thanks for all the substantive work! Great for NCSG, great for best practices. Gracias, Ginger Ginger (Virginia) Paque [log in to unmask] Diplo Foundation Internet Governance Capacity Building Programme www.diplomacy.edu/ig *The latest from Diplo....*From the fundamentals of diplomacy to the most exciting new trends: check our three online courses starting in May 2012: *Bilateral Diplomacy*, *Diplomacy of Small States*, and *E-diplomacy*. Apply now to reserve your place: http://www.diplomacy.edu/courses** On 16 March 2012 14:28, Nicolas Adam <[log in to unmask]> wrote: > Amazing work. > > Nicolas > > On 16/03/2012 11:20 AM, Maria Farrell wrote: > > I also support submitting. (Well, I would, wouldn't I!) > > Maria > > On 15 March 2012 19:15, Robin Gross <[log in to unmask]> wrote: > >> GreAt. Thank you very much. Let's submit. >> >> Robin >> >> On Mar 15, 2012, at 6:31 PM, Wendy Seltzer <[log in to unmask]> wrote: >> >> > Thanks very much to Maria and Joy for contributions to this, proposed >> > comments for the WHOIS RT. Comments are due March 18, but I'd like to >> > send them before leaving tomorrow, if possible. >> > <http://www.icann.org/en/news/announcements/announcement-05dec11-en.htm >> > >> > >> > We would like to commend the general readability of the report. WHOIS >> > has become a very complex issue, and presenting it so clearly and >> > accessibly facilitates participation in both this consultation process >> > and participation more generally. We particularly appreciate the hard >> > work of collecting the WHOIS policies from the various places where >> > they reside. >> > >> > High-level recommendations: >> > >> > The report should explicitly recommend that WHOIS policy recognize >> > that registrants, both individual and organizations, commercial and >> > non-commercial, have a legitimate interest in, *and in many >> jurisdictions >> > the legal right to, the privacy of their personal data*. >> > >> > In the normative discussion, privacy should be given equivalent emphasis >> > to accuracy. *It would be instructive in this regard to reference the >> > OECD privacy guidelines, agreed to by all OECD member countries with >> input >> > from business and civil society. Data accuracy (or 'quality') is >> considered >> > by OECD members to be of equal importance to purpose specification, use >> > limitation and security safeguards, none of which factors are supported >> by >> > Whois as it currently operates. (OECD Guideline reference: >> > >> http://www.oecd.org/document/18/0,3343,en_2649_34255_1815186_1_1_1_1,00.html >> > ) * >> > >> > It is as important that registrants have privacy as that >> > their data be accurately recorded. At the moment, the report appears, >> > from its emphasis on access and accuracy, to discount those privacy >> > concerns *that are accepted by all OECD member states and participating >> > business and civil society actors as having equal importance.* >> > >> > >> > Section F. Findings >> > >> > The brief ‘tour de table’ provides useful background reading, but >> > *should* include >> > reference to the fact that ICANN’s Whois policies are >> > incompatible with the OECD privacy guidelines and also applicable >> national >> > laws in many countries, including >> > member states of the European Union.*The European Union's Article 29 >> > Working Party of national data protection officers provided specific >> input >> > to ICANN's 2003 Montreal meeting regarding the many ways gTLD Whois >> > breaches EU law. These included the lack of definition of a purpose of >> > Whois, lack of use limitation, misuse of Whois data by third parties and >> > the disproportionality of the publication of personal data. The Article >> 29 >> > Working Party concluded that "there is no legal ground justifying the >> > mandatory publication of personal data referring to this person. (the >> > registrant)". * >> > >> > *(Article 29 WP reference: Opinion 2/2003 on the application of the data >> > protection principles* >> > >> > *to the Whois directories * >> > >> http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2003/wp76_en.pdf >> ) >> > >> > *It is very concerning that the findings of the Whois Review Team do not >> > consider the glaring fact of the illegality of gTLD Whois requirements >> in >> > many jurisdictions, and the incompatibility of Whois as it currently >> stands >> > with the only internationally accepted guidelines on data privacy. * >> > >> > >> > Section G. Recommendations >> > >> > 1. Single Whois Policy - "The Board should oversee the creation of a >> > single Whois policy document." >> > >> > We welcome the call for a single Whois policy that sets out the >> > requirements, globally and facilitates registrants who wish to consult >> > those requirements. Whois ‘policy’ is currently inferred from registry >> > and registrar contracts.