mon, 6 Oct 2003 19:58:07 +0200
- Cc: "Richard Francis" <rfrancis@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Importance: Normal
- Reply-to: <gnso.secretariat@xxxxxxxxxxxxxx>
- Sender: owner-whois-sc@xxxxxxxxxxxxxx
see the following request from Richard Francis, the ccTLD
advise whether a meeting room will be needed and on what
de Saint Géry
WHOIS - Balancing Rights of Privacy and Access to
ccTLD Databases - ccTLD Secretariat Briefing
1 The CENTR
Secretariat have today alerted members to publication of the Joint
Research Centre of the European Commission of a study on the implications for
data privacy of decisions taken by governments in the wake of September 11 and
also of new technologies such as identity-management systems and location-based
services. The survey was commissioned by the European Parliament and is
Nigel is ccTLD Liaison to the gNSO Whois Privacy Steering Group. http://gnso.icann.org/issues/whois-privacy/membership-liaison-update-19sep03.shtml
has drawn the attention of the Secretariat to a table of 'issues' and minutes of
two gNSO WHOIS WG meetings in August and September 2003, posted on the ICANN
The ICANN Staff report, posted on 13 May suggested that the gNSO Whois/Privacy
Steering Group should provide its work plan by a specified date (such as 1
August 2003) in advance of the Carthage meeting and :-
the five (approximately) issues that the Whois/Privacy Steering Group recommends
be accorded high priority in the policy-development process.
Issue Reports on each of these issues in time for the GNSO Council?s
consideration of all of them at the Carthage meeting.
It went on to
suggest that after considering and discussing the Issue Reports, the GNSO
Council should initiate PDPs in a sequence it concludes is appropriate, with the
understanding that any task forces formed would be separate from the
Whois/Privacy Steering Group.
4 The ccTLD Secretariat will contact
Glen de Saint Gery to establish whether the gNSO Whois Privacy Steering Group
would be willing to present to the ccTLD Managers, if invited to do
2 Four other groups in ICANN are actively involved in
investigating Whois issues:
At-Large Advisory Committee
Advisory Committee Whois WG Convened by Robyn Layton
Security and Stability Advisory Committee
Board ? At its March 2003 meeting, the ICANN Board directed
the President to appoint a President's Standing Committee on Privacy, to be
responsible for monitoring the implications of existing and proposed ICANN
policies on the handling of personal data.
Date: Mon, 06 Oct 2003 16:33:04
From: Gabriella Schittek
The Commission's Joint
Research Centre has just published a study on the implications for data
privacy of decisions taken by governments in the wake of September 11 and also
of new technologies such as identity-management systems and location-based
services. The survey was commissioned by the European Parliament and its key
findings are summarised below.
Digital technologies post-September 11th: more security
but less privacy for the European citizen?
technologies protect privacy or hamper it in the post-September 11 world?
Trends in information society technology will have a significant impact on
the balance between citizens' security and privacy, according to a report
released today by the European Commission's Joint Research Centre
The study on "Security and Privacy for the Citizen in the Post-September 11
Digital Age: A Prospective Overview", commissioned by the European
Parliament, analyses the security and privacy implications of three
emerging technologies: identity management (on-line services based on the
identification of the user), location-based services (focusing on local
positioning and tracking of the user) and virtual residence in an ambient
intelligence environment (with "smart" and mobile electronic devices
connected to our home, office, car etc.). According to the report, there is
a need to restore the balance in favour of privacy as the use of these
technologies for some governmental or commercial actions stretch the ability
of current legislation to provide adequate personal data protection.
to the threat of terrorism after the tragedy of September 11, many
governments enhanced their surveillance powers, but at the risk of affecting
privacy", said European Research Commissioner Philippe Busquin. "However,
citizens are not prepared to let privacy be one of the casualties in the war
on terrorism. This comprehensive report will raise the awareness of decision
makers for the need to maintain a balance between protecting data and making
services widely available online, and the need to fight terrorism and crime
whilst respecting individual privacy."
"Steps have already been taken at the EU level to
address concerns raised by some governmental or commercial use of
communications technologies", said Enterprise and Information Society
Commissioner Liikanen. "The new Directive on Privacy and Electronic
Communications, applicable in all Member States at the end of this month,
applies important principles of EU law to communications services, including
new mobile and Internet-based services. For instance, it requires that
location information generated by mobile phones can only be further used or
passed on by network operators with prior user consent, unless it is an
emergency call. Where exceptions have to be made, for example for national
security, they must be necessary and proportionate and laid down in
Big Brother watching you?
