[dns-operations] Denying Whois DB by GeoIP

Patrik Fältström paf at frobbit.se
Tue Jun 13 05:07:39 UTC 2017


My point was rather that registry/registrar have to comply with privacy legislation and not disclose information about private persons in certain cases. To get that data you must have special needs for the data, as specified by the legislation.

   Patrik

On 12 Jun 2017, at 23:35, dmblumenthal at gmail.com wrote:

> Proxy/proxy services will have to comply with privacy regulations on 5/18 as a matter of law. That is different from getting ICANN accreditation, which never has existed for p/p providers in the gTLD world. The new accreditation program has the end of 2018 deadline for the proxy/privacy implementation team file its report.
>
> From: Patrik Fältström
> Sent: Friday, June 9, 2017 10:56 AM
> To: dmblumenthal at gmail.com,
> Cc: John Levine; dns-operations at dns-oarc.net
> Subject: Re: [dns-operations] Denying Whois DB by GeoIP
> [
> On 9 Jun 2017, at 16:29, dmblumenthal at gmail.com wrote:
>
>> Registration through proxy and privacy has been available for a long time.
>
> Yes, but note that I am talking about what is implemented in Sweden due to legislation. This is not a choice for private persons whether they want privacy or not, and it is not a choice whether others can access the data. And this ends up being more "interesting" when coming to the implementation of GDPR in Europe.
>
>> The recent ICANN activities concerned establishing an  accreditation system for p/p service providers. The projected timeline for implementation is the end of 2018. FWIW, here is the policy working group’s final report: https://gnso.icann.org/en/issues/raa/ppsai-final-07dec15-en.pdf.
>>
>> Most ICANN Internet policy work happens through volunteers (I have been one of them for awhile and the concept still baffles me), so we all are self appointed. The working group has zealots on both extremes related to public access to registration data. It also has folks on a continuum from the extremes to the center. That type usually results in WGs producing reasonable consensus recommendations.
>>
>> Maybe all or parts of this was TMI. I have been in the registration data wars since 1998. Sometimes I can’t stop myself.
>
> On May 25 2018 ICANN Community must know what they should request registries and registrars to do where one or more of registry, registrar, registrant is under EU Jurisdiction. Or more precisely, registries and registrars must at that point in time have implemented whatever they have to implement.
>
> Not "end of 2018".
>
>    Patrik
>
>> From: Patrik Fältström
>> Sent: Friday, June 9, 2017 7:18 AM
>> To: John Levine
>> Cc: dns-operations at dns-oarc.net
>> Subject: Re: [dns-operations] Denying Whois DB by GeoIP
>>
>> On 9 Jun 2017, at 2:55, John Levine wrote:
>>
>>> For some reason there is a bunch of self-appointed
>>> privacy advocates who deny that WHOIS is useful for security research
>>> at all.
>>
>> Correct.
>>
>> And lots of push in ICANN to recognize something that is called "proxy registrations".
>>
>> But there is also legislation that say that things like whois data that describe private persons (as compared to organisations) is not to be publicly available. And we in the EU get new legislation called GDPR from May 2018 that makes things even more complicated.
>>
>> The only path forward is to get tiered access to whois data, and then discuss who ends up under what circumstances in what tier.
>>
>> Unfortunately, which John explain between the lines, the discussions are not very constructive. :-(
>>
>>    Patrik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: OpenPGP digital signature
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20170613/4fb62957/attachment.sig>


More information about the dns-operations mailing list