* A single Whois policy should be compatible >> with >> > the internationally accepted OECD privacy guidelines, in respect of a >> > statement of purpose for the use of data, use limitation, data accuracy >> and >> > appropriate security safeguards for personal data.* However, gTLD policy >> > development is the >> > responsibility of the GNSO, not the Board (until the final stages), >> > and needs to be developed through the bottom up process, with the >> > cooperation of the multiple stakeholders affected. >> > >> > 3 - "Make Whois a Strategic Priority" >> > >> > Change "Strategic Priority" to "Strategic Consideration." As the >> > review team was focused only on WHOIS, it was in no position to >> > analyze the tradeoffs involved in setting global priorities. Many >> > items on ICANN's policy agenda *may be considered* more worthy of the >> > community's >> > limited time and attention. *The appropriate process for the community >> to >> > prioritize issues such as Whois is via the Strategic Plan.* No evidence >> > is offered in this report to support prioritizing >> > WHOIS o*ver other issues of importance to the community as a whole.* >> > >> > 5 - Data Accuracy - As many law enforcement comments in the report >> > suggest, contactability is more important than "accuracy." Separation >> > of the contact details from the public display could enhance the >> > accuracy of the contact details available to appropriately qualified >> > requesters. >> > >> > 10-16. "Data Access: Privacy and Proxy Services." >> > >> > The recommendations should explicitly acknowledge the importance of >> > privacy and proxy services in providing options to legitimate Internet >> > users to preserve their privacy. National laws in the United States, >> > for example, recognize privacy interests not only for individuals, but >> > for associations. The report further documents the legitimate >> > interests of even commercial Internet users in private domain name >> > registrations. >> > * In relation to the references to national legislation: it is >> > important to note that this reference may be problematic if national >> > legislation violates international human rights standards, for example, >> > relating to freedom of expression (see the citation of this report >> below). >> > * Freedom of association: proxy registration services can support >> the >> > rights of human rights defenders to carry out lawful activity without >> > persecution. Threats to registrants include surveillance of registrants >> > through use of information which is accessed via WHOIS data - >> continuing to >> > expand the nature of information held in WHOIS will only heighten the >> > safety >> > concerns of human rights defenders. In addition, just in time attacks on >> > websites of civil society organisations have been used to disrupt lawful >> > activity and democratic participation in a number of countries: see >> > Deibert, >> > R., Palfrey, J., Rohozinski, R. & Zittrain, J. (Eds.) (2011). Access >> > Controlled: The Shaping of Power, Rights, and Rule in Cyberspace. MIT >> > Press. >> > * Governments whose legislation is in violation of these rights >> > should >> > not be able to rely on such laws when requesting WHOIS data access and >> > proxy >> > information. It would be unreasonable to require Registrars to carry >> out an >> > additional analysis. Other options include: >> > (1) Provide that LEA WHOIS data requests may be refused where there >> are >> > reasonable grounds to believe that such requests may violate >> *registrants' >> > * >> > rights of freedom of expression or freedom of association >> > (2) Require LEA to verify that national laws comply with human >> rights >> > standards >> > (3) Require LEA to verify that WHOIS requests do not violate >> > international human rights standards >> > >> >> >> > 17 - Data access - "ICANN should set up a dedicated, multilingual >> > interface website to provide thick Whois data for" COM and NET, who >> > have thin whois. This is subject to existing policy and policy-making >> > by the GNSO. It is inappropriate for the Review Team to intervene at >> > this level of detail into the GNSO policy process, *and in a way that >> > privileges certain substantive outcomes over others.