No Consensus for Whois-Without-Privacy
Date: Monday February 17 2003, @09:26AM
Ruchika Agrawal, a non-commercial constituency representative on the WHOIS Task Force, has written a dissenting opinion to the WHOIS Task Force draft final report on "Accuracy and Bulk Access" that punted on privacy. This means it clearly is not a consensus report. Will ICANN spin it as one anyway?
Here's the text of the dissent:
Dear Co-Members of the WHOIS Task Force:
As a non-commercial constituency representative on the WHOIS Task Force,
I am writing to express my dissenting opinion on the Task Force’s
While I do not oppose accurate data per se, I do oppose the Task Force’s
recommendation to enforce accuracy of WHOIS information when the Task
Force has failed to adequately address privacy issues. I also
believe the Task Force final report fails to reflect several suggestions
made by members to address this specific problem. For this reason,
the report cannot fairly be described as a “consensus”
The Task Force failed to recommend appropriate privacy safeguards for
domain name registrants with reasonable and legitimate expectations of
privacy and the Task Force failed to assess the misuses of WHOIS
data. The very existence of inaccurate data suggests that there are
domain name registrants who do care to safeguard their privacy and
prevent the misuse of their personally identifiable information.
Furthermore, a number of comments submitted to the WHOIS Task Force’s
recommendations report raise privacy and data misuse issues that the
WHOIS Task Force has effectively ignored:
A number of privacy and data misuse issues have been expressed by
way of comments to the Task Force’s interim and final reports as early as
July 2002. It is not clear what criteria the WHOIS Task Force is
applying to suggest that accuracy of WHOIS data supersedes legitimate
Moreover, the non-commercial constituency representatives expressed the
need to address privacy protection:
It is not clear why these points, which are central to the
development of a sensible WHOIS policy, are being put off.
Proposing a “privacy issues report” is unresponsive. Postponing
privacy issues while enforcing accuracy also presents the unacceptable
risk of privacy issues being dismissed or resolved unsatisfactorily (see
and http://gnso.icann.org/dnso/dnsocomments/comments-whois/Arc03/msg00006.html). Minimally, enforcement of accuracy and insurance of privacy safeguards should be concurrent.
to postings discussing privacy issues, legitimate reasons for concealing
identity, free speech, etc. for the 2001 Congressional Hearings on
WHOIS/Accuracy (1 Jun 2002,
whois database as a case study of WHOIS privacy issues (14 Jun 2002,
European Commission’s views on the compliance of the .name registration
agreement with EU privacy laws, which also has implications on
.com/.org/.net WHOIS (4 Sep 2002,
privacy issues including consumer protection, expectation of privacy,
etc. (30 Sep 2002,
clear why the WHOIS Task Force is moving forward with accuracy when
privacy issues have not been adequately addressed (30 Dec 2002, lunch
meeting between myself and WHOIS co-chair Marilyn
clear why the WHOIS Task Force is talking about uniformity and accuracy
without having completely addressed accessibility issues and request
for a plan, or a strategy, and a time line to resolve
accessibility issues (04 Jan 2003,
privacy guidelines in the context of the Registrar Accreditation
Agreement (7 Jan 2003, GNSO WHOIS Task Force Teleconference).
The WHOIS Task Force is well aware of these issues, but has chosen not to address them. For this reason, I ask that my dissent be incorporated in the Final Report as a Minority Report.
WHOIS Task Force
This discussion has been archived.
No new comments can be posted.
No Consensus for Whois-Without-Privacy
Log in/Create an Account
| 1 comments
The Fine Print:
The following comments are owned by whoever posted them.
We are not responsible for them in any way.
Not that it will make much difference to ICANN.
As long as there is no assurance of privacy or limitations to bulk access, registrants concerned with the publication of their personal identifiable information will continue to provide inaccurate information. As Karl Auerbach put it, "Megan's law in reverse" is what we have. I wonder how many lives must be damaged before ICANN realizes that privacy must be protected. Will it take a class action? If so, I'd subscribe.
With the proliferation of SOHO's as well as those who are concerned with free speech issues, the need for privacy becomes even more urgent. There is no legitimate reason to violate privacy in a public database. In addition, even tech contact information should be limited to an email address that cannot be mined (format: [techcontact domain TLD]. Those with legitimate need for any information other than tech email and nameservers should have to prove that need (under specified guidelines) and obtain information by request to the registrar based on that registrar's legal jurisdiction. Other than law enforcement for criminal activity and court orders, what legitimate need is there? I, for one, am tired of being spammed and harrassed by phone at all hours of the day and night.
[ Reply to This | Parent