[NCSG-PC] Fwd: [NCSG-Discuss] Comments on the Whois compliance models
Arsène Tungali
arsenebaguma at gmail.com
Mon Jan 29 19:02:45 EET 2018
Good move
------------------------
**Arsène Tungali* <http://about.me/ArseneTungali>*
Co-Founder & Executive Director, *Rudi international
<http://www.rudiinternational.org>*,
CEO,* Smart Services Sarl <http://www.smart-serv.info>*, *Mabingwa Forum
<http://www.mabingwa-forum.com>*
Tel: +243 993810967
GPG: 523644A0
*Goma, Democratic Republic of Congo*
2015 Mandela Washington Felllow
<http://tungali.blogspot.com/2015/06/selected-for-2015-mandela-washington.html>
(YALI) - ISOC Ambassador (IGF Brazil
<http://www.internetsociety.org/what-we-do/education-and-leadership-programmes/next-generation-leaders/igf-ambassadors-programme/Past-Ambassadors>
& Mexico
<http://www.internetsociety.org/what-we-do/education-and-leadership-programmes/next-generation-leaders/Current-Ambassadors>)
- AFRISIG 2016 <http://afrisig.org/afrisig-2016/class-of-2016/> - Blogger
<http://tungali.blogspot.com> - ICANN's GNSO Council
<https://gnso.icann.org/en/about/gnso-council.htm> Member. AFRINIC Fellow (
Mauritius
<http://www.afrinic.net/en/library/news/1907-afrinic-25-fellowship-winners>)*
- *IGFSA Member <http://www.igfsa.org/> - Internet Governance - Internet
Freedom.
Check the *2016 State of Internet Freedom in DRC* report (English
<http://cipesa.org/?wpfb_dl=234>) and (French
<http://cipesa.org/?wpfb_dl=242>)
2018-01-29 8:58 GMT-08:00 Martin Pablo Silva Valent <mpsilvavalent at gmail.com
>:
> I support this approach.
>
> Martín
>
>
> On 29 Jan 2018, at 13:52, Dr. Tatiana Tropina <t.tropina at mpicc.de> wrote:
>
> All,
>
> I support Rafik's approach.
>
> 1) we can submit the comment supporting the model 3.
>
> 2) we can tweak 2b and look more thoroughly at eco meanwhile and clarify
> some things that are not clear there for me yet - like LEA access and some
> other.
>
> 3) as we have to be rational, we can bargain further with a mix of 3 and
> 2b, if needed.
>
> Cheers,
>
> Tanya
>
> On 28/01/18 08:55, Rafik Dammak wrote:
>
> Hi,
>
> while I checked the 3 models, I am not familiar with the eco model or
> comment and so making any judgment hard. is it similar to one of the models
> or something totally different proposal?
> maybe as context, we should recall that those models are supposed to be
> interim solutions. One risk with model 2b or a similar (eco?) is what
> French calls "le temporaire qui dure", a lasting temporary. It means having
> a workaround that will become de facto the solution with all its drawbacks
> and we won't have a real say in the process such accreditation or
> certification (we can learn from the current discussion on implementing of
> PPSAI and how staff views differ from the policy).
>
> let's think in practical fashion here:
> - we got a deadline and need to submit a comment
> - the discussion is still continuing e.g. webinar this week and beyond
> - there are calls for extension by BC and IPC because they want to propose
> more models beyond the 3 tabled.
>
> I guess one approach is to have the comment saying that the model 3 to
> meet the current deadline because its restrictions is a more safe solution
> till we move for a restrictive layered option (2b or eco model) after a
> real community involvement and discussion. Having a model 3 used is a real
> ncentive for everyone to work on a long time solution acknowledging all
> concerns from the different parties instead of tricking us to accept an
> ill-designed option. the document made by Stephanie is a starting point for
> us to work on the details in coming months.
