WHOIS Task Forces 1 2 310 May 2005 - Minutes ATTENDEES:
GNSO Constituency representatives:
Jordyn Buchanan - Chair
Registrars constituency - Ross Rader
Registrars constituency - Paul Stahura
gTLD Registries constituency - David Maher
Commercial and Business Users constituency - Marilyn Cade
Internet Service and Connectivity Providers constituency - Tony Harris
Internet Service and Connectivity Providers constituency - Greg Ruth
gTLD Registries constituency - Ken Stubbs
Intellectual Property Interests Constituency - Steve Metalitz
Intellectual Property Interests Constituency - Niklas Lagergren
Non Commercial Users Constituency - Milton Mueller
Non Commercial Users Constituency - Kathy Kleiman Liaisons
At-Large Advisory Committee (ALAC) liaisons - Wendy Seltzer
At-Large Advisory Committee (ALAC) liaisons - Bret Fausett - absent - apoloies ICANN Staff:
Maria Farrell Farrell - ICANN GNSO Policy Officer GNSO Secretariat - Glen de Saint Géry Absent:
Commercial and Business Users Constituency - David Fares -apologies
Commercial and Business Users Constituency - Sarah Deutsch - apologies
Registrars constituency - Tom Keller
Registrars constituency - Tim Ruiz - apologies
Non Commercial Users Constituency - Marc Schneiders
Non Commercial Users Constituency - Frannie Wellings
Internet Service and Connectivity Providers constituency - Maggie Mansourkia MP3 Recording
Preliminary Summary by Maria Farrell Jordyn Buchanan proposed the following agenda:
1. Minutes and Action Items
2. Tiered Access
3. Public comments on notification
4. Terms of Reference produced by Bruce Tonkin 1. Minutes and Action Items
Jordyn Buchanan commented on the role of the 3 documents:
1. The MP3 recording is posted very soon after the call
2. Maria Farrell posts an action summary intended to summarise the actions agreed upon plus a very high level context discussion which is not intended to be an ongoing record of the task force.
3. The minutes that summarise the call.
Marilyn Cade commended the staff for initiating the action summary, suggested renaming it to perhaps preliminary summary and that the actions be replicated in the minutes which would remind task force members of what was agreed to as actionable items.
Jordyn Buchanan stated that he was opposed to editing the action summary and to the point that people don’t agree with the minutes, then a caveat should be in the minutes.
He further commented that Maria would be take into account any lack of unanimity in the task force. Any constituency was free to respond to the action summary and record their statements on the mailing list in the archives.
Marilyn Cade stated that it was not clear from the minutes in several places where was work suggested, i.e. when Maria was going to research the WDPRS, the work assignments, how the feedback would come back into the task force. Secondly when reference was made to a document in the call, the appropriate link should be in the minutes. 1) Previous week’s ‘action point summary'
Decisions * ICANN staff & task force chair (i.e. Jordyn & Maria) will be especially careful in future to record only unanimously agreed actions and decisions as decisions of the task force.
* The ‘action point summary’ will be called a ‘preliminary summary’ from now on.
* Actions in the preliminary summary will state clearly how the actions will be presented back to the task force, e.g. if a report will be made to the list or on a future call.
* Actions in the preliminary summary will also be included in the minutes prepared by Glen, under the heading of the relevant agenda item.
* Staff will endeavour to include in the minutes urls to reports/websites/etc. referred to in the minutes.
* If participants disagree with the minutes, a caveat should be added to the minutes retrospectively. Actions * No specific actions, but the decisions will all be implemented in staff and chair’s official record-keeping from this point on. 2. Tiered Access Jordyn Buchanan referred to Tom Keller's draft statement from the registrar’s constituency and a proposal from Thomas Roessler from ALAC on a possible PKI based access model based broadly on the guidelines TF2 had suggested for tiered access.
In addition, there have been submissions from various tld operators
to the various approaches TLDs took with regards to limiting access to Whois data:
Stephan Welzel - Presenter - DENIC
Philip Colebrook - Presenter - Global Names Registry
Kim von Arx - Presenter - CIRA
Jonathan Nevett - Presenter - Networksolutions
Tim Ruiz - Presenter - Domains by Proxy
Martin Garthwaite - E-Nom .
Recently .name launched a beta version of the tiered access approach that had been incorporated into their contracts but not implemented till now.
There are a number of documented approaches to the problem.
It would be useful initially to look at the requirements and use cases and examine the various purposes of Whois so that the resulting policy proposals are based on identification and current requirements. Marilyn Cade stated that Whois is currently used by large and small businesses to:
- identify names to be used which might already be in use because a new product or service is being conceived
- to see what is in the market to avoid confusing customers or even to confuse customers
- because they’re introducing a competitive product
- to see what competitors are doing because that may affect the entry into the market. ..