The effects of September 11 on privacy have yet to be
fully assessed. In the immediate aftermath, the United Nations responded
with Resolution 1368 calling for increased co-operation between countries to
prevent and fight terrorism. The ability of law enforcement and national
security agencies to intercept communications was increased, as were powers
of search and seizure. The variety of data accessed has also grown. While no
full appraisal of the effects of September 11 has been carried out, new
technologies and communication infrastructures have strengthened enforcement
of these powers, putting at risk the rights of individual citizens to
(using statistical and mathematical methods to analyse biological data), for
example, can be used to enhance the security levels in identification
processes. Biometrics can help identify a person's physical features using
electronic parameters. However it can also provide additional and sensitive
data such as ethnic or medical information. A way to counter-balance this
side-effect could be to only use a sample of facial characteristics (the
major pertinent points) in producing the template needed for the matching
process instead of a full picture of the face.
Protecting an individual's privacy
To address these
issues the European Parliament Committee on Citizens' Freedoms and Rights,
Justice and Home Affairs, asked the Commission's JRC to develop a detailed
and comprehensive report on information society trends to identify
particular concerns. The Commission's Joint Research Centre sees an emerging
pattern and trend, characterised by a shift from 'reactive' to 'pro-active'
security protection, using information and communications technology systems
to support intelligence gathering.
These facilitate the control and tracking of personal
data, while offering opportunities of access for third parties for
commercial purposes. For example, Radio Frequency Identification (RFID)
tags, tiny chips that will be increasingly embedded in all kinds of devices
and goods, will enable such items to be tracked. However, they could also be
used to identify the owner of the item. It is important that these RFID tags
are regulated by legislation addressing identity-related issues.
I can see you, I
can feel you, and I know where you are
The JRC report outlines technology trends and
implications for privacy and security and new challenges. It summarises
important issues relating to policy development for privacy and surveillance
in several areas, including:
systems: Identity is a key concept for the future Information Society.
Identity-management systems and identity-related technologies will become
an essential part of communicating via the Internet, enhancing the user's
protection against potential privacy and security risks.
services: Location computing technologies and permanent mobile
broadband connections provide multifunctional global positioning.
Commercial use of such services could enhance security but also expose
users to the risk of unauthorized access to personal data.
- Ambient intelligence and Virtual Residence: Computing
technologies in all kinds of objects will provide a large number of
services. The new environment will blur the traditional boundaries between
private and public domains and is uncharted territory in terms of privacy
practice in the future smart home, in cyberspace and when mobile. New
security and privacy measures will have to be devised.
risks to a minimum
Based on security measures identified, the JRC report recommends:
- Privacy-invasive measures
resulting from September 11, developed as an immediate response to
establish a safer environment, should be temporary and limited; and
- Policy should strike an
appropriate longer-term balance between security and privacy when dealing
with measures facilitating the development of the Information Society.
The role of
Technology can bring about change - but also solutions to the
problems caused by change. The flexibility of new technologies must be
acknowledged and considered before appropriate policy measures can be
formulated. While technologies could be used to invade privacy, they can
also help enhance protection of personal data and increase transparency in
According to the JRC report, technology could play a key role in
protecting individual privacy against abuse if aligned with current legal
measures in the EU. The JRC identified a number of areas where policy action
may be needed, such as: identity theft; private-sector databases;
private-public sphere indicators; and technology-specific regulation.
In the case of
identity theft in Europe, the report stressed that due to strong existing
European legislation, which defines clear privacy and data protection
rights, this type of crime is less frequent than in other countries. In
order to maintain this level of security for the citizen, new technologies
will need to be integrated into the existing legal framework. The report
recommends that a monitoring activity be established to track the rate of
change in technology, its impact on the security/privacy balance and the
potential need for regulatory action.
For further information, please see
mission of the JRC is to provide customer-driven scientific and technical
support for the conception, development, implementation and monitoring of EU
policies.As a service of the European Commission, the JRC functions as a
reference centre of science and technology for the Union. Close to the
policy-making process, it serves the common interest of the Member States,
while being independent of commercial or national interests."
<?xml:namespace prefix = o ns =
Weber Shandwick | Adamson
Rue Wiertz 50
B - 1050 Brussels
Tel: + 32 2 743 42
Fax: + 32 2 230 14 96
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.521 / Virus Database: 319 - Release Date: 23/09/2003