>
> Best,
>
> Rafik
>
> 2018-01-29 1:14 GMT+09:00 Stephanie Perrin <stephanie.perrin at mail.
> utoronto.ca>:
>
>> I am sorry I let you down. To be frank, the discussion on the main list
>> was all over the map, my desire to throw my comment out there to be trashed
>> by folks not following these matters was pretty minimal. However, I have
>> had a complete meltdown with my computer and my ISP, which slowed me down
>> enormously, and there was no room for error.
>>
>> Here are a few compromise positions:
>>
>> 1. I can summarize at the end of the analysis of the different
>> positions, the various views (I acknowledged EFF's position but did not go
>> into it.
>>
>> 2. I can add a more thorough discussion of the law enforcement ask, the
>> IP lawyer ask, etc. and why option 3 deals with those issues successfully.
>>
>> 3. I can discuss the data commissioner's expressed views on these
>> matters. There will be no support from them for a wholesale cutting off of
>> access for cyber investigators. IF you have any ideas on how to square
>> that circle, I am all ears. It is a big problem....while I can be accused
>> of caving in to a moderate position because I have been both a govt
>> policy/legislative wonk and an exec in a privacy commissioner's office, I
>> think you have to acknowledge I have decades of experience fighting off law
>> enforcement in back rooms. If we want to be taken seriously, we have to
>> acknowledge there is a problem. (it is of course their fault there is a
>> problem, but that is another narrative....)
>>
>> I am also very happy saying there is a wide range of views in NCSG. But
>> if you want a narrow answer to the question of whether it is 2b or 3,
>> please pay attention to what Goran said in the IPC webinar the other
>> day...do not feel tied to 1,2, or 3, we simply pulled them into models.
>> COmments on all aspects raised, suggestions of other models etc are welcome.
>>
>> SO I think we can say of your models we like 2b for this, 3 for that, and
>> our favorite proposal so far is the ECO one. Strategically, and bearing in
>> mind we still have years of pdps ahead of us and this is an interim
>> measure, supporting the registrars seems to me a good idea, particularly
>> when they have gone to the work and expense they have to produce an
>> excellent proposal.
>>
>> Have to go drop the dog at camp, perhaps we can talk this evening in LA
>> or tomorrow morning at breakfast?
>>
>> cheers Steph
>> On 2018-01-28 10:36, farzaneh badii wrote:
>>
>> I tell you what is sticking in my throat Stephanie: You are way too late
>> and we relied on you and you delivered late. I don't want Law Enforcement
>> be viewed as legitimate force globally and you know where I am from. Does
>> Eco model address my worry?
>>
>> Farzaneh
>>
>> On Sun, Jan 28, 2018 at 10:29 AM, Stephanie Perrin <
>> stephanie.perrin at mail.utoronto.ca> wrote:
>>
>>> Well I am sorry that I did not get the comment in as well. There is a
>>> lot to read and I have read it (unlike many). WE need to know where the
>>> opposition is coming from.
>>>
>>> The ECO comments have been out there a while, and they deal with the
>>> models. There is absolutely nothing wrong with endorsing another group's
>>> position. Their legal analysis is excellent, in my view.
>>>
>>> Ignoring the reality that there is a cybercrime problem out there is, in
>>> my view, not a thoughtful position to take. I can attempt to reword it if
>>> you point me to precisely what is sticking in your throats. We want
>>> layered access....a failure to support layered access at this point in time
>>> will set us back years, we finally have ICANN agreeing to it.
>>>
>>> I am happy to send my comments in myself if you don't support them. I
>>> think they are well informed and realistic. I think Option 3 was thrown
>>> out there as a poison pill and I am not taking it.
>>>
>>> let me know.....
>>>
>>> cheers Steph
>>> On 2018-01-28 09:50, farzaneh badii wrote:
>>>
>>> Hello Stephanie
>>>
>>> Is eco model in the models that offered by Icann? Is it model 2b which
>>> you supported in the doc you sent us? If not then we cannot support it now.
