Re: [council] Regarding data collected and the purpose of collecting data

["Anthony Harris" <harris@xxxxxxxxxxxxx>]

Mawaki,

> Here in the US and was registering under gTLDs.
I see, so if your country of residence doesnt protect
your privacy, you want to impose it on the generic
domain name space, which is extra-territorial (a
definition I actually coined from someone in your
own constituency BTW).

> But I don't see what is the equivalent of IACNN (a private
> corporation) by whom the registrar will say they are _required_ to
> publish your personal data. Besides, having an electronic database
> publicly available, is not the same as having the data published in
> hard copy even if the data is stored in an electronic form (and
> governed with privacy/data protection guidelines, e.g. in a country
> like France where I lived several years), but I guess things might
> vary from a country to another...
You are entitled to your opinion of course. However there would
appear to be a worldwide tendency for electronic databases to
be replacing hard copy directories, and thus some similarities
might be detected?

> Well, in my case, it turns out (as I said some time ago) that I used
> to have a very small number of spam on that account, the increase has
> been dramatic short after registering a DN related to that account,
> while at the same time I started getting calls about web site hosting
> (am also addressing here Bruce's remark about this). Eventually, I
> asked the last person who called me where she got my contacts from,
> she said they were given a list and she didn't know, but kindly
> offered that if I wish she could remove my phone contact from the
> list, and they will just send me emails about their services, which I
> accepted. Of course I wouldn't infer as a scientific truth (I
> presented this as a story, and I think it's worth anything you can
> read in newspaper) that that necessarily causes this; for this is
> just one occurrence, and it might be, or not, a coincidence. But in
> the mean time and at my micro-level, I can only say chances are...
>
> Anyway, even if you have evidence that my experience is not
> generalizable (which does not necessary mean the spam increase isn't
> related to the Whois being public, in my specific case), the whole
> argument remains.
So you would have been better off paying the registrar for not
publishing your data ?

Tony Harris


----- Original Message ----- 
From: "Mawaki Chango" <ki_chango@xxxxxxxxx>
To: "Anthony Harris" <harris@xxxxxxxxxxxxx>; <council@xxxxxxxxxxxxxx>
Sent: Tuesday, April 11, 2006 11:13 PM
Subject: Re: [council] Regarding data collected and the purpose of 
collecting data

