[Précédent par date]
[Index par date]
[Suivant by date]
[Précédent par thème]
[Index par thème]
[Suivant par thème]
[Previous by date]
[Index by date]
[Next by date]
[Previous by thread]
[Index by thread]
[Next by thread]
Fwd: Please Sign - EPIC worldwide action - Letter to ICANN on WHOIS Privacy
Trying once more, with English version only. French and Spanish ones in
next messages
Début du message réexpédié :
> De: Meryem Marzouki <meryem.marzouki@dial.oleane.com>
> Date: Ven 24 oct 2003 10:35:29 Europe/Paris
> À: hr-wsis@iris.sgdg.org
> Objet: Please Sign - EPIC worldwide action - Letter to ICANN on WHOIS
> Privacy
>
> Below you'll find in English, Spanish and French versions, a call for
> signatures from groups/organizations
> issued by EPIC - The Electronic Privacy Information Center, a HR
> caucus member. EPIC is asking us to join the first signatories of a
> letter to ICANN, regarding serious privacy concerns with the WOHIS
> database.
> I recommend that your organizations add their signatures (to be sent
> directly to Cedric Laurant, see below) to this important worldwide
> action.
> Deadline for first signatures is October 26. Please don't circulate
> publicly before EPIC releases the letter.
>
> Best regards,
> Meryem
> ===========
> ENGLISH VERSION
> Dear Friends,
>
> In less than a week, the Internet Corporation for Assigned Names and
> Numbers (ICANN) will hold meetings in Carthage, Tunisia. The
> meetings will include discussions of WHOIS, a database that could
> have a significant impact on privacy, civil liberties, and freedom
> of expression for Internet users. The WHOIS database broadly
> exposes domain registrants' personal data to a global audience,
> including criminals and spammers.
>
> We believe that ICANN should work to ensure that network
> administrators have access to accurate information in order to
> contact domain registrants and combat fraud and spam. However, this
> also requires the establishment of corresponding privacy safeguards,
> including reduced access and minimal data requirements, in order to
> encourage the submission of accurate data. In addition, users of
> domain names have a legitimate expectation of privacy and right to
> free speech, which should be protected.
>
> We have drafted a letter to the President of ICANN, Paul Twomey,
> asking him to ensure that strong privacy safeguards, based on
> internationally accepted standards, are established for the WHOIS
> database. We would sincerely appreciate it if you would join us in
> this statement to ICANN. Domain registrants should not be required
> to submit extensive data that could lead to fraud victimization or
> political persecution.
> If you agree with the statement below, please send an email to
> mailto:chlaurant@epic.org with your name, email address, and
> organizational affiliation before October 26.
>
> Thank you for your help with this.
>
> Marc Rotenberg <rotenberg@epic.org>
> Cedric Laurant <chlaurant@epic.org>
> Frannie Wellings <wellings@epic.org>
>
>
>
> ---------------------------------------------------------------------
>
>
> 28 October 2003
>
> Mr. Paul Twomey
> President and Chief Executive Officer
> Internet Corporation for Assigned Names and Numbers
> 4676 Admiralty Way, Suite 330
> Marina del Rey, CA 90292-6601
> United States of America
>
> Dear Mr. Twomey,
>
> We write to you, on behalf of many consumer and civil liberties
> organizations from around the world, regarding the significant
> privacy issues surrounding the WHOIS database and the need to ensure
> that strong privacy safeguards are established. ICANN has moved
> aggressively to establish accuracy requirements for domain name
> registrants, but has failed to establish corresponding protections
> for personal information that is provided. As representatives of
> Internet users around the world, we are keen to ensure that the
> policies developed for the WHOIS database respect the freedom of
> expression and the privacy of every individual who registers
> Internet domains.
>
> Many organizations, consumer advocates, and technical experts have
> advocated strong protection for privacy interests. Those privacy
> concerns have not thus far been adequately addressed. We hope that
> our comments will be given due consideration during the WHOIS
> workshop at the upcoming ICANN meetings in Carthage, Tunisia.
>
> 1. The main purpose of the WHOIS database should be to resolve
> technical network issues, the most important being spam.
