Dear Kathy and all, I did not forget, and promise you I will be posting our comments before the deadline (hear the nail-biting sound...). fraternal rgds --c.a. On Tue, 2004-06-15 at 09:56, [log in to unmask] wrote: > All: > Just a fast reminder about the deadline approaching (Thursday!) for > public comments to the 3 WHOIS Task Forces that have met for the last > six months. If you/your organization have time to do nothing else, > would you please consider comments supporting the privacy proposals in > the reports of TF1 and TF2? > > Frannie has made it easy, with a website at > http://www.thepublicvoice.org/take_action/default.html with key points > written by Milton (TF1) and Frannie (TF2), and the email address for > comments. Since I am a bit late posting my suggestions for comments, > I include them in text below. > > Even short comments would be great. Thursday end of day is the > deadline. > Regards and thanks, Kathy (TF2) > -------------------------------------------------------------------------------------------------- > TF2 Report: Some suggested points comments > ------------------------------------------------------------------------------------------------- > Overall, I think the TF2 Report is good -- pretty balanced and a good > presentation of our interests. Thus, for comments, I would suggest a > double strategy: praise the positive (to reinforce our issues) and > then criticize the negatives. An outline of key issues below. > > A. Highlight the positives. > 1. For the first time, an ICANN report highlights both the uses > of > WHOIS and the abuses of WHOIS data. We want to emphasize the abuses > and possible abuses of continuing an open directory with this data > (address, > phone and email) available to all. What are you organization's > concerns for > itself or its members regarding this data? (Please consider > mentioning your > own concerns, or those on behalf of human rights organizations, other > noncommercial organizations, and individuals). > > 2. For the first time, an ICANN report outlines the privacy laws > and freedom of expression protections in laws around the world > (Sections > 2.3 and 3.3/National Law, and first section of Appendix). Please > support > the report here. If you are in a country with comprehensive data > laws, > please talk about the human rights principles underlying your national > privacy laws. If you are in a country with free speech laws, please > write > about the importance of speaking privately and even anonymously, even > in > public dialogue. > > 3. We have a great recommendation: that "Registries and > Registrars should not have to violate local data protection laws in > order to > conform with WHOIS policy. If there is a conflict of law and WHOIS > policy, as process should be in place to allow for registrars to show > such > conflict and make appropriate changes needed for it to conform to the > respective local laws." (See 1.4, 2.3, and 3.3). Please support this > recommendation! > > B. Opportunity to comment and shape the work ahead: Tiered > Access > > > Background: The Registrars for a long time have proposed a Tiered > Access > system. While they agree that all personal data should not be public, > Registrars do not want to be involved in the day to day task of > screening all > the requests for domain name holders. Thus, they propose an automated > system for making personal data available to those who say they need > it. > This system is called Tiered Access ("TA"). TA is a series of gates > or > tiers. Still in formation, it is beginning to gain momentum. > Comments now > would be very timely and useful! [Sections 2.4, 2.5, 3.4, 3.5] > > 1. Support the concept of "Tier 1" -- that personal or sensitive > data > including address, phone and email for individuals, organizations and > even > companies (such as small business) *would not* be published on the > first > Tier and not available to all. (Note: 3.5 recommendation proposes > that a > registrant could choose to put all this data into the WHOIS directory, > but > that would be his/her/its choice). > > 2. Argue that "Tier 2" needs to be much better defined. > Registrars > call Tier 2 the place for "known users with known uses" to access > personal/sensitive domain name data. But what are the limits and > protections for domain name owners? These we must fight for. Please > think of your own ideas for protections against abuse, but here are > some of > mine: > A. Tier 2 should still not publish all the > personal/sensitive data. > Let it be name/email (ideally) or name/address > (alternatively). But not all the data. > > B. No unlimited access to the WHOIS database, even if > you > are the world's most famous intellectual property law firm. > Although you are a "known user," you should still not have > infinite access to the WHOIS personal data and database. > Searches should be one by one, and for each and every > access, the user (however famous) should enter a clear and > specific text reason for the legal problem being raised by > the > domain name and the legal reason for needing to contact the > domain name holder. This explanation must be sent to the > domain name holder. > > C. The system must provide *immediate notification by > email > to the domain name holder* whenever his/her/its > personal/sensitive data is released to any third party in > Tier > 2. Such immediate notification will allow domain name > holders to better protection themselves -- and flee if their > address (as a human rights organization, an abortion clinic, > or a woman with a stalking ex-spouse) has just been given > away. (Domain name holders should have the option to > "opt-out" of such immediate notification if their safety is > not > in danger, perhaps for a weekly listing.) > > 3. Support the concept of a Tier 3 that all the data is available > to > ICANN-accredited registrars and registries for technical purposes, > such as > domain name transfers. > > Thanks again! > Kathy -- ---------------- Carlos A. Afonso diretor de planejamento e estratégia Rits - Rede de Informações para o Terceiro Setor Rua Guilhermina Guinle 272 - sexto andar 22270-060 Rio de Janeiro BRASIL telefone +55-21-2527-5494 telefax +55-21-2527-5460 http://www.rits.org.br