RE: [registrars] RE: Call for Constituency statements on Whois tf 1/2 recommendations

["Bruce Tonkin" <Bruce.Tonkin@xxxxxxxxxxxxxxxxxx>]

Hello All,

The original titles of WHOIS TF1/2 were:

"Restricting access to WHOIS data for marketing purposes"

And

"Review of data collected and displayed" 

The recommendation relating to the display of a term of service doesn't
actually address either of the two problems.

Under the current arrangements, it is a term of service for obtaining a
domain name for the data to be collected and displayed.  It is one of
many terms of service.

I thought obtaining a registrant's consent may be helpful for some
registrars to meet their local laws with respect to privacy, but I have
been recently informed that where the consent is compulsory to acquire
the service - it is not really consent.

Many registrars seek explicit consent from registrants to receive other
marketing information.  This is optional and is not a term of service.
It makes sense to offer this choice explicitly.

It doesn't make sense that linking to an external web page should not be
sufficient for the WHOIS requirements, when it is sufficient for all
other terms of service.

It is standard industry practice to present privacy policies in a
separate webpage.

I would prefer the recommendation to be reworded as:

"Registrars must ensure that disclosures regarding availability and
third-party access to personal 
data associated with domain names actually be AVAILABLE to registrants
during the registration 
process."

In summary I see no point in seeking explicit consent to a term of the
registration agreement, until consent is actually an option.  Hopefully
with tiered access, a user could consent to be in the public data, with
the default being that the data is protected via some sort of access
control.

Regards,
Bruce Tonkin