||4 March 2011
||17 April 2011
The WHOIS Policy Review Team was launched in October 2010 in line with the Affirmation of Commitments (AoC) provisions, section 9.3.1, which stipulates that:
"ICANN additionally commits to enforcing its existing policy relating to WHOIS, subject to applicable laws. Such existing policy requires that ICANN implement measures to maintain timely, unrestricted and public access to accurate and complete WHOIS information, including registrant, technical, billing, and administrative contact information. One year from the effective date of this document and then no less frequently than every three years thereafter, ICANN will organize a review of WHOIS policy and its implementation to assess the extent to which WHOIS policy is effective and its implementation meets the legitimate needs of law enforcement and promotes consumer trust." http://www.icann.org/en/documents/affirmation-of-commitments-30sep09-en.htm
The WHOIS Review Team would welcome public comment on the following issues:
Scope of Work and Roadmap
List of Key Definitions
Law Enforcement shall be considered to be an entity authorized by a government and whose responsibilities include the maintenance, co-ordination, or enforcement of laws, multi-national treaty or government-imposed legal obligations.
Includes any and all local and national laws that regulate and/or control the collection, use, access, and disclosure of personally identifiable information. It may also include other relevant legal obligations, including U.N. Universal Declaration of Human Rights and the U.N. Guidelines for the Regulation of Computerized Personal Data Files.
Producers and Maintainers of WHOIS Data:
Producers: The individuals or organizations supplying contact data for inclusion into WHOIS data.
Maintainers: The WHOIS Review Team proposes to subdivide this category in to:
Data Controllers: Individuals or organizations that define the data to be collected, require its release, and govern its use. May or may not be directly involved in these functions.
Data Processors: Individuals or organizations engaged in the collection, storage, and release of data, according to the terms defined by the Data Controller. They do -not- determine the nature or use of the data that they collect or maintain.
What is a "consumer"?
There is no single universally agreed definition of 'consumer', and legal definitions in different jurisdictions vary widely. Some are narrow and limited to 'natural persons', while others are broader and include various types of organisations.
The WHOIS review team has been considering a broad interpretation of the term 'consumer', as this would allow a broad range of perspectives to be considered by the review team. This appears to be consistent with the intention of the drafters of the AoC.
In the global sense, "consumer" may mean:
- All Internet users including natural persons, commercial and non-commercial entities, government and academic entities.
And specifically within the context of this review, a "consumer" w.r.t. WHOIS data and WHOIS Service may mean:
- Any consumer that acts as a Producer of WHOIS data (see above), Maintainer of WHOIS data and provider of WHOIS Service (e.g. Registrars), or User of WHOIS data (e.g. – individuals, commercial or non-commercial entities who legitimately query the WHOIS data).
Feedback request from community
Community feedback is desired on the WHOIS Review Team's approach to this definition. Is it too broad or too restrictive? In either case, how should it be changed?
The WHOIS Review Team also welcomes general comments on the above issues, and any other issues, which the community would like the RT to consider at this early stage in their work.
The public comment will remain open for 45 days and close on 17 April 2011.
To find minutes of our meetings as well as documents and work in progress, please check our public community wiki at: