Sorry, you need to enable JavaScript to visit this website.
Skip to main content

WHOIS Task Forces 1 and 2 minutes

Last Updated:
Date

WHOIS Task Forces 1 and 2 Teleconference 28 September, 2004 - Minutes

ATTENDEES:

GNSO Constituency representatives:
gTLD Registries constituency: - Jeff Neuman - Co-Chair
Registrars constituency - Jordyn Buchanan - Co-Chair
gTLD Registries constituency - David Maher

Internet Service and Connectivity Providers constituency: - Antonio Harris,

Internet Service and Connectivity Providers constituency - Maggie Mansourkia,
Intellectual Property Interests Constituency - Niklas Lagergren

Intellectual Property Interests Constituency - Steve Metalitz

Non Commercial Users Constituency - Marc Schneiders

Liaisons:

At-Large Advisory Committee (ALAC) liaisons - Thomas Roessler





ICANN Staff Manager: Barbara Roseman

GNSO Secretariat: Glen de Saint Géry



Absent:



Commercial and Business Users constituency - Marilyn Cade - apologies,

Registrars constituency - Tom Keller - apologies

Commercial and Business Users constituency - David Fares

Registrars constituency - Paul Stahura

Intellectual Property Interests Constituency - Jeremy Banks

Intellectual Property Interests Constituency - John Wolfe

Amadeu Abril l Abril

Non Commercial Users Constituency - Milton Mueller

At-Large Advisory Committee (ALAC) liaisons - Wendy Seltzer



MP3 Recording

Jeff Neuman summarised the notes from previous call September 21, 2004 which dealt with "Conspicuous notice".

Jeff Neuman referred to Thomas Roessler's note:sent to the list on 28 September:

"Where, on the previous call, it was suggested looking at legal approaches to "conspicuous notice" to figure out the right balance between burden to processing parties and forcing registrants to take notice.

BUT: "Conspicuous notice" of data processing in the form of, say, all-caps or boldface parts of the registration agreement may be considered enough in some contexts in some jurisdictions. In other jurisdictions, you may encounter requirements such as explicit, deliberate, and free consent to well-specified purposes, maybe even in writing. The point here is that the burden on the processing party may be balanced against data subjects' awareness and free consent in significantly different ways.

At this point, and with the major work item of tiered access still before us, I'd suggest this group pragmatically (and on-list!) look at ways to increase registrant awareness above the current levels, recognizing that we are certainly not going to fix WHOIS' privacy problems in dealing with the "conspicuous notice" milestone.

Here's a possible set of recommendations, to get things started; these are mostly based on TF2's findings, except for the success metric part.



Objective: Increase registrant awareness of WHOIS.



Success Metric: Significant increase of registrant awareness of WHOIS, as measured by sampling registrants prior to and 12 months after implementation.

Recommendation:

1. Registrars must ensure that disclosures regarding availability and third-party access to personal data associated with domain names actually be presented to registrants during the registration process. Linking to an external web page is not sufficient.

2. Registrars must ensure that these disclosures are set aside from other provisions of the registration agreement if they are presented to registrants together with that agreement. Alternatively, registrars may present data access disclosures separate from the registration agreement.

3. Registrars must obtain a separate acknowledgement from registrants that they have read and understood these disclosures.



Steve Metalitz
, reminded the task force of the recommendation from the TF2 preliminary report:

ICANN should develop and implement a procedure for dealing with the situation where a registrar (or registry, in thick registry settings) can credibly demonstrate that it is legally prevented by local mandatory privacy law or regulations from fully complying with applicable provisions of its ICANN contract regarding the collection, display and distribution of personal data via Whois. The goal of the procedure should be to resolve the conflict in a manner conducive to stability and uniformity of the Whois system. In all cases this procedure should include:

* Written notification by the affected registrar/registry to ICANN with a detailed report which includes but is not limited to:

o The law or regulation that causes the conflict.

o The part of the Whois obligation in question.

o The steps that will have to be taken to cure the conflict.



* If data elements are removed this must be notified to the requester by the insertion of standardized notice in the Whois results advising the requester of the problem and, if possible, directing requester to another source or alternative procedure for obtaining access to this data element.



* Prompt notification from ICANN to the public informing it of the change and of the reasons for ICANN's forbearance from enforcement of full compliance with the contractual provision in question. .



* The changes must be archived on a public website for future research



Except in those cases arising from a formal complaint or contact by a local law enforcement authority that will not permit consultation with ICANN prior to resolution of the complaint under local law, the procedure should be initiated using the following steps:



* prompt notification by the affected registrar/registry to ICANN with detailed summary of the problem arising including:

o The law or regulation that causes the conflict.

o The part of the Whois obligation in question.



* consultation by the registrar/registry with ICANN and other parties (which may include government agencies) to try to resolve the problem/ remove the impediment to full compliance with contract.



Jordyn Buchanan
proposed looking at general recommendations and saw the need to have a mechanism for having dialogue with ICANN.

Jeff Neuman commented that ICANN's perspective should be known in order to outline a procedure.



Jordyn Buchanan
commented that there were two issues:

1. the current task force 2 recommendation did not address any process ICANN could use internally - there was discussion of what sort of process.

2. Whether or not the taskforce should provide guidance to ICANN. Did the task force believe that they should specify the process ICANN should use in the instance where there was conflict between local law and the registrar?



Suggestions:

Task force 2 outlines should be more concrete, then they should be passed on to ICANN staff to see if the outlines provided sufficient information.



Steve Metalitz
volunteered to work on the outline and circulate a more concrete version.



Next Call:


- Tiered Access

Jeff Neuman and Jordyn Buchanan thanked everyone for their presence and participation.

The call ended at 11:45 EST, 17:45 CET

Next Call: 5 October 2004

see:
GNSO calendar