Re: [registrars] Motion to Adopt: Whois Conflicts

[Thomas Keller <tom@xxxxxxxxxx>]

I endorse this motion.

Best,

tom


--

Thomas Keller

Domain Services
Schlund + Partner AG
Brauerstrasse 48         		Tel. +49-721-91374-534
76135 Karlsruhe, Germany               	Fax  +49-721-91374-215
http://www.schlund.de                  	tom@xxxxxxxxxx      

Am 11.07.2005 schrieb Ross Rader:
> I move that we adopt Bruce Tonkin's amendments to the Whois Task Force
> Recommendations on Avoiding Conflicts with National Law and that our
> Task Force and Council representatives advocate the adoption of this
> position in their respective meetings and discussions.
> 
> A text version of Bruce's amendments follow this motion. I have attached 
> PDF and RTF versions to this message.
> 
> Preamble:
> 
> Task Force 2 spent over a year collecting data and working on the
> conflict between a registrar/registry’s legal obligations under privacy
> laws and their contractual obligations to ICANN.  Its report included
> the statement:  “The Task Force believes that there is an ongoing risk
> of conflict between a registrar’s or registry’s legal obligations under
> local privacy laws and their contractual obligations to ICANN.  TF2
> Report, Section 2.3,
> http://www.gnso.icann.org/issues/whois-privacy/Whois-tf2-preliminary.html.
> 
> By vote of the Task Force, now merged, on May 24, 2005, the work of Task
>  Force 2 is hereby divided into a recommendation for “consensus policy”
> accompanied by “well-developed advice for a procedure.”
> 
> I.  Task Force Policy for WHOIS Conflicts with Privacy Law
> 
> Consensus Policy Recommendation
> 
> In order to facilitate reconciliation of any conflicts between
> local/national mandatory privacy laws or regulations and applicable
> provisions of the ICANN contract regarding the collection, display and
> distribution of personal data via Whois, ICANN should:
> 
> 1.  Develop and publicly document a procedure for dealing with the
> situation in which a registrar or registry can credibly demonstrate that
>  it is legally prevented by local/national privacy laws or regulations
> from fully complying with applicable provisions of its ICANN contract
> regarding the collection, display and distribution of personal data via
> WHOIS.
> 
> 2.  Create goals for the procedure which include:
> 
> 	a.  Ensuring that ICANN staff is informed of a conflict at the 
> 	earliest
> 
> appropriate juncture;
> 
> 	b.  Resolving the conflict, if possible, in a manner conducive to
> stability and uniformity of the Whois system;
> 
> 	c.  Providing a mechanism for the recognition, in appropriate
> circumstances where the conflict cannot be otherwise resolved, of an
> exception to contractual obligations for all registrars` with regard to
> collection, display and distribution of personally identifiable data via
>  Whois; and
> 
> 	d.  Preserving sufficient flexibility for ICANN staff to respond to
> particular factual situations as they arise.
> 
> 
> II.  Guidance on  Procedure
> 
> Well-Developed Advice on a Procedure for Handling WHOIS Conflicts
>   with Privacy Law
> 
> Based on extensive research and negotiation among Task Force 2 together
> with the merged Task Force and ICANN staff, the following procedure for
> handling the policy recommendation set out in Section I above is set out
>  as a Recommended
> Step-by-Step Procedure for Resolution of WHOIS Conflicts with Privacy
> Law.  We encourage ICANN staff to use this Recommended Procedure as a
> starting point for developing the procedure called for in the Consensus
> Policy Recommendation above.
> 
> 
> Step One: Notification of Initiation of Action
> 
> Once receiving notification of an investigation, litigation, regulatory
> proceeding or other government or civil action that might affect its
> compliance with the provisions of the RAA or other contractual agreement
>  with ICANN dealing with the collection, display or distribution of
> personally identifiable data via Whois (“Whois Proceeding”), a
> Registrar/ Registry must within thirty (30) days provide ICANN’s General
>  Counsel (or other staff member as designated by ICANN)1 with the
> following information:
> 
> Summary description of the nature and status of the action (e.g.,
> inquiry, investigation, litigation, threat of sanctions, etc.)
> Contact information for the responsible official of the
> registrar/registry for resolving the problem.
> Contact information for the responsible territorial government agency or
>  other claimant and a statement from the registrar/registry authorizing
> ICANN to communicate with those officials or claimants on the matter. If
>  the registrar/registry is prevented by applicable law from granting
> such  authorization, the notification should document this.
> The text of the applicable law or regulations upon which the local
> government or other claimant is basing its action or investigation, if
> such information has been indicated by the government or other claimant.
> 
> Meeting the notification requirement permits Registrars/Registries to
> participate in investigations and respond to court orders, regulations,
> or enforcement authorities in a manner and course deemed best by their
> counsel.
> 
> Depending on the specific circumstances of the Whois Proceeding, the
> Registrar/Registry may request that ICANN keep all correspondence
> between the parties confidential pending the outcome of the Whois
> Proceeding.  It is recommended that ICANN respond favorably to such
> requests to the extent that they can be accommodated with other legal
> responsibilities and basic principles of transparency applicable to
> ICANN operations.
> 
> Step Two: Consultation
> 
> Unless impractical under the circumstances, we recommend that the ICANN
> General Counsel, upon receipt and review of the notification and, where
