RE: [council] Report on public suggestions of further studies of WHOIS

["Gomes, Chuck" <cgomes@xxxxxxxxxxxx>]

Thanks Liz.  My compliments on the good work.  It seems to me that this
will be useful in helping us narrow our focus.
 
Chuck

________________________________

From: owner-council@xxxxxxxxxxxxxx [mailto:owner-council@xxxxxxxxxxxxxx]
On Behalf Of Liz Gasster
Sent: Monday, February 25, 2008 8:27 PM
To: Council GNSO
Subject: [council] Report on public suggestions of further studies of
WHOIS



All,

You may recall that when the GNSO Council decided last October in LA to
terminate the pending PDP on WHOIS, you also decided to solicit public
opinions about the types of future studies that might be conducted on
WHOIS, to inform future policy development.  You may also recall that
the 31 October resolution asks staff to prepare a summary of the
submissions received (amended to request by February 25), and the
Council would then provide additional definition regarding potential
data gathering and study requirements.  Staff would then provide the
Council with rough cost estimates for various components of data
gathering and studies as requested by the Council.  Based on those cost
estimates, the Council will decide what data gathering and studies would
be pursued; and 4) staff will perform the resulting data gathering and
studies and report the results back to the Council.

The public comment period closed on 15 February, and attached is a
summary and analysis of the public comments we received (25 total) that
I've compiled with the considerable help of an expert consultant, Lorrie
Faith Cranor.  Dr. Cranor is a professor of computer science at Carnegie
Mellon U. and an expert researcher on Internet privacy, security and
related issues, and we are fortunate to have her expertise to review and
collate study suggestions.

 

As you consider next steps, I do want to point out that in the attached
summary, we have grouped proposed studies according to the following
topic areas: 

 

1.       WHOIS misuse 

2.       Compliance with data protection laws and registrar
accreditation agreements

3.       Availability of privacy services

4.       Demand and motivation for use of privacy services 

5.       Impact of WHOIS data protection on crime and abuse

6.       Proxy registrar compliance with law enforcement and dispute
resolution requests 

7.       WHOIS data accuracy

 

You may find it useful to first consider which of the groupings address
questions you think that having data about would inform the debate. Once
you have identified which questions you want to answer, then you could
focus on only those particular groupings and consider which study
approach (or combination of approaches) will best answer your questions.
In some cases Lorrie has indicated that the different studies answer
slightly different questions. In some cases she indicates that some of
the approaches are likely to give better data, or that some of the
approaches are likely to be less expensive.  When you think about the
fundamental questions asked by each grouping, you may find it more
useful to consider the questions asked by each grouping as follows:

 

1.       How big is the WHOIS misuse problem that may need to be solved?

2.       Is there a non-compliance with data protection laws problem
that needs to be solved?

3.       Are there already market-driven solutions available?

4.       Is there demand for market-driven solutions, and are they being
used for legitimate or illegitimate purposes?

5.       Do WHOIS data protections lead to abuse and misuse?

6.       Are provisions for providing protected WHOIS data to law
enforcement for investigation of crime and abuse effective?

7.       Is WHOIS data accurate?

 

I note also that several of the proposed studies are being recommended
to address questions of WHOIS accuracy and compliance and I have also
shared this summary with ICANN's compliance director and deputy general
counsel. They may have further views that we will share as appropriate.
Lastly, if you would find it useful, Dr. Cranor can be available to
participate in an upcoming call to discuss the report and answer
questions.  

 

Thanks, Liz