[nc-whois] Kristy McKee - comments on Privacy and WHOIS databases

[k@widgital.com (Kristy McKee)]

Task Force Members,

Below please find the statement I made during today's meeting:

#----------------------------------

Creating a balance in this arena has proven to be quite a challenge.


Prior to ICANN, the InterNIC registration form
requested the registrant categorize themselves
as either an Individual or Business
and also included an input field
for a description of the business
or to denote the type of business.


Perhaps we could revert back to using this concept;
but advance it by providing a different set of rules
for different types of users
like Businesses and Individuals for example.


Team Three (WHOIS search-ability)
has been calling this "differentiated access".
What we mean is that different types of users
have permission to view different types of data.


Across the board, we know only two groups
who appreciate unsolicited email or spam,
some Marketing Companies and some Fraudulently Behaving Folks.


I differentiate between the two
because one group will tell you who they are
and the other will not
to the extent that they may choose to expose
an unprotected or not well protected Network's bandwidth
and/or their mail-server(s) by using them to publish their data
or send their un-solicited email or spam.


Our Task Force has worked diligently to ensure
that Accuracy of data protects Netizens
against the Fraudulently Behaving Folks
and the Marketing Companies;
furthermore,
Accuracy of Data
Helps to Ensure
an Enforceable System.


It is difficult to maintain an organized system if it is not enforced.
Without rules we have nothing to enforce
and no way to protect anyone's privacy.


Our Task Force has defined Accurate Data.
We know what we are protecting and enabling access to.
We need to further define categories of Registrants;
then allow the Registrants themselves
to decide what type of Registrant they are.

We must have a set of rules defined
for each type of Registrant to agree to.

In order to do this we must identify who they are.


I identify three types of Registrants:
Businesses,
(which can be further categorized and would include)
Small Office or Home Office Businesses,
And Individuals.


We know Many types of Businesses want people
to have their contact data, ALL of it,
while some others would prefer people
to have only some of the data.


For example a Small Office or Home Office Businesses may want people
to have enough of their contact data to contact them,
SOME or ALL of it.


We know Individuals sometimes want people
to have their contact information,
NONE, SOME or ALL of it.


We know Individuals sometimes want
to pose as businesses and maintain their privacy.

This seems unreasonable to me.

I do not understand how an Individual can pose as a Business, legally.
(During our meeting today this was identified as an item for further work.)


A Consultant, for example,
would probably be best supported
in the Small Office Home Office category;
if that person wanted privacy afforded to
individuals, they could opt-in for that.


There are further categorizations
to be made with the business category
and perhaps other categories to add as well.


In addition to categorizing types of Registrants,
We should also categorize types of Whois Users.

For example Law Enforcement
has access needs to this data
as well as SOME other groups,
not Marketing Companies,
that are different from the majority
of business users.


Technical Operators,
usually the Technical Contact,
have access needs that are different from the Billing Contact.


All These groups must be identified
and have their needs attended to as well.


Once we have defined an enforceable system,
my suggestion is to treat all Registrants the same
(status quo, no privacy)
until they have chosen (opted in)
to be included as the type of Registrant
they want to be
and have therefore agreed
to live by the set of rules
provisioned for the type of Registrant
they have chosen to be.


We could at that time
enforce the protection of their data
and it's accuracy
according to the guidelines
agreed to by all.


Thank you.










.k = Kristy McKee, 612.823.3958.
.W I D G I T A L . ESPware .Dept.
.digital widgets help create digits.