[wg-review] Improvements to Operations - Privacy

["Joanna Lane" <jo-uk@rcn.com>]

Position Paper In response to the BoD Resolution 01.28 - DRAFT 1.0

WHAT IS DNSO's PRIVACY POLICY?

The General Assembly has very clear rules with respect to identity
verification for participants on it's publicly archived mailing list. It is
the list monitor, currently the Alternate Chair, Mr Harald Alvestrand,  who
is tasked with the role of confirming or denying somebody's persona. In the
same way that complaints of other forms of abuse must be made offlist, and
are strictly enforced, so should enquiries about identity verifications, but
they are not. There are different rules that new members can expect to be
enforced, not the ones that are published.  WG-Review has no separate
privacy policy specified in its charter (add URL), list moderation is
effectively performed by the Chair, Mr. Sotiris Sotiropoulos and it has not
experienced any difficulties with privacy or identity/ verification
challenges.

http://www.dnso.org/dnso/notes/2000.GA-ga-rules.html
<snip>
If the identity behind some email address set is challenged, the list
monitor may ask the challenged party for proof of identity. The list monitor
has discretion in deciding whether to take action upon a challenge, and to
decide what proof of identity is acceptable in each particular case.
A notarized copy of a civil identification (such as a driver's license or
passport) is always acceptable. The claimed identity belonging to the email
address is recorded by the list monitor, and the finding is announced to the
list. *The challenged party may ask the list monitor not to publish his
civil identity; this shall be respected.*

WHAT IS THE PROBLEM?

1) In the GA, a gang of self-appointed watchdogs take it upon themselves to
identify the challenged person, almost as a form of sport, or rights of
passage for the novitiate prior to acceptance, or rejection, by the group
once their contributions would seem to be gaining attention. Instances of
this are:- (add URLs)

2) While the Chair instigates the process according to the rules, other
members enter into a race to obtain personal information from the internet
about the individual, then to exchange opinions as if it is to be a decision
by committee with everybody bringing their own thoughts and findings to the
table. Instances of this are:- (add URLs)

3) This is the GA's "consensus model" in practice, meaning it is a procedure
that has been established over time as the way to establish whether or not
the email string represents a living breathing human being, or not.  In the
process, It is considered perfectly normal for one member to gather another
member's personal contact information, and to collate the data in a public
accessible archive, together with accompanying comments and reference links
to the other forums in which the challenged individual may participate. (add
URLs)

4) Since this actual procedure bears no relation to the rules, there is no
way for the challenged individual to have prior knowledge or give consent.
Therefore all material posted in this way is being done without permission,
and may contain misinformation, characterizations in a poor light,
defamation or even slander, amounting to the basis of a legal case against
ICANN (IANAL).

5)The obligation that saddles DNSO, to prove every competence by consensus
procedures, frequently results in whatever unilateral decisions the Chair
makes in accordance with the rules, being overturned. As a consequence, the
authority of the GA/ WG-Chair is seriously undermined.

6) Some of those who participate in what could be viewed as a witch hunt
from behind a firewall of corporate safety, have little or no understanding
of possible difficulties that may present themselves in the "real world" for
individuals whose civil identity and personal contact details may be exposed
by this procedure. Indeed, it is not deemed to be improper behaviour at all
by those consulted and not a moment's thought is given to the future
consequences of the same.

7) This procedure causes outrage amongst individuals who are shocked to
discover that those who would claim to represent their best interests on the
one hand, would on the other hand, engage in this kind of activity.

WHAT DO WE DO ABOUT IT?

1) Enforce a zero tolerance policy towards enforcing existing rules and give
GA/WG Chairs Authority to verify identities.

2) Strike out all posts in the public archive that reveal the civil identity
of an individual involved in DNSO which has been posted without their
consent.

3) Form a WG to assess the implications of the EU directive on privacy and
how this should be implemented by DNSO.




It's late and I will post the various URL links tomorrow in Draft 2.
Regards,
Joanna





--
This message was passed to you via the wg-review@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe wg-review" in the body of the message).
Archives at http://www.dnso.org/archives.html