We have to provide the 5 top priority whois issues to the GNSO Council by Sept, 15. I would propose the following:
Proposed: Questions 1, 3, 5, 13, 18
Make comments in agreement or disagreement soon.
Philosophy: We should focus on data collection. Collection is most important to ordinary noncommercial and individual users. Issues of how the data are accessed or used are secondary, because if sensitive data is not there, data access won't do any harm. Assuming that we can't get what we want in the collection arena, we should also push for consideration of Question 13, which is what the registrars and registries refer to as "tiered access." This might allow us to create differentiation in the access provided to law enforcement for legitimate purposes and the access provided to anyone. Here, I followed Marc's advice to substitute 13 for 15.
Here is a list of the questions and some commentary:
Question #1. Should the elements of data that registrars are required to collect at the time of registration of a domain name be revised? (See Registrar Accreditation Agreement (RAA) § 3.2.)
Our suggested answer: Yes, there are many forms of data that are not needed for stable technical operation of the network. Users should not be required to supply it.
Question #3 Should all registrants, or certain classes of registrants (see Issue 18 below), be afforded the option of not providing some or all elements that
registrars are required to collect and, if so, which elements?
Our suggested answer: Yes.
Question #18 Should certain types of registrants (e.g., those using domains for political and similar activities) be exempt from the usual requirements to provide data, or to have it available in Whois? How should the eligibility of particular registrants for these exemptions be determined? Are measures required to address the possibility of abuses in the classification procedure?
Sugested answer: Yes, as a compromise
Question #5 Are the current requirements that registrars make disclosures to, and obtain consent by, registrants concerning the uses of collected data adequate and appropriate? (See RAA §§ 3.7.7.4 to 3.7.7.6.)
Our suggested answer: No, they are inadequate, Use of private whois data should be disclosed.
Question #13. Should access to data be differentiated based on the party receiving access, or based on the use to which the data will be put? If so, how should differentiated access be implemented and how should the cost of differentiation be funded?
Suggested answer: Yes, access shoul dbe differentiated. Need to discuss implementation issues.
|