> appropriate, dialogue with the registrar/registry, consider beginning a
> process of consultation with the local/national enforcement authorities
> or other claimant together with the registrar/registry.  The goal of the
>  consultation process should be to seek to resolve the problem in a
> manner that preserves the ability of the registrar/registry to comply
> with its contractual obligations to the greatest extent possible.
> 
> The Registrar should attempt to identify a solution that allows the
> registrar to meet the requirements of both the local law and ICANN
> obligations.  The General Counsel can assist in advising the registrar
> on whether the proposed solution meets the ICANN obligations.
> 
> If the Whois proceeding  ends without requiring any changes and/or the
> required changes in registrar/registry practice do not, in the opinion
> of the General Counsel, constitute a deviation from the R.A.A. or other
> contractual obligation , then the General Counsel and the
> registrar/registry need to take no further action.
> 
> If the registrar/registry is required by local law enforcement
> authorities or a court to make changes in its practices affecting
> compliance with Whois-related  contractual obligations before any
> consultation process can occur, the registrar/registry shall promptly
> notify the General Counsel of the changes made and the law/regulation
> upon which the action was based.   The Registrar/Registry may request
> that ICANN keep all correspondence between the parties confidential
> pending the outcome of the Whois Proceeding.   It is recommended that
> ICANN respond favorably to such requests to the extent that they can be
> accommodated with other legal responsibilities and basic principles of
> transparency applicable to ICANN operations.
> 
> 
> Step Three:  General Counsel analysis and recommendation
> 
> If the local/national government requires changes (whether before,
> during or after the consultation process described above)  that, in the
> opinion of the General Counsel, prevent full compliance with contractual
>  WHOIS obligations, ICANN should consider the following alternative to
> the normal enforcement procedure.  Under this alternative, ICANN would
> refrain, on a provisional basis, from taking enforcement action against
> the registrar/registry for non-compliance, while the General Counsel
> prepares a report and recommendation and submits it to the ICANN Board
> for a decision. Such a report may contain:
> 
> i.A summary of the law or regulation involved in the conflict;
> 
> ii.Specification of the part of the registry or registrar’s contractual
> WHOIS obligations with which full compliance if being prevented;
> iii.Summary of the consultation process if any under step two; and
> 
> iv.Recommendation of how the issue should be resolved, which may include
>  whether ICANN should provide an exception for all registrars/registries
>  from one or more identified WHOIS contractual provisions. The report
> should include a detailed justification of its recommendation, including
>  the anticipated impact on the operational stability, reliability,
> security, or global interoperability of the Internet's unique identifier
>  systems if the recommendation were to be approved or denied .
> 
> The registrar/registry should be provided a copy of the report and
> provided a reasonable opportunity to comment on it to the Board.  The
> Registrar/Registry may request that ICANN keep such report confidential
> prior to any resolution of the Board.  It is recommended that ICANN
> respond favorably to such requests to the extent that they can be
> accommodated with other legal responsibilities and basic principles of
> transparency applicable to ICANN operations.
> 
> 
> 
> Step Four:  Resolution
> 
> Keeping in the mind the anticipated impact on the operational stability,
>  reliability, security, or global interoperability of the Internet's
> unique identifier systems, the Board should consider and take
> appropriate action on the recommendations contained in the General
> Counsel’s report as soon as practicable.  Actions could include, but are
>  not limited to:
> 
> Approving or rejecting the report’s recommendations, with or without
> modifications;
> Scheduling a public comment period on the report; or
> Referring the report to GNSO for its review and comment by a date
> certain.
> 
> 
> 
> 
> Step Five:  Public Notice
> 
> 	The Board’s resolution of the issue, together with the General
> Counsel’s report, should ordinarily be made public, along with the
> reasons for it, and be archived on a public website (along with other
> related materials) for future research. Prior to release of such
> information to the public, the Registry/Registrar may request that
> certain information (including, but not limited to, communications
> between the Registry/Registrar and ICANN, or other
> privileged/confidential information) be redacted from the public notice.
> 
>   In the event that such redactions make it difficult to convey to the
> public the nature of the actions being taken by the Registry/Registrar,
> the General Counsel should work with the Registry/Registrar on an
> appropriate notice to the public describing the actions being taken and
> the justification for such actions.
> 
> Unless the Board decides otherwise, if the result of its resolution of
> the issue is that data elements in the registrar’s Whois output will be
> removed or made less accessible, ICANN should issue an appropriate
> notice to the public of the resolution and of the reasons for ICANN’s
> forbearance from enforcement of full compliance with the contractual
> provision in question.
> 
> 
> 




Gruss,

tom

(__)        
(OO)_____  
(oo)    /|\	A cow is not entirely full of
  | |--/ | *    milk some of it is hamburger!
  w w w  w