<<<
Chronological Index
>>> <<<
Thread Index
>>>
[nc-whois] WHOIS Task Force Final Report - Dissenting Opinion from A Non-commercial Constituency Representative
Dear Co-Members of the WHOIS Task Force:
As a non-commercial constituency representative on the WHOIS Task Force,
I am writing to express my dissenting opinion on the Task Force’s
accuracy recommendation.
While I do not oppose accurate data per se, I do oppose the Task Force’s
recommendation to enforce accuracy of WHOIS information when the Task
Force has failed to adequately address privacy issues. I also
believe the Task Force final report fails to reflect several suggestions
made by members to address this specific problem. For this reason,
the report cannot fairly be described as a “consensus”
position.
The Task Force failed to recommend appropriate privacy safeguards for
domain name registrants with reasonable and legitimate expectations of
privacy and the Task Force failed to assess the misuses of WHOIS
data. The very existence of inaccurate data suggests that there are
domain name registrants who do care to safeguard their privacy and
prevent the misuse of their personally identifiable information.
Furthermore, a number of comments submitted to the WHOIS Task Force’s
recommendations report raise privacy and data misuse issues that the
WHOIS Task Force has effectively ignored:
- ·
there
must be a provision for individuals to keep their personal phone numbers
private (04 Dec 2002, see
http://www.dnso.org/dnso/dnsocomments/comments-whois/Arc02/msg00005.html);
- ·
unlimited
public access to WHOIS data poses real risks to individuals (9 Dec 2002 ,
see
http://www.dnso.org/dnso/dnsocomments/comments-whois/Arc02/msg00012.html);
- ·
the
Task Force has failed to properly and fully address community concerns
regarding privacy (8 Jan 2003,
http://www.dnso.org/dnso/dnsocomments/comments-whois/Arc02/msg00022.html);
- ·
the
availability of personally identifiable information on WHOIS raises major
problems with respect to the increasingly serious problem of identity
theft (08 Jan 2003, see
http://www.dnso.org/dnso/dnsocomments/comments-whois/Arc02/msg00023.html);
- ·
nothing
in the Task Force’s report answers the primary question regarding why
personally identifiable information must be published to the public at
all (9 Jan 2003,
http://www.dnso.org/dnso/dnsocomments/comments-whois/Arc02/msg00025.html);
- ·
choosing
to use the domain name system for either personal or professional use
should not be a cause for the abuse your name, address, phone number, fax
number and e-mail (9 Jan 2003,
http://www.dnso.org/dnso/dnsocomments/comments-whois/Arc02/msg00027.html);
- ·
and
more.
A number of privacy and data misuse issues have been expressed by
way of comments to the Task Force’s interim and final reports as early as
July 2002. It is not clear what criteria the WHOIS Task Force is
applying to suggest that accuracy of WHOIS data supersedes legitimate
privacy interests.
Moreover, the non-commercial constituency representatives expressed the
need to address privacy protection:
- ·
links
to postings discussing privacy issues, legitimate reasons for concealing
identity, free speech, etc. for the 2001 Congressional Hearings on
WHOIS/Accuracy (1 Jun 2002,
http://www.dnso.org/clubpublic/nc-whois/Arc00/msg00368.html);
- ·
.uk
whois database as a case study of WHOIS privacy issues (14 Jun 2002,
http://www.dnso.org/clubpublic/nc-whois/Arc00/msg00410.html);
- ·
the
European Commission’s views on the compliance of the .name registration
agreement with EU privacy laws, which also has implications on
.com/.org/.net WHOIS (4 Sep 2002,
http://www.dnso.org/clubpublic/nc-whois/Arc00/msg00507.html);
- ·
WHOIS
privacy issues including consumer protection, expectation of privacy,
etc. (30 Sep 2002,
http://www.dnso.org/clubpublic/nc-whois/Arc00/msg00553.html);
- ·
not
clear why the WHOIS Task Force is moving forward with accuracy when
privacy issues have not been adequately addressed (30 Dec 2002, lunch
meeting between myself and WHOIS co-chair Marilyn
Cade);
- ·
not
clear why the WHOIS Task Force is talking about uniformity and accuracy
without having completely addressed accessibility issues and request
for a plan, or a strategy, and a time line to resolve
accessibility issues (04 Jan 2003,
http://www.dnso.org/clubpublic/nc-whois/Arc00/msg00800.html);
and
- ·
appropriate
privacy guidelines in the context of the Registrar Accreditation
Agreement (7 Jan 2003, GNSO WHOIS Task Force Teleconference).
It is not clear why these points, which are central to the
development of a sensible WHOIS policy, are being put off.
Proposing a “privacy issues report” is unresponsive. Postponing
privacy issues while enforcing accuracy also presents the unacceptable
risk of privacy issues being dismissed or resolved unsatisfactorily (see
http://gnso.icann.org/dnso/dnsocomments/comments-whois/Arc03/msg00004.html
and http://gnso.icann.org/dnso/dnsocomments/comments-whois/Arc03/msg00006.html). Minimally, enforcement of accuracy and insurance of privacy safeguards should be concurrent.
The WHOIS Task Force is well aware of these issues, but has chosen not to address them. For this reason, I ask that my dissent be incorporated in the Final Report as a Minority Report.
Sincerely,
Ruchika Agrawal
Non-Commercial Constituency
WHOIS Task Force
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|