RE: [registrars] Motion to Adopt: Whois Conflicts

["Bruce Tonkin" <Bruce.Tonkin@xxxxxxxxxxxxxxxxxx>]

Hello Ross,

I endorse the motion.

Regards,
Bruce


> -----Original Message-----
> From: owner-registrars@xxxxxxxxxxxxxx 
> [mailto:owner-registrars@xxxxxxxxxxxxxx] On Behalf Of Ross Wm. Rader
> Sent: Sunday, 17 July 2005 6:05 PM
> To: Ross Rader
> Cc: registrars@xxxxxxxx
> Subject: Re: [registrars] Motion to Adopt: Whois Conflicts
> 
> Registrars -
> 
> I hope everyone travelling had a safe return from our 
> meeting! It was great reconnecting with each of you.
> 
> I also require endorsements and/or amendments to this motion. 
> It is extremely important that we provide our task force 
> representatives with a clear indication of the consituencies 
> needs as it relates to this important issue.
> 
> If you do not agree with the text of this motion, please 
> forward an amendment to the list and we can discuss it - the 
> motion adopted for presentation to the task force does not 
> have to be this one, but it is important that we have one.
> 
> If you have any questions, please let me know.
> 
> 
> On 7/11/2005 10:34 AM Ross Rader noted that:
> > I move that we adopt Bruce Tonkin's amendments to the Whois 
> Task Force 
> > Recommendations on Avoiding Conflicts with National Law and 
> that our 
> > Task Force and Council representatives advocate the 
> adoption of this 
> > position in their respective meetings and discussions.
> > 
> > A text version of Bruce's amendments follow this motion. I have 
> > attached PDF and RTF versions to this message.
> > 
> > Preamble:
> > 
> > Task Force 2 spent over a year collecting data and working on the 
> > conflict between a registrar/registry's legal obligations under 
> > privacy laws and their contractual obligations to ICANN.  
> Its report 
> > included the statement:  "The Task Force believes that there is an 
> > ongoing risk of conflict between a registrar's or registry's legal 
> > obligations under local privacy laws and their contractual 
> obligations 
> > to ICANN.  TF2 Report, Section 2.3, 
> > 
> http://www.gnso.icann.org/issues/whois-privacy/Whois-tf2-preli
> minary.html.
> > 
> > By vote of the Task Force, now merged, on May 24, 2005, the work of 
> > Task  Force 2 is hereby divided into a recommendation for 
> "consensus policy"
> > accompanied by "well-developed advice for a procedure."
> > 
> > I.  Task Force Policy for WHOIS Conflicts with Privacy Law
> > 
> > Consensus Policy Recommendation
> > 
> > In order to facilitate reconciliation of any conflicts between 
> > local/national mandatory privacy laws or regulations and applicable 
> > provisions of the ICANN contract regarding the collection, 
> display and 
> > distribution of personal data via Whois, ICANN should:
> > 
> > 1.  Develop and publicly document a procedure for dealing with the 
> > situation in which a registrar or registry can credibly demonstrate 
> > that  it is legally prevented by local/national privacy laws or 
> > regulations from fully complying with applicable provisions of its 
> > ICANN contract regarding the collection, display and 
> distribution of 
> > personal data via WHOIS.
> > 
> > 2.  Create goals for the procedure which include:
> > 
> >     a.  Ensuring that ICANN staff is informed of a conflict at the 
> > earliest
> > 
> > appropriate juncture;
> > 
> >     b.  Resolving the conflict, if possible, in a manner 
> conducive to 
> > stability and uniformity of the Whois system;
> > 
> >     c.  Providing a mechanism for the recognition, in appropriate 
> > circumstances where the conflict cannot be otherwise 
> resolved, of an 
> > exception to contractual obligations for all registrars` 
> with regard 
> > to collection, display and distribution of personally identifiable 
> > data via  Whois; and
> > 
> >     d.  Preserving sufficient flexibility for ICANN staff 
> to respond 
> > to particular factual situations as they arise.
> > 
> > 
> > II.  Guidance on  Procedure
> > 
> > Well-Developed Advice on a Procedure for Handling WHOIS Conflicts
> >   with Privacy Law
> > 
> > Based on extensive research and negotiation among Task Force 2 
> > together with the merged Task Force and ICANN staff, the following 
> > procedure for handling the policy recommendation set out in 
> Section I 
> > above is set out  as a Recommended Step-by-Step Procedure for 
> > Resolution of WHOIS Conflicts with Privacy Law.  We encourage ICANN 
