WHOIS Task Forces 1 2 3
24 May 2005 - Minutes
GNSO Constituency representatives:
Jordyn Buchanan - Chair
Registrars constituency - Paul Stahura
Registrars constituency - Tim Ruiz (alternate)
Registrars constituency - Tom Keller
Internet Service and Connectivity Providers constituency - Tony Harris
Internet Service and Connectivity Providers constituency - Greg Ruth
gTLD Registries constituency - Ken Stubbs
gTLD Registries constituency - David Maher
Non Commercial Users Constituency - Kathy Kleiman
Commercial and Business Users constituency - Marilyn Cade
Commercial and Business Users Constituency - David Fares
Intellectual Property Interests Constituency - Steve Metalitz
Bruce Tonkin - GNSO Council chair
At-Large Advisory Committee (ALAC) liaisons - Wendy Seltzer
GAC Liaison - Suzanne Sene absent - apologies
Maria Farrell Farrell - ICANN GNSO Policy Officer
GNSO Secretariat - Glen de Saint Géry
Intellectual Property Interests Constituency - Niklas Lagergren - apologies
Registrars constituency - Ross Rader
Non Commercial Users Constituency - Marc Schneiders
Non Commercial Users Constituency - Milton Mueller - apologies
Non Commercial Users Constituency - Frannie Wellings
Commercial and Business Users Constituency - Sarah Deutsch - apologies
Internet Service and Connectivity Providers constituency - Maggie Mansourkia
1. Follow up discussion on recommendation on notification.
List of implementation issues and questions regarding the recommendation on notification
2. Discussion on the form of the recommendation on conflicts with local law - policy or advice
Item 1 Discussion on the form of the recommendation on conflicts with local law - policy or advice
Jordyn Buchanan asked for comments whether recommendation 2 should be forwarded to the ICANN staff or the ICANN Board as advice given that there seems to be some ability to deal with such situations as in the case of .name, or as a formal policy recommendation which could, if approved by the GNSO Council and the ICANN Board, become binding consensus policy.
Steve Metalitz posted to the list the last draft of the recommendations along with a thread incorporating the discussion on the topic. and commented that without knowing exactly what was in the document, it was difficult to comment on whether it should be advice or policy.
Tom Keller commented that the recommendation could be both policy and advice because it was generally agreed that there should be an open and transparent process for ICANN staff to use if such a problem arose.
Jordyn Buchanan added the option that had been discussed in previous calls, to formally recommend a policy that there should be a process and advice about one possible implementation of it to the ICANN staff.
Marilyn Cade, in agreement with Tom Keller, commented that for a consensus policy there should be a process and the task force could provide advice on what the process should include to provide enough flexibility given the unique situations that may arise in different countries.
Kathy Kleiman stated that a great deal of time, work and thought had gone into recommendation 2 and the NCUC would like to see it become a policy because advice did not offer as much clarity and consistency on how everyone would be treated.
Marilyn Cade asked whether the NCUC would agree with her proposal that there be a policy but that the process itself be left as advice or did the NCUC want the entire process be consensus policy.
Kathy Kleiman commented that it was clear what was meant by "policy" but " advice" needed more explanation.
Paul Stahura commented that policy could be too constraining on ICANN as the registrar community represented a wide range of national laws thus he preferred the recommendation as providing advice.
Tim Ruiz reminded the task force of the Registrar Accreditation Agreement section 3.7.2
3.7.2 Registrar shall abide by applicable laws and governmental regulations and commented that as a registrar, Godaddy had always had advice from ICANN on how to deal with a problem to be in compliance with the RAA.
Marilyn Cade commented that:
- given there was general support for the idea that if the registrars encountered problems, ICANN was there to help deal with the problem.
- given many members of the task force supported the idea of an acknowledged process, using a neutral term, not advice or policy –
- if it were advice, how binding would the the advice be,
- if it were policy, how would it avoid being restrictive and provide enough flexibility for ICANN to deal with individual problems registrars encountered ?