>
> The WHOIS database was originally intended to allow network
> administrators to find and fix problems to maintain the stability of
> the Internet. It now exposes domain name registrants' personal
> information to many other users for many other purposes unrelated to
> network access. Anyone with Internet access can now have access to
> WHOIS data, and that includes stalkers, governments that restrict
> dissidents' activities, law enforcement agents without legal
> authority, and spammers. The original purpose for WHOIS should be
> reestablished.
>
> One of the most important technical problems that threaten public
> use of the Internet today is spam. A sensible WHOIS policy would
> improve contact-ability and data accuracy for network
> administrators. It would not make personal information more widely
> accessible to third parties.
>
> 2. The use and management of the WHOIS database without adequate
> data protection safeguards raises risks for domain name holders'
> right to privacy and freedom of expression.
>
> Users of domain names have a legitimate and reasonable expectation
> of privacy. There are many users, particularly in the
> non-commercial world, who have valid reasons to conceal their
> identities or to register domain names anonymously. Although there
> are some domain name registrants who use the Internet to conduct
> fraud or to infringe on other people's or companies' intellectual
> property rights, we believe that a sensible privacy policy for WHOIS
> must protect the legitimate privacy expectations for domain
> registrants.
>
> First, for domain name registrars to compel registrants to
> disclose personal information, even information related to domain
> registration, poses dangers to freedom of expression and privacy on
> the Internet. Many domain name registrants--and particularly
> noncommercial users--do not wish to make public the information that
> they furnished to registrars. Some of them may have legitimate
> reasons to conceal their actual identities or to register domain
> names anonymously. For example, there are political, cultural,
> religious groups, media organizations, non-profit and public
> interest groups around the world that rely on anonymous access to
> the Internet to publish their messages. Anonymity may be critical
> to them in order to avoid persecution.
>
> Second, WHOIS data should not be available to anyone with access to
> the Internet. It is well known that broad access to personal
> information online contributes to fraud such as identity theft. US
> Federal Trade Commission (FTC) advises consumers to protect
> themselves from identity theft, and generally from Internet-related
> frauds, by not disclosing personally identifiable information. The
> mandatory publication of WHOIS data is contrary to the FTC's advice.
>
> We urge ICANN to consider the views of consumer organizations
> and civil liberties groups on the WHOIS. At a minimum, we
> believe that adequate privacy safeguards should include the
> following principles:
>
> - The purposes for which domain name holders' personal data
> may be collected and published in the WHOIS database have to
> be specified; they should, as a minimum, be legitimate and
> compatible to the original purpose for which this database was
> created; and this original purpose cannot be extended to other
> purposes simply because they are considered desirable some
> users of the WHOIS database;
>
> - The most relevant purpose for collecting WHOIS data is to
> combat spam;
>
> - The amount of data collected and made publicly available in
> the course of the registration of a domain name is limited to
> what is essential to fulfill the purposes specified;
>
> - Any secondary use that is incompatible with the original
> purpose specified requires the individual's freely given and
> informed consent;
>
> - The publication of individuals' personal information on the
> Internet through the WHOIS database should not be mandatory;
> it should be possible for individuals to register domain names
> without their personal information appearing on a publicly
> available register; amnd
>
> - Disclosure of WHOIS information to a law enforcement official
> or in the context of civil litigation must be pursuant to explicit
> legal authority set out in statute.
>
> Such a policy would not frustrate lawful criminal investigations. It
> would instead establish necessary privacy safeguards, and reduce the
> risk that the widespread availability of WHOIS information will lead
> to greater fraud, more spam, and jeopardize freedom of expression.
>
>
> Respectfully submitted,
>
>
> Signatories:
> Š
> cc: Š
> ------------------------------------
>
>
> REFERENCES:
>
> Memo from ICANN President Paul Twomey concerning WHOIS, 18 September
> 2003. <http://www.icann.org/announcements/announcement-18sep03.htm>.
>
> ICANN Carthage WHOIS Workshop Agenda, 30 September 2003.
> <http://www.icann.org/carthage/whois-workshop-agenda.htm>.
>
> ICANN WHOIS Privacy Steering Group webpage.
> <http://gnso.icann.org/issues/whois-privacy/>.
>
> ICANN, Staff Manager's Issues Report on Issues Related to WHOIS, 13
> May 2003.
> <http://www.icann.org/gnso/issue-reports/whois-privacy-report-
> 13may03.htm>.