>>> I suggest going for the highest protection now until we work out something
>>> better. You can always go down from highest protection to layered access
>>> etc but for now and since we don't have much time to reach consensus I
>>> think we can stick to model 3. I wish you had sent us your document sooner
>>> so that we could work on it. Also your argument for not supporting model 3
>>> in the document is not really based on substance it's based on the fact
>>> that it won't get support in the community. There is a May deadline.
>>> Community can come up with consensus after the deadline on another leas
>>> protective model. but ICANN org can't wait!
>>>
>>> I suggest pc members weigh in on this deadline is tomorrow and we would
>>> like to know our positoon before the intersessional.
>>>
>>> On Sun, Jan 28, 2018 at 9:17 AM Stephanie Perrin <
>>> stephanie.perrin at mail.utoronto.ca> wrote:
>>>
>>>> I will try to get the revised comments on the models that have been
>>>> submitted in before I run for the plane at 2 EDT...but that may not
>>>> happen. The legal analysis will come next week, it is a lot harder and
>>>> more complex....but I want to get my questions on the table. It will be a
>>>> long time before this is over....
>>>>
>>>> We need to endorse the ECO model very strongly, in my view. While
>>>> option 3 looks good, it is rather unworkable.
>>>>
>>>> cheers SP
>>>> On 2018-01-27 14:09, Ayden Férdeline wrote:
>>>>
>>>> Thanks Rafik
>>>>
>>>> I’m going to hold off on endorsing this for 24 hours until I read the
>>>> comments currently being drafted by Stephanie.
>>>>
>>>> To be clear, this is not to say that I do not endorse this statement.
>>>> It sounds logical to me and consistent with our principles. But if
>>>> Stephanie has a 15-page document coming I’d like to make sure we’re being
>>>> consistent in our messaging.
>>>>
>>>> Of course, being so close to the final day for submissions, I’ll write
>>>> again on-list tomorrow in the absence of any other statements being on the
>>>> table, as we cannot miss this submission deadline.
>>>>
>>>> Sincere thanks to Milton for drafting this.
>>>>
>>>> Best wishes, Ayden
>>>>
>>>> Sent from ProtonMail Mobile
>>>>
>>>>
>>>> On Sat, Jan 27, 2018 at 10:50, Rafik Dammak <rafik.dammak at gmail.com>
>>>> wrote:
>>>>
>>>> Hi all,
>>>>
>>>> We got a comment for the GDPR compliance model. The deadline for
>>>> submission ins the 29th Jan, which is the coming monday. We need act
>>>> quickly within this weekend .
>>>>
>>>> Best,
>>>>
>>>> Rafik
>>>>
>>>> ---------- Forwarded message ----------
>>>> From: "Mueller, Milton L" <milton at gatech.edu>
>>>> Date: Jan 26, 2018 6:05 PM
>>>> Subject: [NCSG-Discuss] Comments on the Whois compliance models
>>>> To: <NCSG-DISCUSS at listserv.syr.edu>
>>>> Cc:
>>>>
>>>> I offer the following as a first draft of the NCSG position on the 12
>>>> January 2018 call for comments released by ICANN org.
>>>>
>>>>
>>>> Principles
>>>>
>>>> Our evaluation of the models offered by ICANN are based on three
>>>> fundamental principles. No model that fails to conform to all three is
>>>> acceptable to the NCSG.
>>>>
>>>>
>>>> 1. The purpose of whois must be strictly tied to ICANN's mission. That
>>>> is, the data that is collected and the data that are published must
>>>> directly and demonstrably contribute to ICANN's mission as defined in
>>>> Article 1 of its new bylaws. We reject any definition of Whois purpose that
>>>> is based on the way people happen to make use of data that can be accessed
>>>> indiscriminately in a public directory. The fact that certain people
>>>> currently use Whois for any purpose does not mean that the purpose of Whois
>>>> is to provide thick data about the domain and its registrant to anyone who
>>>> wants it for any reason.