- as an individual and member of the Commercial and Business users constituency, she suggested a compromise that supported the idea that there should be awareness and sensitivity of ICANN staff being able to address individual issues as they arose. She proposed there be a policy statement and a process, with the task force work attached as an example of the process to be provided as advice to ICANN. However, the responsibility lay with the task force to decide whether enough work had been done on what the advice should be.
Jordyn Buchanan summarised that the suggestion put forward was to have a relatively short consensus policy, perhaps along the lines that " ICANN will develop and document a procedure for resolving conflicts between local or national privacy laws and registry / registrars’ obligations to publish WHOIS data’, that is a couple of sentences to say ICANN needs to develop a procedure. As a supplement the task force, after agreement, would develop a transmittal document to the staff, that included a procedure for the staff to consider which could give them the flexibility to adapt over time.
He asked whether it would meet the NCUC requirements to have a policy but leave the details to the ICANN staff to develop and change from time to time.
Kathy Kleiman commented that the recommendation had been well developed and asked for the question to be left in the balance until the exact text was available as the wording was important and if it was advice what exactly the advice would be?
Wendy Seltzer agreed that there could be flexibility in a policy recommendation but the appropriate way to recognize the task force's effort spent developing the recommendation would be by making it a policy decision.
Tony Harris asked if tiered access became a reality, would national law and privacy considerations still be an issue and require policy?
Some task force members felt it was difficult to know and it could depend on the domicile of the registrar.
Tony Harris suggested adding a caveat that a possible solution would be to automate a procedure when completing a registration that a template would be filled in which would indicate to the data base that in certain countries there were privacy laws and the data of that subject should not be exhibited.
Steve Metalitz said he would be happy if a policy was established but then there needed to be a procedure and a recommendation on what that procedure would be.
Jordyn Buchanan reflected on Kathy Kleiman and Wendy Seltzer's remarks and said that it may be possible to bifurcate the current recommendation into 2 parts.
- the shorter policy recommendations
- select from the present recommendation the details defining who does what and at what point in the process. It might be desirable to incorporate certain elements on notice and information to the community along the way.
Paul Stahura referred to his posting on 3 May 2005 as an example that the the registry / registrar would have to exhaust the options under their current contractual framework before they asked for an exemption.
" If a Registrar is allowed to offer "privacy-enhanced services" that are allowed under the current RAA and that offering such services would bring them into compliance with their national laws, BUT CHOOSES NOT TO OFFER SUCH SERVICES, then that registrar would NOT be allowed to provide "privacy-enhanced services" that differ from the current RAA, correct?
If correct, then add "and IF AND ONLY IF you cannot modify your current practices so that you are simultaneously in compliance with the current RAA and your national law" So if, for example, putting all your names on "domains by proxy" (or whatever) is allowed by RAA and does not conflict with your national laws, then you must do so before you get special exemption from RAA.
Tom Keller commented that the ID protect service a registrar could use might not be a solution. In a recent conversation with a lawyer he was made aware that if no data was allowed to be display, inserting a proxy may not help. He further cautioned against predicting what could be possible in the future and predetermining the process. The RAA should be adhered to before exemption was given, but it was not desirable to describe the process.
Ken Stubbs commented that there were currently 10 – 15 million domain names in thick registries and expressed concern about:
- conflicts between domiciles of registrars and registries. Registrars may be obligated not to disclose data that the registries could be obligated to disclose because of the conflicts in domicile.
- potential conflicts between tiered access roles, such as where would one go to get the access? to the registry or the registrar.
He emphasised that there should be consistency in the methodology.
Jordyn Buchanan suggested splitting up the document into policy and recommendation of how to implement the procedure capturing the present discussion and elements such as requesting exemptions may be added as advice to the staff.
Steve Metalitz and Kathy Kleiman offered to do the redrafting of the recommendation in two sections.
1 Summary Recommendation 1 – conflict with national laws
The task force discussed whether to proceed with developing Recommendation 1 as a consensus policy or as advice (to ICANN staff / the Board), or as a combination of both.