>
> Public Internet Registry, Letter regarding WHOIS to Chairman Lamar
> Smith, United States House Judiciary Committee, Subcommittee on
> Courts, the Internet, and Intellectual Property, 16 September 2003.
> <http://www.pir.org/about_pir/pir_policy/PIR_WHOIS_HOUSE_DFT3-
> ELECTRONIC1.pdf>.
>
> Public Interest Registry, Comments to the Final Report of the GNSO
> Council's WHOIS Task Force Accuracy and Bulk Access, 17 February 2003.
> <http://www.dnso.org/dnso/dnsocomments/comments-whois/Arc03/
> pdf00000.pdf>.
>
> Generic Names Supporting Organization (GNSO), WHOIS Privacy Issues
> Table, 14 August 2003.
> <http://gnso.icann.org/issues/whois-privacy/table-whois-privacy-
> issue.shtml>.
>
> GNSO WHOIS Task Force, Final Report of the GNSO Council's WHOIS Task
> Force Accuracy and Bulk Access, 19 February 2003.
> <http://www.icann.org/gnso/whois-tf/report-19feb03.htm>.
>
> Electronic Privacy Information Center (EPIC), Minority Comments to the
> Final Report of the GNSO Council's WHOIS Task Force Accuracy and Bulk
> Access.
> <http://www.icann.org/gnso/whois-tf/report-
> 19feb03.htm#MinorityReports>.
>
> EPIC WHOIS webpage.
> <http://www.epic.org/privacy/whois/>.
>
> EPIC WHOIS Privacy Issues Report, 10 March 2003.
> <http://www.epic.org/privacy/whois/privacy_issues_report.pdf>.
>
> EPIC and Privacy International, Privacy and Human Rights - An
> international Survey of Privacy Laws and Developments, 2003.
> <http://www.privacyinternational.org/survey/phr2003/threats.htm#WHOIS>.
>
> Organization for Economic Co-operation and Development (OECD),
> Guidelines on the Protection of Privacy and Transborder Flows of
> Personal Data.
> < http://www1.oecd.org/publications/e-book/9302011E.PDF> (English).
> <http://www1.oecd.org/publications/e-book/9302012E.PDF> (français).
>
> European Union, Directive 1995/46/EC of the European Parliament and
> the Council on the Protection of Individuals with regard to the
> processing of Personal Data and on the Free Movement of such Data ("EU
> Data Protection Directive").
> <http://www.europa.eu.int/smartapi/cgi/
> sga_doc?smartapi!celexapi!prod!CELEXnumdoc&lg=EN&numdoc=31995L0046&mode
> l=guichett> (English).
> <http://www.europa.eu.int/smartapi/cgi/
> sga_doc?smartapi!celexapi!prod!CELEXnumdoc&lg=fr&numdoc=31995L0046&mode
> l=guichett> (français).
> <http://www.europa.eu.int/smartapi/cgi/
> sga_doc?smartapi!celexapi!prod!CELEXnumdoc&lg=es&numdoc=31995L0046&mode
> l=guichett> (español).
>
> European Union Article 29 Data Protection Working Group, Opinion
> 2/2003 (WP 76) on the application of the data protection principles to
> the Whois directories, 13 June 2003.
> <http://europa.eu.int/comm/internal_market/privacy/docs/wpdocs/2003/
> wp76_en.pdf> (English).
> <http://europa.eu.int/comm/internal_market/privacy/docs/wpdocs/2003/
> wp76_fr.pdf> (français).
> <http://europa.eu.int/comm/internal_market/privacy/docs/wpdocs/2003/
> wp76_es.pdf> (español).
>
> International Working Group on Data Protection in Telecommunications,
> "Common Position on Privacy and Data Protection aspects of the
> Registration of Domain Names on the Internet" (adopted at the 27th
> meeting of the Working Group on May 4-5, 2000 in Rethymnon, Crete).
> <http://www.datenschutz-berlin.de/doc/int/iwgdpt/dns_en.htm>.
>
> United States Federal Trade Commission, National and State Trends in
> Fraud and Identity Theft (January 2002 - December 2002), January 22,
> 2003.
> <http://www.consumer.gov/sentinel/pubs/Top10Fraud_2002.pdf>.
