Re: [council] Compromise wording on WHOIS

[Ross Rader <ross@xxxxxxxxxx>]

Philip -

> In preparation for the discussion and possible vote on WHOIS purpose 
please find attached a
> proposed compromise definition.
> The background to this compromise is as follows:
> - It is not intended to be a new formulation 2 but a new approach and 
thus an amendment to
> the proposed vote.
> - The new wording seeks to accommodate numerous concerns expressed at 
the last Council
> meeting and in the recent WG paper:
> 1. it speaks not of the purpose of "WHOIS" but the purpose for which 
the "data is
> collected". This reflects the concerns rightly raised by the 
non-commercial constituency in
> that previous definitions were not compliant with data protection 
laws such as the EU data
> protection directive. The intent here is that the scope should be no 
wider than the scope of
> such laws.

The Task Force terms of reference are explicit on the point that the 
definition is to deal with the purpose of whois, not the purpose of the 
data collection. While your intentions are well-placed, I believe that 
this amendment is "out-of-order". The purpose of the data collection is 
currently defined by the registrar in their respective terms of service. 
I would expect these to vary from registrar to registrar and I fail to 
understand what benefits come from standardizing the language.
Right now, we very clearly have a broad support amongst the 
constituencies for Formulation #1. During our recent council meeting, it 
became clear that what I had viewed as being equally broad support for 
Formulation #2 was in fact not all that broad (I don't believe that any 
of the former supporters of Formulation #2 were willing to endorse the 
proposition as written). Now you have presented us with a completely new 
formulation that attempts to deal with the issue by answering a question 
related to the collection of Whois data, and not the purpose of the 
Whois system itself. I fail to see how this represents a compromise. It 
is an answer to a question that we are not asking.
The task force has spent an incredible amount of time preparing these 
formulations - despite the fact that it was unable to come to complete 
agreement between all of the constituencies (3 for, 3 against). I 
believe that we owe it to the Task Force to consider and vote on the 
language that they have prepared for us, or at the very least, amend the 
existing language such that it more appropriately deals with the 
concerns that Council might have. Your proposal takes the discussion in 
a completely different direction and is not in scope relative to the 
terms of reference of the task force. It would be inadvisable for us to 
turn our backs on the body of work undertake by this committee in the 
way that you propose.
> 3. The definition is silent on questions of subsequent access to data 
or data publication.
> This issue was raised by the Registrars in that the purpose of WHOIS 
was being defined in
> the context of the current manifestation of WHOIS with its current 
open access and
> publication. This definition is intended not to make ANY assumption 
about access.
I'm not sure that this was the point I was making (or that anyone from 
the Registrar constituency made this point). I believe this was raised 
by someone else, although I haven't read through the transcripts to 
figure out whom. Also, it was my understanding that the point was raised 
as it relates to Formulation #2. In any event, the more general point is 
that Formulation #1 is intended to create a standardized definition for 
the path forward that is consistent with ICANN's scope and mission. The 
problem with Formulation #2 is that it attempts to create a standardized 
definition that is consistent with past practices - which are not 
necessarily consistent with ICANN's scope and mission.
> definition describing the purposes of data collection and one that is 
not blind to the use
> that such data is being put today in pursuit of consumer protection 
and measures to prevent
> crime.

I completely sympathize with the concerns raised re: criminal activity 
and consumer protection. It is worth pointing out that this has become a 
bit of a red herring in this discussion in that it fails to distinguish 
between "purpose" and "use". i.e. The purpose of the DNS is to map 
domain names to IP addresses. Its use is far broader than that. 
Similarly, the purpose of the gTLD Whois service can be equally simple 
and narrow, while facilitating a much broader set of uses - i.e. nothing 
in its application prevents the responsible party from passing on law 
enforcement requests in exactly the same manner that they do today.
I do appreciate the effort that you've made to bridge the gap, but I 
believe it is in our interests to select one of the two current 
formulations in a timely manner so that the Task Force can continue with 
the rest of its work. I cannot support your proposal on these grounds.
Regards,
--

                       -rr








                "Don't be too timid and squeamish about your actions.
                                           All life is an experiment.
                            The more experiments you make the better."
                        - Ralph Waldo Emerson


Contact Info:
Ross Rader
Director, Research & Innovation
Tucows Inc.
c. 416.828.8783

Get Started? http://start.tucows.com
My Blogware: http://www.byte.org