No Consensus for Whois-Without-Privacy
Date: Monday February 17 2003, @10:26AM
Topic: Privacy

Ruchika Agrawal, a non-commercial constituency representative on the WHOIS Task Force, has written a dissenting opinion to the WHOIS Task Force draft final report on "Accuracy and Bulk Access" that punted on privacy. This means it clearly is not a consensus report. Will ICANN spin it as one anyway?

Here's the text of the dissent:

Dear Co-Members of the WHOIS Task Force:

As a non-commercial constituency representative on the WHOIS Task Force, I am writing to express my dissenting opinion on the Task Force’s accuracy recommendation.

While I do not oppose accurate data per se, I do oppose the Task Force’s recommendation to enforce accuracy of WHOIS information when the Task Force has failed to adequately address privacy issues.  I also believe the Task Force final report fails to reflect several suggestions made by members to address this specific problem.  For this reason, the report cannot fairly be described as a “consensus” position.

The Task Force failed to recommend appropriate privacy safeguards for domain name registrants with reasonable and legitimate expectations of privacy and the Task Force failed to assess the misuses of WHOIS data.  The very existence of inaccurate data suggests that there are domain name registrants who do care to safeguard their privacy and prevent the misuse of their personally identifiable information.  Furthermore, a number of comments submitted to the WHOIS Task Force’s recommendations report raise privacy and data misuse issues that the WHOIS Task Force has effectively ignored: A number of privacy and data misuse issues have been expressed by way of comments to the Task Force’s interim and final reports as early as July 2002.  It is not clear what criteria the WHOIS Task Force is applying to suggest that accuracy of WHOIS data supersedes legitimate privacy interests. 

Moreover, the non-commercial constituency representatives expressed the need to address privacy protection: It is not clear why these points, which are central to the development of a sensible WHOIS policy, are being put off.  Proposing a “privacy issues report” is unresponsive.  Postponing privacy issues while enforcing accuracy also presents the unacceptable risk of privacy issues being dismissed or resolved unsatisfactorily (see http://gnso.icann.org/dnso/dnsocomments/comments-whois/Arc03/msg00004.html and http://gnso.icann.org/dnso/dnsocomments/comments-whois/Arc03/msg00006.html).  Minimally, enforcement of accuracy and insurance of privacy safeguards should be concurrent. 

The WHOIS Task Force is well aware of these issues, but has chosen not to address them. For this reason, I ask that my dissent be incorporated in the Final Report as a Minority Report. 

Sincerely,
Ruchika Agrawal
Non-Commercial Constituency
WHOIS Task Force

This discussion has been archived. No new comments can be posted.
No Consensus for Whois-Without-Privacy | Log in/Create an Account | Top | 1 comments | Search Discussion
Click this button to post a comment to this story
The options below will change how the comments display
Threshold:
Check box to change your default comment view
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Well, at least it's in the record...
by ldg on Monday February 17 2003, @04:54PM (#11176)
User #2935 Info | http://example.com/
Not that it will make much difference to ICANN.

As long as there is no assurance of privacy or limitations to bulk access, registrants concerned with the publication of their personal identifiable information will continue to provide inaccurate information. As Karl Auerbach put it, "Megan's law in reverse" is what we have. I wonder how many lives must be damaged before ICANN realizes that privacy must be protected. Will it take a class action? If so, I'd subscribe.

With the proliferation of SOHO's as well as those who are concerned with free speech issues, the need for privacy becomes even more urgent. There is no legitimate reason to violate privacy in a public database. In addition, even tech contact information should be limited to an email address that cannot be mined (format: [techcontact domain TLD]. Those with legitimate need for any information other than tech email and nameservers should have to prove that need (under specified guidelines) and obtain information by request to the registrar based on that registrar's legal jurisdiction. Other than law enforcement for criminal activity and court orders, what legitimate need is there? I, for one, am tired of being spammed and harrassed by phone at all hours of the day and night.
[ Reply to This | Parent ]




This article comes from ICANNWatch
http://www.icannwatch.org/

The URL for this story is:
http://www.icannwatch.org/article.pl?sid=03/02/17/1953213