* >> > >> > >> > Section E. Work of this RT >> > >> > A factual point. There is only one Chatham House rule, so the statement >> > referring to it should use the singular. >> > >> > Freedom of Expression References: >> > >> > As noted by the UN Special Rapporteur on Freedom of Opinion and >> Expression >> > in his annual report of 2011: >> > >> > 23. The vast potential and benefits of the Internet >> are >> > rooted in its unique characteristics, such as its speed, worldwide reach >> > and >> > relative anonymity. At the same time, these distinctive features of the >> > Internet that enable individuals to disseminate information in "real >> time" >> > and to mobilize people has also created fear amongst Governments and the >> > powerful. This has led to increased restrictions on the Internet through >> > the >> > use of increasingly sophisticated technologies to block content, monitor >> > and >> > identify activists and critics, criminalization of legitimate >> expression, >> > and adoption of restrictive legislation to justify such measures. In >> this >> > regard, the Special Rapporteur also emphasizes that the existing >> > international human rights standards, in particular article 19, >> paragraph 3 >> > of the ICCPR, remain pertinent in determining the types of restrictions >> > that >> > are in breach of States' obligations to guarantee the right to freedom >> of >> > expression. >> > 24. As set out in article 19, paragraph 3 of the >> ICCPR, >> > there are certain, exceptional types of expression which may be >> > legitimately >> > restricted under international human rights law, essentially to >> safeguard >> > the rights of others. This issue has been examined in the previous >> annual >> > report of the Special Rapporteur. However, the Special Rapporteur deems >> it >> > appropriate to reiterate that any limitation to the right to freedom of >> > expression must pass the following three-part, cumulative test: >> > (1) it must be provided by law, which is clear and accessible to >> > everyone (principles of predictability and transparency); and >> > (2) it must pursue one of the purposes set out in article 19, >> paragraph >> > 3 of the ICCPR, namely (i) to protect the rights or reputations of >> others, >> > or (ii) to protect national security or of public order, or of public >> > health >> > or morals (principle of legitimacy); and >> > (3) it must be proven as necessary and the least restrictive means >> > required to achieve the purported aim (principles of necessity and >> > proportionality). >> > Moreover, any legislation restricting the right to >> > freedom of expression must be applied by a body which is independent of >> any >> > political, commercial, or other unwarranted influences in a manner that >> is >> > neither arbitrary nor discriminatory, and with adequate safeguards >> against >> > abuse, including the possibility of challenge and remedy against its >> > abusive >> > application. >> > And further: >> > >> > 26 However, in many instances, States restrict, control, >> manipulate and >> > censor content disseminated via the Internet without any legal basis, >> or on >> > the basis of broad and ambiguous laws; without justifying the purpose of >> > such actions; and/or in a manner that is clearly unnecessary and/or >> > disproportionate to achieve the intended aim, as explored in the >> following >> > sections. Such actions are clearly incompatible with States' obligations >> > under international human rights law, and often create a broader >> chilling >> > effect on the right to freedom of opinion and expression. >> > (full reference: Frank La Rue "Report of the Special Rapporteur on the >> > promotion and protection of the right to freedom of opinion and >> expression" >> > (26 April 2011, A/HRC/17/27) also available at: http://scr.bi/z6lZ8N ) >> > >> > >> > >> > >> > >> > -- >> > Wendy Seltzer -- [log in to unmask] +1 914-374-0613 >> > Fellow, Yale Law School Information Society Project >> > Fellow, Berkman Center for Internet & Society at Harvard University >> > http://cyber.law.harvard.edu/seltzer.html >> > https://www.chillingeffects.org/ >> > https://www.torproject.org/ >> > http://www.freedom-to-tinker.com/ >> > >> > >