[ga] Bulk acces...
Here are some thoughts on what bulk access provisions should look like.
Note that this is not necessarily where the WHOIS task force is
heading, it's rather my own thinking.
First, what is bulk access all about? It's ICANN mandating that
everyone should be able to obtain, for a certain fee, a significant
portion of registrars' customer information. The provisions then contain
a number of limitations concerning some marketing uses and abusing
registrars' and registries' systems. Finally, there's an opt-out
provision concerning marketing use of bulk data. However, you can't opt
out of other kinds of bulk access.
This kind of access is used by various groups for various purposes - it
seems like some of SnapNames' research is based on this kind of
research; we have overt marketing uses, and we have search services and
whatever else for intellectual property holders and "real" law
enforcement. Looking at these uses, one question should immediately pop
up: Why the hell is it ICANN's business to protect marketers' access to
registrars' data, and to even impose an upper limit on the price the
registrar may take? Once you are at that question, you have to
generalize: Why does ICANN mandate public for-a-fee access to
registrars' data? How does this deserve coordination?
Thinking along these lines, one quickly arrives with a very different
model for bulk access, which is much more close to what's in the thick
registries' agreements with ICANN: Mandate _full_ bulk access for a very
limited list of applications, and even impose limitations on the price
registrars may charge for their data, as far as these services are
concerned. Do not include _any_ opt-out provisions or anything similar
for these specific purposes. Leave everything else to the registrars
themselves, to applicable privacy regulations, and to the market.
Of course, the applications for which bulk access should continue to be
available would have to fulfill some very strict conditions: Any results
derived from registrars' bulk data would have to be available to
registrars on a non-discriminatory basis. In particular, bulk data
would not be available to competing registrars. Even more importantly,
there would have to be a clear public interest in the application in
question. Finally, registrants privacy would have to be respected by the
applications to the degree possible.
Right now, I see at most two applications which would actually warrant
ICANN-mandated bulk access provisions. 1. Research. Key criteria should
be that results are published, and that no identifiable information
about individual registrants is contained in the results, unless the
information came from public sources or (and?) the registrants gave
their explicit consent to the publication. 2. Query-based services. It
seems that there is some law enforcement and intellectual property owner
interest in this kind of service. The interesting question is of course
to what extend such products are equivalent to full database access, and
how they can best be tuned to respect registrants' privacy. (No, I
don't like that part, but I don't see a way around it.)
Everything else should in my view be considered outside ICANN's scope.
Comments? Objections? Flames?
Thomas Roessler (mobile) <email@example.com>
This message was passed to you via the firstname.lastname@example.org list.
Send mail to email@example.com to unsubscribe
("unsubscribe ga" in the body of the message).
Archives at http://www.dnso.org/archives.html