> > staff to use this Recommended Procedure as a starting point for 
> > developing the procedure called for in the Consensus Policy 
> > Recommendation above.
> > 
> > 
> > Step One: Notification of Initiation of Action
> > 
> > Once receiving notification of an investigation, litigation, 
> > regulatory proceeding or other government or civil action 
> that might 
> > affect its compliance with the provisions of the RAA or other 
> > contractual agreement  with ICANN dealing with the 
> collection, display 
> > or distribution of personally identifiable data via Whois ("Whois 
> > Proceeding"), a Registrar/ Registry must within thirty (30) days 
> > provide ICANN's General  Counsel (or other staff member as 
> designated 
> > by ICANN)1 with the following information:
> > 
> > Summary description of the nature and status of the action (e.g., 
> > inquiry, investigation, litigation, threat of sanctions, 
> etc.) Contact 
> > information for the responsible official of the 
> registrar/registry for 
> > resolving the problem.
> > Contact information for the responsible territorial 
> government agency 
> > or  other claimant and a statement from the registrar/registry 
> > authorizing ICANN to communicate with those officials or 
> claimants on 
> > the matter. If  the registrar/registry is prevented by 
> applicable law 
> > from granting such  authorization, the notification should 
> document this.
> > The text of the applicable law or regulations upon which the local 
> > government or other claimant is basing its action or 
> investigation, if 
> > such information has been indicated by the government or 
> other claimant.
> > 
> > Meeting the notification requirement permits 
> Registrars/Registries to 
> > participate in investigations and respond to court orders, 
> > regulations, or enforcement authorities in a manner and 
> course deemed 
> > best by their counsel.
> > 
> > Depending on the specific circumstances of the Whois 
> Proceeding, the 
> > Registrar/Registry may request that ICANN keep all correspondence 
> > between the parties confidential pending the outcome of the Whois 
> > Proceeding.  It is recommended that ICANN respond favorably to such 
> > requests to the extent that they can be accommodated with 
> other legal 
> > responsibilities and basic principles of transparency applicable to 
> > ICANN operations.
> > 
> > Step Two: Consultation
> > 
> > Unless impractical under the circumstances, we recommend that the 
> > ICANN General Counsel, upon receipt and review of the notification 
> > and, where appropriate, dialogue with the 
> registrar/registry, consider 
> > beginning a process of consultation with the local/national 
> > enforcement authorities or other claimant together with the 
> > registrar/registry.  The goal of the  consultation process 
> should be 
> > to seek to resolve the problem in a manner that preserves 
> the ability 
> > of the registrar/registry to comply with its contractual 
> obligations to the greatest extent possible.
> > 
> > The Registrar should attempt to identify a solution that allows the 
> > registrar to meet the requirements of both the local law and ICANN 
> > obligations.  The General Counsel can assist in advising 
> the registrar 
> > on whether the proposed solution meets the ICANN obligations.
> > 
> > If the Whois proceeding  ends without requiring any changes 
> and/or the 
> > required changes in registrar/registry practice do not, in 
> the opinion 
> > of the General Counsel, constitute a deviation from the R.A.A. or 
> > other contractual obligation , then the General Counsel and the 
> > registrar/registry need to take no further action.
> > 
> > If the registrar/registry is required by local law enforcement 
> > authorities or a court to make changes in its practices affecting 
> > compliance with Whois-related  contractual obligations before any 
> > consultation process can occur, the registrar/registry 
> shall promptly 
> > notify the General Counsel of the changes made and the 
> law/regulation
> > upon which the action was based.   The Registrar/Registry 
> may request
> > that ICANN keep all correspondence between the parties confidential
> > pending the outcome of the Whois Proceeding.   It is 
> recommended that
> > ICANN respond favorably to such requests to the extent that 
> they can 
> > be accommodated with other legal responsibilities and basic 
> principles 
