ICANN/DNSO
DNSO Mailling lists archives

[ga-full]


<<< Chronological Index >>>    <<< Thread Index >>>

[ga] Bulk acces...


Here are some thoughts on what bulk access provisions should look like. 
  Note that this is not necessarily where the WHOIS task force is 
heading, it's rather my own thinking.

First, what is bulk access all about?  It's ICANN mandating that 
everyone should be able to obtain, for a certain fee, a significant 
portion of registrars' customer information. The provisions then contain 
a number of limitations concerning some marketing uses and abusing 
registrars' and registries' systems. Finally, there's an opt-out 
provision concerning marketing use of bulk data. However, you can't opt 
out of other kinds of bulk access.

This kind of access is used by various groups for various purposes - it 
seems like some of SnapNames' research is based on this kind of 
research; we have overt marketing uses, and we have search services and 
whatever else for intellectual property holders and "real" law 
enforcement.  Looking at these uses, one question should immediately pop 
up: Why the hell is it ICANN's business to protect marketers' access to 
registrars' data, and to even impose an upper limit on the price the 
registrar may take? Once you are at that question, you have to 
generalize: Why does ICANN mandate public for-a-fee access to 
registrars' data? How does this deserve coordination?

Thinking along these lines, one quickly arrives with a very different 
model for bulk access, which is much more close to what's in the thick 
registries' agreements with ICANN: Mandate _full_ bulk access for a very 
limited list of applications, and even impose limitations on the price 
registrars may charge for their data, as far as these services are 
concerned. Do not include _any_ opt-out provisions or anything similar 
for these specific purposes. Leave everything else to the registrars 
themselves, to applicable privacy regulations, and to the market.

Of course, the applications for which bulk access should continue to be 
available would have to fulfill some very strict conditions: Any results 
derived from registrars' bulk data would have to be available to 
registrars on a non-discriminatory basis.  In particular, bulk data 
would not be available to competing registrars. Even more importantly, 
there would have to be a clear public interest in the application in 
question. Finally, registrants privacy would have to be respected by the 
applications to the degree possible.

Right now, I see at most two applications which would actually warrant 
ICANN-mandated bulk access provisions.  1. Research. Key criteria should 
be that results are published, and that no identifiable information 
about individual registrants is contained in the results, unless the 
information came from public sources or (and?) the registrants gave 
their explicit consent to the publication.  2. Query-based services. It 
seems that there is some law enforcement and intellectual property owner 
interest in this kind of service.  The interesting question is of course 
to what extend such products are equivalent to full database access, and 
how they can best be tuned to respect registrants' privacy.  (No, I 
don't like that part, but I don't see a way around it.)

Everything else should in my view be considered outside ICANN's scope.

Comments? Objections? Flames?

Regards,
-- 
Thomas Roessler (mobile) <roessler@does-not-exist.org>
--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html



<<< Chronological Index >>>    <<< Thread Index >>>