- it is also used for trademark policing, phishing, trademark attacks, other kinds of attacks.
Internet service providers or other big companies operating their own networks use it for phishing or other kinds of network attacks. Both DNS Whois and IP whois is used
- on trademarks, they are looking for who is using the name, looking to see if a confusingly similar name or the same name is being used, to deal with infringement, customer confusion or to contact them. Mostly companies are avoiding customer confusion. Very small companies do their own trademark policing.
- someone, sometimes even the CEO looks at who is using the trademarks. The NetNanny example is well known where someone had used the name for access to child pornography.
Follow up can range from cease and desist to ‘hi, I’m interested in the name and am interested in purchasing it’. Jordyn Buchanan asked what sort of information the security department would be looking for in phishing.
Marilyn Cade responded that in her experience, one was encountering an attack on the network or a phising problem and one was looking for any means to take the site down, find the person and advise them that they are involved in the attack. The apparent culprit may be engaged in a drone problem, or may be a relay on spam. It is not always the first person contacted that ends up being the person responsible for the problem on the network. Often need more than one point of contact is needed in looking for the person. Phishing often starts at 6:00pm on Friday and runs through the weekend. Jordyn Buchanan summarised the objective in being either to take down the site or notify the person. Tony Harris commented that some of the ISPCP uses of Whois data were referenced in the constituency statements submitted to the Whois task force 1 on 27 April 2004
1. to research and verify domain registrants that could vicariously cause
liability for ISPs because of illegal, deceptive or infringing content.
The end goal is to initiate legal proceedings and to protect the isp for liability. 2. to prevent or detect sources of security attacks of their networks and
servers
Every element that can be traced should be available to the ISP 3. to identify sources of consumer fraud, spam and denial of service attacks
and incidents
4. to effectuate UDRP proceedings
5. to support technical operations of ISPs or network administrators in the case, for example, consumer fraud, Steve Metalitz referred to the Montreal meetings in June 2003, where companies used the Whois to manage their own portfolio of domain names. Expanding on domain names for sites where illegal activity was going on, e.g. trademark counterfeiting or copyright piracy, one source of information is to contact the registrar and the party responsible and in other cases to try to get the site taken down. It is not simply a question of identifying the registrant but the technical or admin contact contact has to be contacted to achieve the objectives.
Steve Metalitz referred to the work that had been done in the Whois task force 1 preliminary report where each constituency was asked the question. Jordyn Buchanan summarised that in illegal activities the objectives were to:
- contact the registrant
- contact the technical or admin contact
- find out who he domain name holder is.
- take the site down
- to initiate legal action Ken Stubbs commented that to a great extent the display of the data should be directly related to the nature of the owner. It should be incumbent on financial institutions, organizations that provided services and products to the public to provide more information for use by the public. In phishing cases sometimes the only way is to contact the financial institution itself and let them know what is going on and not necessarily through their website. Law enforcement agencies do not know how to deal with this. For individuals, there may be more of an obligation to stratify the information provided, but for institutions, there is an obligation to protect the customers
He went on to say that it would be difficult to justify the need of Whois for the registries other than maintain redundancy in the case of failure on the part of the registrar.
Marilyn Cade asked what the difference was between a thin and thick registry in policing a trademark .
Jordyn Buchanan explained that in com and net with a thin registry, there would be referral to the registrar while with the thick registries, the registrar still maintains the Whois data and all or much of the same data should be available from the registrar as from the registry, perhaps with the exception of .name. Wendy Seltzer added that it should be noted that other historical uses are finding people to harass them, or finding people who would like to remain private to serve frivolous notice and take down, finding people who thought they were hidden behind proxy services, and intimidating people and shutting down free speech.
Jordyn Buchanan explained that the current transfers policy allows the transfer to be authorized in one of 3 ways:
- to receive a confirmation from the email address listed by the registrant or the admin contact.
- a valid electronic signature,
- physical copy of the FOA that is supported by a notarized identity document Marilyn Cade noted the uses by law enforcement such as websites on protecting children online, the centre for missing and exploited children. Maneesha Mithal United States Federal Trade Commission gave a presentations in Montreal on law enforcement uses of Whois. It is also currently being used in a trans border crime investigation to do with drugs and other crimes. Kathy Kleiman seconded Wendy Seltzer saying that for all the reasons why Whois should be used there were reasons why it should not be available Jordyn Buchanan summarised:
- that a list of reasons for the use of Whois data had been articulated
- failings in the current whois implementation should be examined as a follow up on requirements around access to the data. 2 Information exchange on tiered access
Decisions
No decisions taken – agenda item was for information sharing only. Actions * Jordyn will prepare a list of follow-up topics on access to data and post them to the list.