> > of transparency applicable to ICANN operations.
> > 
> > 
> > Step Three:  General Counsel analysis and recommendation
> > 
> > If the local/national government requires changes (whether before, 
> > during or after the consultation process described above)  that, in 
> > the opinion of the General Counsel, prevent full compliance with 
> > contractual  WHOIS obligations, ICANN should consider the following 
> > alternative to the normal enforcement procedure.  Under this 
> > alternative, ICANN would refrain, on a provisional basis, 
> from taking 
> > enforcement action against the registrar/registry for 
> non-compliance, 
> > while the General Counsel prepares a report and recommendation and 
> > submits it to the ICANN Board for a decision. Such a report 
> may contain:
> > 
> > i.A summary of the law or regulation involved in the conflict;
> > 
> > ii.Specification of the part of the registry or registrar's 
> > contractual WHOIS obligations with which full compliance if being 
> > prevented; iii.Summary of the consultation process if any 
> under step 
> > two; and
> > 
> > iv.Recommendation of how the issue should be resolved, which may 
> > include  whether ICANN should provide an exception for all 
> > registrars/registries  from one or more identified WHOIS 
> contractual 
> > provisions. The report should include a detailed 
> justification of its 
> > recommendation, including  the anticipated impact on the 
> operational 
> > stability, reliability, security, or global interoperability of the 
> > Internet's unique identifier  systems if the recommendation 
> were to be approved or denied .
> > 
> > The registrar/registry should be provided a copy of the report and 
> > provided a reasonable opportunity to comment on it to the 
> Board.  The 
> > Registrar/Registry may request that ICANN keep such report 
> > confidential prior to any resolution of the Board.  It is 
> recommended 
> > that ICANN respond favorably to such requests to the extent 
> that they 
> > can be accommodated with other legal responsibilities and basic 
> > principles of transparency applicable to ICANN operations.
> > 
> > 
> > 
> > Step Four:  Resolution
> > 
> > Keeping in the mind the anticipated impact on the operational 
> > stability,  reliability, security, or global 
> interoperability of the 
> > Internet's unique identifier systems, the Board should consider and 
> > take appropriate action on the recommendations contained in the 
> > General Counsel's report as soon as practicable.  Actions could 
> > include, but are  not limited to:
> > 
> > Approving or rejecting the report's recommendations, with 
> or without 
> > modifications; Scheduling a public comment period on the report; or 
> > Referring the report to GNSO for its review and comment by a date 
> > certain.
> > 
> > 
> > 
> > 
> > Step Five:  Public Notice
> > 
> >     The Board's resolution of the issue, together with the General 
> > Counsel's report, should ordinarily be made public, along with the 
> > reasons for it, and be archived on a public website (along 
> with other 
> > related materials) for future research. Prior to release of such 
> > information to the public, the Registry/Registrar may request that 
> > certain information (including, but not limited to, communications 
> > between the Registry/Registrar and ICANN, or other 
> > privileged/confidential information) be redacted from the 
> public notice.
> > 
> >   In the event that such redactions make it difficult to 
> convey to the 
> > public the nature of the actions being taken by the 
> > Registry/Registrar, the General Counsel should work with the 
> > Registry/Registrar on an appropriate notice to the public 
> describing 
> > the actions being taken and the justification for such actions.
> > 
> > Unless the Board decides otherwise, if the result of its 
> resolution of 
> > the issue is that data elements in the registrar's Whois 
> output will 
> > be removed or made less accessible, ICANN should issue an 
> appropriate 
> > notice to the public of the resolution and of the reasons 
> for ICANN's 
> > forbearance from enforcement of full compliance with the 
> contractual 
> > provision in question.
> > 
> > 
> 
> 
> --
> Regards,
> 
> 
> 	-rwr
> 
> 
> 
> 
> 
> 
> "In the modern world the intelligence of public opinion is the one 
> indispensable condition for social progress."
> 	- Charles W. Eliot (1834 - 1926)
>