RE: [registrars] RE: Call for Constituency statements on Whois tf 1/2 recommendations

["Bhavin Turakhia" <bhavin.t@xxxxxxxxxxxxxx>]

It has my endorsement

Best Regards
Bhavin Turakhia
Founder, CEO and Chairman
DirectI
--------------------------------------
http://www.directi.com
Direct Line: +91 (22) 5679 7600
Direct Fax: +91 (22) 5679 7510
Board Line (USA): +1 (415) 240 4172 ext 7600
Board Line (India): +91 (22) 5679 7500 ext 7600
--------------------------------------  

> -----Original Message-----
> From: owner-registrars@xxxxxxxxxxxxxx 
> [mailto:owner-registrars@xxxxxxxxxxxxxx] On Behalf Of Tim Ruiz
> Sent: Wednesday, January 19, 2005 7:46 PM
> To: Bruce Tonkin
> Cc: registrars@xxxxxxxx; ross@xxxxxxxxxx
> Subject: RE: [registrars] RE: Call for Constituency 
> statements on Whois tf 1/2 recommendations
> 
> Bruce,
> 
> I take your comments as a friendly amendment. The motion so 
> amended follows below.
> 
> MEMBERS PLEASE NOTE: There are two endorsements to this 
> motion, it needs three more endorsements for a total of five. 
> Bruce, with your friendly amendment now included, does it 
> have your endorsement?
> 
> Tim
> 
> 
> <MOTION>
> The Registrar Constituency position is that these 
> recommendations are over-reaching, unrealistic and inappropriate.
> 
> Specifically...
> 
> RE: 1. Registrars must ensure that disclosures regarding 
> availability and third-party access to personal data 
> associated with domain names actually be presented to 
> registrants during the registration process. 
> Linking to an external web page is not sufficient.
> 
> It is inappropriate to view the registration exercise as a 
> policy education process. It is a registration process and 
> should be as simple, straightforward and unburdened as 
> possible for registrants to conclude. The current trend to 
> "cram" all sorts of notices, and prescribe the method of 
> notification, into the registration process interferes with 
> the potential simplicity of this process.
> 
> Furthermore, presenting anything to the registrant during the 
> registration process is an entirely new obligation that would 
> require many registrars to completely re-establish their 
> method of registration.
> For wholesale registrars, this represents a highly onerous burden.
> 
> Lastly, this recommendation is highly unclear. What is a 
> disclossure regarding availability? Availability of what? 
> This should be defined.
> 
> This recommendation would be acceptable in the following form 
> (with the potential to include a reference to "availability" 
> if agreeable clarification is forthcoming);
> 
> 1. Registrars must ensure that disclosures regarding 
> availability and third-party access to personal data 
> associated with domain names actually be AVAILABLE to 
> registrants during the registration process.
> 
> RE: 2. Registrars must ensure that these disclosures are set 
> aside from other provisions of the registration agreement if 
> they are presented to registrants together with that 
> agreement.  Alternatively, registrars may present data access 
> disclosures separate from the registration agreement. The 
> wording of the notice provided by registrars should, to the 
> extent feasible, be uniform.
> 
> Prescribing the form and scope of my legal agreeements with 
> my registrants is inappropriate and without precedent under 
> current agreements. This entire clause should be removed from 
> the recommendations.
> 
> RE: 3. Registrars must obtain a separate acknowledgement from 
> registrars that they have read and understand these 
> disclosures.  This provision does not affect registrars' 
> existing obligations to obtain registrant consent to the use 
> of their contact information in the WHOIS system.
> 
> Presumably, this was intended to read "acknowledgement from 
> Registrants that...", nonetheless requiring separate 
> acknowledgement is an unworkable condition that cannot be 
> practically implemented in the current environment. Today, a 
> Registrar is required to bind a Registrant to a series of 
> obligations. It is a well known fact that customers do not 
> read point-of-sale agreements. This is especially true of 
> click-wrap agreements. Ascertaining whether or not a 
> Registrant has read and understands those obligations is 
> beyond the scope of existing registration processes.
> 
> It is really only appropriate to obtain a Registrants 
> agreement that their data will be included in the Whois and 
> make this a condition of registration in a fashion similar to 
> the other terms a Registrant must agree to prior to 
> undertaking a registration.
> 
> Since this is already required in the current RAA in 
> sub-sections 3.7.7.4, 3.7.7.5, and 3.7.7.6, this 
> recommendation should be removed from the Task Force recommendations.
> </MOTION>
> 
>  
> -------- Original Message --------
> Subject: RE: [registrars] RE: Call for Constituency 
> statements on Whois tf 1/2 recommendations
> From: "Bruce Tonkin" <Bruce.Tonkin@xxxxxxxxxxxxxxxxxx>
> Date: Sun, January 09, 2005 8:58 pm
> To: "Tim Ruiz" <tim@xxxxxxxxxxx>, ross@xxxxxxxxxx
> Cc: registrars@xxxxxxxx
> 
> Hello All,
> 
> The original titles of WHOIS TF1/2 were:
> 
> "Restricting access to WHOIS data for marketing purposes"
> 
> And
> 
> "Review of data collected and displayed" 
> 
> The recommendation relating to the display of a term of 
> service doesn't actually address either of the two problems.
> 
> Under the current arrangements, it is a term of service for 
> obtaining a domain name for the data to be collected and 
> displayed.  It is one of many terms of service.
> 
> I thought obtaining a registrant's consent may be helpful for 
> some registrars to meet their local laws with respect to 
> privacy, but I have been recently informed that where the 
> consent is compulsory to acquire the service - it is not 
> really consent.
> 
> Many registrars seek explicit consent from registrants to 
> receive other marketing information.  This is optional and is 
> not a term of service.
> It makes sense to offer this choice explicitly.
> 
> It doesn't make sense that linking to an external web page 
> should not be sufficient for the WHOIS requirements, when it 
> is sufficient for all other terms of service.
> 
> It is standard industry practice to present privacy policies 
> in a separate webpage.
> 
> I would prefer the recommendation to be reworded as:
> 
> "Registrars must ensure that disclosures regarding 
> availability and third-party access to personal data 
> associated with domain names actually be AVAILABLE to 
> registrants during the registration process."
> 
> In summary I see no point in seeking explicit consent to a 
> term of the registration agreement, until consent is actually 
> an option.  Hopefully with tiered access, a user could 
> consent to be in the public data, with the default being that 
> the data is protected via some sort of access control.
> 
> Regards,
> Bruce Tonkin 
> 
>