- The task force agreed to develop the recommendation in two sections: as a policy which includes a procedure, accompanied by a recommendation on how to implement that procedure.
- Steve Metalitz and Kathy Kleiman to draft a revised recommendation in two sections. Jordyn Buchanan to provide input to Steve and Kathy in the form of thoughts and notes from the call.
- Task force members will continue to use the mailing list to discuss this issue.
. Follow up discussion on recommendation on notification.
List of implementation issues and questions regarding the recommendation on notification
Jordyn Buchanan referred to the set of issues that were identified as a result of the task force discussion on 17 May 2005 for the purpose of forwarding some to an implementation group, or to potentially modify the recommendation if the task force held a strong view.
List of implementation issues and questions regarding the recommendation on notification
1) How often should the registrant see (and acknowledge) the notifications relating to the use of their contact data?
- Once per domain name
- Once per batch of domain names
- Once per relationship with the registrant
- Some variation of the above
2) Should the registrar and registrant be able to mutually agree to modify when the notifications are made?
3) Should the registrant be periodically reminded of the use of their contact information in the Whois system? e.g. with an annual request to update any inaccurate information. If so, how is this reconciled with requirement #3 (that the registrant must obtain a separate acknowledgment of this notification)?
4) [From Bruce's comment] Is there a more appropriate way to notify the registrant that their data will be used in the Whois system?
5) Should an implementation group work to define the precise meaning of 'during the registration process'?
Marilyn Cade commented on her extensive experience with the linkage between an implementation working group, which was not a task force or committee, and the work that a policy task force did. She proposed sending guidance and the benefit of the task force work to the council and through the council to a working group. She considered it likely that the whois task force would continue to work on other issues while the implementation working group was set up and suggested that the task force should offer consultation as needed to support the working group. It was usual that the working group included representation from the groups that have to implement the recommendation and from the user community and the At Large Advisory Committee. The conversation had on the last call, 17 May 2005 should be sent to the council and the working group.
Jordyn Buchanan commented that the list of identified issues and some guidance would be sent forward.
Paul Stahura commented that the issues mentioned on the 17 May call were examples of why he believed that the registrar constituency came up with the registry constituency modifications of the recommendation but was not recommending any changes other than those which the registrar constituency had voted.
Steve Metalitz remarked that the list had been out for approximately 5 days, there had been one comment and he suggested that the recommendation be sent forward to the Council for the council to vote on as consensus policy.
Tom Keller agreed.
Marilyn Cade, taking into account Steve Metalitz and Tom Kellers remarks, proposed sending the recommendation to the council with a transmittal letter that would include the list of issues, that were identified as examples, that should be discussed by an implementation working group.
Jordyn Buchanan asked whether there were any objections to the list of issues being included?
Paul Stahura commented that ICANN did not require a registrar to have a website to display WHOIS information, registrations could be taken by phone, and other means. He suggested that the implementation group should consider what would happen if a registrar did not have a website?
Steve Metalitz responded that details could be worked out by an implementation group and he did not agree with all the issues on the list and suggested sending the recommendation and not the list.
Tim Ruiz asked how the list , if it was included, would be positioned with the recommendation as not everyone agreed those were issues or that they were the only issues.
Jordyn Buchanan suggested that the list would be included as part of a transmittal document to the Council with the final report, indicating that following issues were identified as potentially appropriate topics for further consideration by an implementation group if the council chose to form such a group.
Tom Keller commented that he was not sure whether there was agreement recommending to the council that an implementation committee be formed. The registrar constituency was explicit that they did not like that recommendation at all, but if the council decided to form an implementation group that was up to them, but it was not for the task force to suggest such a group. Hid preference would be for the task force to send a list of identified issues to council without any comment.
Jordyn Buchanan proposed polling the task force on the question:
whether the task force supported the inclusion of the list of implementation issues and questions identified in call on 17 May, 2005 as well as the issues identified by Paul Stahura today, in the transmittal document to council, as topics identified by the task force for further discussion.
