Milton, thanks. I think you're suggesting the right approach.
Issues like data mining are important, but as you say, secondary to
basic issues of what data should be collected (minimum) and then what
should be publicly available (less!) Important also to be in line
with national laws, not much point going through the whole exercise
then finding it won't work in Europe.
ALAC seems to have similar ideas.
<http://forum.icann.org/mail-archive/alac/msg00379.html> (Draft)
As the staff report note, issues are very interlinked. Might be
sensible to take the first 5 "Issues Concerning Data Collection" as a
block.
Thanks,
Adam
>We have to provide the 5 top priority whois issues to the GNSO
>Council by Sept, 15. I would propose the following:
>
>Proposed: Questions 1, 3, 5, 13, 18
>
>Make comments in agreement or disagreement soon.
>
>Philosophy: We should focus on data collection. Collection is most
>important to ordinary noncommercial and individual users. Issues of
>how the data are accessed or used are secondary, because if
>sensitive data is not there, data access won't do any harm. Assuming
>that we can't get what we want in the collection arena, we should
>also push for consideration of Question 13, which is what the
>registrars and registries refer to as "tiered access." This might
>allow us to create differentiation in the access provided to law
>enforcement for legitimate purposes and the access provided to
>anyone. Here, I followed Marc's advice to substitute 13 for 15.
>
>Here is a list of the questions and some commentary:
>
>Question #1. Should the elements of data that registrars are
>required to collect at the time of registration of a domain name be
>revised? (See Registrar Accreditation Agreement (RAA) § 3.2.)
>Our suggested answer: Yes, there are many forms of data that are not
>needed for stable technical operation of the network. Users should
>not be required to supply it.
>
>Question #3 Should all registrants, or certain classes of
>registrants (see Issue 18 below), be afforded the option of not
>providing some or all elements that
>registrars are required to collect and, if so, which elements?
>Our suggested answer: Yes.
>
>Question #18 Should certain types of registrants (e.g., those using
>domains for political and similar activities) be exempt from the
>usual requirements to provide data, or to have it available in
>Whois? How should the eligibility of particular registrants for
>these exemptions be determined? Are measures required to address the
>possibility of abuses in the classification procedure?
>Sugested answer: Yes, as a compromise
>
>Question #5 Are the current requirements that registrars make
>disclosures to, and obtain consent by, registrants concerning the
>uses of collected data adequate and appropriate? (See RAA §§ 3.7.7.4
>to 3.7.7.6.)
>Our suggested answer: No, they are inadequate, Use of private whois
>data should be disclosed.
>
>Question #13. Should access to data be differentiated based on the
>party receiving access, or based on the use to which the data will
>be put? If so, how should differentiated access be implemented and
>how should the cost of differentiation be funded?
>Suggested answer: Yes, access shoul dbe differentiated. Need to
>discuss implementation issues.
--
|