>>>>
>>>>
>>>> 2. Whois service, like the DNS itself, should be globally uniform and
>>>> not vary by jurisdiction. ICANN was created to provide globalized
>>>> governance of the DNS so that it would continue to be globally compatible
>>>> and coordinated. Any solution that involves fragmenting the policies and
>>>> practices of Whois along jurisdictional lines is not desirable.
>>>>
>>>>
>>>> 3. No tiered access solution that involves establishing new criteria
>>>> for access can feasibly be created in the next 3 months. We would strongly
>>>> resist throwing the community into a hopeless rush to come up with entirely
>>>> new policies, standards and practices involving tiered access to data, and
>>>> we do not want ICANN staff to invent a policy that is not subject to
>>>> community review and approval.
>>>>
>>>>
>>>> Based on these three principles, we believe that Model 3 is the only
>>>> viable option available. Model 3 minimizes the data publicly displayed to
>>>> that which is required for maintaining the stability, security and
>>>> resiliency of the DNS. Model 3 could be applied across the board, and would
>>>> be presumptively legal regardless of which jurisdiction the registrar,
>>>> registry or registrant are in. And Model 3 relies on established legal due
>>>> process for gaining access to additional information.
>>>>
>>>>
>>>> There is room for discussion about how much data could be publicly
>>>> displayed under Model 3 consistent with ICANN's mission. E.g., it may be
>>>> within ICANN's mission to include additional data in the public record,
>>>> such as an email address for the technical contact and even possibly the
>>>> name of the registrant.
>>>>
>>>>
>>>> The process of gaining access to additional data in Model 1 is
>>>> completely unacceptable. Self-certification by any third party requestor
>>>> is, we believe, not compliant with GDPR nor does is such access justified
>>>> by the purpose of Whois or ICANN's mission.
>>>>
>>>>
>>>> Model 2 might possibly be acceptable if an suitable set of criteria and
>>>> processes were devised, but it simply is not feasible for such a
>>>> certification program to be developed in 3 months. A certification program
>>>> thrown together in a rush poses huge risks for loopholes, poor procedures,
>>>> and a legal challenge to ICANN, either from DPAs or from individuals
>>>> affected.
>>>>
>>>>
>>>> Dr. Milton L. Mueller
>>>>
>>>> Professor, School of Public Policy
>>>>
>>>> Georgia Institute of Technology
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> NCSG-PC mailing listNCSG-PC at lists.ncsg.ishttps://lists.ncsg.is/mailman/listinfo/ncsg-pc
>>>>
>>>> _______________________________________________
>>>> NCSG-PC mailing list
>>>> NCSG-PC at lists.ncsg.is
>>>> https://lists.ncsg.is/mailman/listinfo/ncsg-pc
>>>>
>>> --
>>> Farzaneh
>>>
>>>
>>
>> _______________________________________________
>> NCSG-PC mailing list
>> NCSG-PC at lists.ncsg.is
>> https://lists.ncsg.is/mailman/listinfo/ncsg-pc
>>
>>
>
>
> _______________________________________________
> NCSG-PC mailing listNCSG-PC at lists.ncsg.ishttps://lists.ncsg.is/mailman/listinfo/ncsg-pc
>
>
> _______________________________________________
> NCSG-PC mailing list
> NCSG-PC at lists.ncsg.is
> https://lists.ncsg.is/mailman/listinfo/ncsg-pc
>
>
>
> _______________________________________________
> NCSG-PC mailing list
> NCSG-PC at lists.ncsg.is
> https://lists.ncsg.is/mailman/listinfo/ncsg-pc
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncsg.is/pipermail/ncsg-pc/attachments/20180129/34645d2c/attachment.htm>
More information about the NCSG-PC
mailing list