> Anthony,
>
> --- Anthony Harris <harris@xxxxxxxxxxxxx> wrote:
>
> > Mawaki,
> >
> > 1) In what country were you living when you
> >     registered a domain name? Was there no
> >     country code domain you could resort to,
> >     and thus be protected by the national legal
> >     privacy framework?
> Here in the US and was registering under gTLDs.
>
> > 2) I beleive that to be unlisted in a phone book,
> >     there is normally a charge?
> But I don't see what is the equivalent of IACNN (a private
> corporation) by whom the registrar will say they are _required_ to
> publish your personal data. Besides, having an electronic database
> publicly available, is not the same as having the data published in
> hard copy even if the data is stored in an electronic form (and
> governed with privacy/data protection guidelines, e.g. in a country
> like France where I lived several years), but I guess things might
> vary from a country to another...
>
> > 3) I get 300 spams a day, mostly from Asia, and
> >     I dont have a domain name of any sort, nor am
> >     I listed in any whois database.
> Well, in my case, it turns out (as I said some time ago) that I used
> to have a very small number of spam on that account, the increase has
> been dramatic short after registering a DN related to that account,
> while at the same time I started getting calls about web site hosting
> (am also addressing here Bruce's remark about this). Eventually, I
> asked the last person who called me where she got my contacts from,
> she said they were given a list and she didn't know, but kindly
> offered that if I wish she could remove my phone contact from the
> list, and they will just send me emails about their services, which I
> accepted. Of course I wouldn't infer as a scientific truth (I
> presented this as a story, and I think it's worth anything you can
> read in newspaper) that that necessarily causes this; for this is
> just one occurrence, and it might be, or not, a coincidence. But in
> the mean time and at my micro-level, I can only say chances are...
>
> Anyway, even if you have evidence that my experience is not
> generalizable (which does not necessary mean the spam increase isn't
> related to the Whois being public, in my specific case), the whole
> argument remains.
>
> Mawaki
>
>
> > 4) Your repeated references to the problem of access
> >      to data have been exhaustively discussed within the
> >      Whois task force, actually since mid 2001.... Tiered
> >      access for entitled parties is of course a natural solution.
> >      (And we did think of it quite a while back!)
> > 5. The current discussion is constricted to defining the
> >     purpose of Whois, access to data I beleive is a subject
> >     for future discussions?
> >
> > Tony Harris
> >
> > ----- Original Message ----- 
> > From: "Mawaki Chango" <ki_chango@xxxxxxxxx>
> > To: "Council GNSO" <council@xxxxxxxxxxxxxx>
> > Sent: Tuesday, April 11, 2006 8:31 PM
> > Subject: Re: [council] Regarding data collected and the purpose of
> > collecting data
> >
> >
> > > Just a story, and a last reflection on this -
> > >
> > > The last time I registered a domain name, I was informed that to
> > > comply with the ICANN requirements, the registrar will display my
> > > personal data in the WHOIS database which is public. However,
> > they
> > > offered that for additional fee (I forgot the amount, but it was
> > > higher that the registration fee itself), they could keep my data
> > > private to avoid the hassle (spam, etc.) related to the fact that
> > > anyone would access my personal data, otherwise. And reading
> > more, I
> > > realized the fee was not collected per registrant, but per name
> > > registered (even with the same registrar, for each time one
> > > registers, one must provide one's personal data through the same
> > > process), so I decided not to pay that fee, and since then I of
> > > course receive all the spam I can get, etc.
> > >
> > > This story shows that (i) the data can be kept private (and of
> > course
> > > they will be released when requested by legal process), and (ii)
> > > everyone knows that having the data publicly available feeds spam
> > and
> > > alike, and could cause hassle (even threaten authors of dissident
> > > speech in various and unpredicted circomstances).
> > >
> > > I have nothing against people making business out of their
> > innovative
> > > ideas, etc. I just don't think it is ICANN's mission to secure
> > > business opportunities (especially like that one), while for the
> > sake
> > > of it, exposing people's privacy without their consent, and
> > > poptentially people's life.
> > >
> > > Mawaki
> > >
> > >
> > > --- Ross Rader <ross@xxxxxxxxxx> wrote:
> > >
> > >> Philip originally wrote;
> > >> >>> I agree. It is not my logic. I am NOT making the assertion
> > in
> > >> (2).
> > >> >>> You assume that because a Registrar agreement TODAY requires
> > >> public
> > >> >>> access, that is the status quo upon which we are defining
> > the
> > >> purpose
> > >> >>> of WHOIS.
> > >> >>> In other words you are defining purpose only in the context
> > of
> > >> the
> > >> >>> current means of access.
> > >> >>
> > >>
> > >> <snip>
> > >>
> > >> Ross replied;
> > >> > The implication is quite obviously different than how it
> > appears
> > >> to you.
> > >> > The assumptions made have nothing to do with the status quo,
> > and
> > >> > everything to do with refining the status quo to make it more
> > >> useful and
> > >> > more meaningful to a broader set of participants. This is what
> > >> our
> > >> > policy development processes are all about - change.
> > >> >
> > >>
> > >> Apologies, its early around these parts - this last paragraph
> > >> should
> > >> have read:
> > >>
> > >> The implication is quite obviously different than how it appears
> > to
> > >> you.
> > >> The assumptions made have nothing to do with setting definitions
> > in
> > >>
> > >> terms of the the status quo, and everything to do with refining
> > the
> > >>
> > >> status quo to make it more useful and more meaningful to a
> > broader
> > >> set
> > >> of participants. This is what our policy development processes
> > are
> > >> all
> > >> about - change.
> > >>
> > >
> > >
> > >