[dow3] COMMENTS TO TASK FORCE 3

[Privacy Ukraine <privacy@xxxxxxxxxx>]

COMMENTS TO TASK FORCE 3: IMPROVING ACCURACY OF COLLECTED DATA
(view description of work at http://gnso.icann.org/issues/whois-privacy/tor3.shtml)
 
Comment: The description of work for this Task Force incorrectly assumes that all information under all 
circumstances must be accurate.  There may be public policy reasons, including human rights concerns, 
that require exceptions to such a rule.  It is critical that the Task Force description of work be modified to 
include an evaluation of such situations.
 
Further, the description of work misinterprets the term "data quality" (a Principle of the 1980 OECD 
Privacy Guidelines, http://www1.oecd.org/publications/e-book/9302011E.PDF), and in doing so distorts and 
minimizes data quality protections.  The full definition of "data quality" must be included in this description 
of work, and its range of protections evaluated by this Task Force.
 
Proposed changes to Task Force 3 Description of Work:
 
1. Under Description of Task Force, after paragraph 3, add:
"The principle of data quality is: 'personal data should be relevant to the purposes for which they are to be 
used, and, to the extent necessary for those purposes, should be accurate, complete and kept 
up-to-date.'  OECD Principles, see, e.g., http://www.anu.edu.au/people/Roger.Clarke/DV/OECDPs.html.";
 
2.   Current Paragraph 4 (to follow insertion above), should then be modified to include the text in brackets 
below:
 
"The main issues associated with data quality include:
- [collection of personal data only relevant for the purposes for which they are being used];
- verification of data at the time of registration;
 - ongoing maintenance of data during the period of registration;
 - protecting against deliberate submission of false information [except in those situations where the 
globally available nature of the WHOIS data should require exceptions for public policy and human rights 
reasons.]
3.  To the Tasks/Milestones sections, we strongly recommend modifying the text of sections 2 and 4, to 
include the text in brackets below:
- "collect publicly available information on the techniques used by other online service providers (to verify 
that data collected is correct) as well as information on the price of services, offered by the online service 
provider [as well as information on the level of privacy protection accorded the data, including to whom 
and under what circumstances the data is provided];"
- "determine whether any changes are required in the contracts to specify what data verification is 
necessary at time of collection to improve accuracy [and what exceptions based on public policy and
human rights should be included].



Andriy Pazyuk
president, Privacy Ukraine NGO
www.internetrights.org.ua
privacy@xxxxxxxxxx