* List participants to review the follow-up topics and prioritise them for future discussion. 3 Public comments on notification Two comments have been received so far. The deadline for public comments on notification is Thursday, 12 May 2005. The task force report and public comment forum are at; http://gnso.icann.org/issues/whois/whois-tf123-final-rpt-22apr05.shtml Maria will prepare the public comments report and circulate it as part of the Final Task Force Report on recommendations for improving notification and consent for the use of contact data in the Whois system by Monday, 16 May 2005 at the latest for discussion on the next task force call on Tuesday 17 May. Actions: * No new actions 4. Terms of Reference provided by Bruce Tonkin Milton Mueller stated that the NCUC would submit a formal set of amendments.
Some of them regarded clarification, e.g. in the first paragraph and how the current RAA defines the purpose of Whois, should be restructured for clarity.
The NCUC would want to define the primary goal of the task force differently, that is, as reconciling the Whois requirements of the RAA with the needs to ensure privacy protection for personal data of individuals who may be registered name holders or the administrative or technical contact for a domain name. The NCUC believes that it would be a clearer focus for the task force. With the statement "improve the effectiveness of the Whois service" the NCUC believes that it opens the door for modifications of all shapes and given the fact that the task force had been working on this for 2 years and had not produced anything a clearer focus was needed. The NCUC feels that the privacy issues should be resolved before there can be a coherent decision on accuracy. The NCUC has proposed that the first three tasks be retained in the terms of reference and the 4th task be deferred. Kathy Kleiman suggested, in the 2nd paragraph, the goals of the whois service, the goals to ensure privacy protection for the personal data of individuals should be expanded to replace" personal" with "sensitive" data of individuals and organizations and companies. The issue for the NCUC was that the non-profit organizations involved in human and civil rights, covered a variety of areas where one did not know where the physical person was but that the message being sent out should be that sensitive data of individuals, organizations and companies was protected under national law and under the United Nations declaration of human rights. Thus, personal data of individuals, should be changed to look at the sensitive data of individuals, organizations and companies. Jordyn Buchanan requested the task force to consider points in the terms of reference that had unanimous support of the task force to put forward to the Council Marilyn Cade suggested that the task force members post to the list which could be read out to the council and wanted to clarify if the task force thought that the work on tiered access could be placed in 3.
(3) Determine what WHOIS data elements should be available for public access that are needed to maintain the stability and security of the Internet. Determine how to access data that is not available for public access. The current elements that must be displayed by a registrar are: - The name of the Registered Name; - The names of the primary nameserver and secondary nameserver(s) for the Registered Name; - The identity of Registrar (which may be provided through Registrar's website); - The original creation date of the registration; - The expiration date of the registration; - The name and postal address of the Registered Name Holder; - The name, postal address, e-mail address, voice telephone number, and (where available) fax number of the technical contact for the Registered Name; and - The name, postal address, e-mail address, voice telephone number, and (where available) fax number of the administrative contact for the Registered Name. Ross Rader cautioned about using the paragraph as a placeholder for tiered access. That second sentence should include, a conclusion on tiered access. The most important part of that statement was first determining what should be made available. Jordyn Buchanan viewed the 3rd item as incorporating tiered access. Steve Metalitz asked whether the terms of reference the recommendations 1 and recommendation 2. Jordyn Buchanan did not think that they were incorporated. Marilyn Cade responding in her council role, commented that the terms of reference were intended to guide the work of the task force so would need to encompass the existing work. Ross Rader said that the task force needed clarification on:
- whether the terms of reference were new or revised as there was a different process for each.
- if they were new terms of reference for a new task force, the present task force would need to create a list of the outstanding work and consider the forward process, whether it would be handed to the new task force or put into a queue for future work.
- with regard to definitions, most of that work was picked up by the transfers task force under
definitions from Exhibit C of the Transfers Task force report as a starting point (from http://www.icann.org/gnso/transfers-tf/report-exhc-12feb03.htm): Jordyn Buchanan proposed:
- informing council that there was consensus in the task force suggesting that the ongoing work be included in the terms of reference
- requesting council to clarify if the terms of reference were to be considered new or revised
- add clarifying language referring to to the work of the transfers task force on the various contacts. 4 Summary Task Force terms of reference Participants with comments on the terms of reference were encouraged to send them to the list and Jordyn will summarise the feedback on the GNSO Council call on Thursday 12 May, 2005. Actions · Participants should email their positions on the terms of reference to the task force list. · Jordyn will make suggestions regarding the task force’s consensus views to the GNSO Council, ask that the Council clarifies whether the terms of reference are new or revised, and also ask for clarifying language to be added regarding the work of the transfers task force on the various contracts. · Maria will clip the definitions in Exhibit C and send to the list. Next call
17 May 2005
Discuss the draft final report and finalise it for sending to council. Jordyn Buchanan thanked everyone for their participation and the call ended at 16:45 CET | 