In support : Marilyn Cade, David Fares as long as there was agreement on all issues, David Maher, Tony Harris, Paul Stahura with the caveat that it be noted that it was not an exhaustive list,
Against: Steve Metalitz and Tom Keller but would not object with the caveats that Paul Stahura mentioned that not every one agreed that the issues were valid implementation issues and there may be other implementation issues.
Abstention: Kathy Kleiman
No vote recorded for (dropped off the call) Ken Stubbs and Greg Ruth
Each constituency voted, except for the one abstention, there seemed to be support with the caveat that not everyone on the task force agreed all issues were worthy of further consideration and the list was not exhaustive.
Maria Farrell summarised the changes that had been made to the Whois task force final report on recommendation 1 improving notification and consent:
Page 2 Section 1 Introduction and background
The following paragraphs on background were added:
ICANN staff compiled the recommendation, constituency statements, previous relevant public comments, and other relevant materials into a draft Preliminary Task Force Report which was revised by the combined Whois Task Force and finalized on 18 April 2005 . The revised Preliminary Task Force Report was voted on by the task force constituencies in an email vote that concluded on 22 nd April 2005 . The results of the vote were incorporated into the Final Task Force Report (section 1.3).
The Final Task Force Report on recommendations for improving notification and consent for the use of contact data in the Whois system was published on the ICANN website for public comments from 23 April 2005 to 12 May 2005 . Those public comments are now incorporated in this document. The revised Final Task Force Report on recommendations for improving notification and consent for the use of contact data in the Whois system will be submitted to the GNSO Council for discussion at its meeting on 2 nd June 2005 .
Two headings were changed to obviate confusion between different public comment periods.
1.1 Text of recommendation
1.2 Summary of public comments on the Final Task Force report (2005)
3 Public comment report 2003 - 2004
Jordyn Buchanan proposed that the heading 1.2 Summary of public comments on the Final Task Force report (2005) be changed to read:
1.2 Summary of public comments on the Preliminary Task Force report (2005)
Jordyn Buchanan proposed that assuming no substantive changes were made to the document after task force members had had the opportunity to revisit it, the Final report would be sent to the GNSO Council on Thursday 26 May respecting the timeline for documents to be submitted for consideration by the Council. However, if there were more substantive edits, the task force would meet on Tuesday 31 May before finalizing the final report.
Jordyn Buchanan suggested deferring next week’s call 31 May 2005 and scheduling a call for 7 June 2005.
Bruce Tonkin, who rejoined the call, commented that if the Final Report on recommendation 1 was to be considered by the Council at its meeting on Thursday June 2, it should be submitted to the council by Thursday 26 May 2005. Bruce suggested that the task force concentrate on the policy element of the recommendation 2 and get it launched out for public comment and follow the policy development process for the policy portion.
Jordyn Buchanan thanked everyone for their participation and the call ended at 16:45 CET
2 Summary Recommendation 2 – improving notice and consentThe task force discussed whether any substantive changes needed to be made to the final task force report and also whether/in what form guidance on implementation should be provided in the transmittal to the GNSO Council. The guidance discussion was mostly based on the list of implementation issues provided to the mailing list and with suggested changes by Steve Metalitz (http://forum.icann.org/lists/gnso-dow123/msg00315.html). No substantive changes to the recommendations in the final task force report were made. A vote was held on the question ‘whether we should include the issues identified in last week’s call and identified by Paul Stahura today be included in the transmittal to the Council’.
- The list of implementation issues will be sent to the Council with the recommendation, accompanied by caveats that they are not agreed on by everyone in the task force, all issues are worthy of further consideration and the list is not exhaustive.
- If no further substantive changes to the recommendations in the final task force report are made by Thursday 26 May 2005. If substantive changes are made, a task force call will be held on Tuesday 31st May to discuss before finalizing the report for submission to the GNSO Council.
· If no substantive changes are received by Thursday 26 May, Maria will send the final task force report on recommendation 1 to the GNSO Council ahead of their next meeting on Thursday 2nd June 2005.
3 Next task force call:
- As presently advised, there will be no call on Tuesday 31st May 2005.