RE: An user's point of view on the privacy issue

["Michael Young" <myoung@libertyrms.info>]

Thank you for providing your opinion on privacy issues Vittorio.  I
think you'll find by reviewing the list that the current debate in the
provreg working group is not about whether or not a privacy mechanism is
desirable, but really about the technical implementation and where that
should happen.  There are multiple approaches to how to solve for this
problem, and all of them have their perceived advantages and
disadvantages. Some approaches that are being heavily advocated from
non-technical stakeholders have some serious implementation and
performance impacts, and that's really whats at the heart of the debate
right now.  BTW in my opinion, this forum is not meant as a venue for
the amount of policy based discussion that has occurred of late - it is
meant to be a technical working group.  Hence I honestly would like to
see less soap-box speechs and more work towards a compromise, such as
the one Janusz posted to the list.  Although that idea got shot down, it
was the right kind of effort we should be concentrating on.     


Michael Young 

-----Original Message-----
From: owner-ietf-provreg@cafax.se [mailto:owner-ietf-provreg@cafax.se]
On Behalf Of Vittorio Bertola
Sent: January 17, 2003 5:03 AM
To: ietf-provreg@cafax.se
Subject: An user's point of view on the privacy issue


Hello,

I am a newbie of this group and of the IETF WGs in general (please
pardon me for anything inappropriate I might unvoluntarily do). However,
I have been discussing DNS privacy issues extensively in the last years,
so please allow me to give my point of view on the ongoing privacy
discussion.

Not addressing the privacy issue in the base protocol would likely imply
that the service would often be deployed in real life without any means
to achieve privacy protection. Unfortunately, the present lack of
privacy protection in the WHOIS system is plainly illegal in many
countries, and I don't think it's reasonable to think that this
situation can go on for long without actual lawsuits starting to happen,
both towards ccTLD and gTLD registries and registrars. 

In fact, as others have already pointed out, many registries (especially
European ccTLDs) have already started to allow opting out from WHOIS
under certain conditions or for certain types of data, or even, have
already been sued on this. Personally, I think that the present
situation where gTLD registrants are required to make all their data
public won't last long.

Thus, any new protocol being created in this field should be able to
support the ability to mark data as private - otherwise in the end it
might be useless or even damaging. If this protocol doesn't implement
any simple and standard way to specify reasonable privacy directives
together with data, it is likely that many registrars and registries
will be soon forced, by law, lawsuits, or public opinion pressure, to
add their own (non-standard and non-interoperable) ones.

The protocol must allow customers to specify privacy conditions with the
highest possible granularity, because it must be able to support
policies that will be very different one from the other and will vary
often (much more often than the protocol itself) according to
non-technical decisions. No privacy policy should be hard-wired in the
protocol (and this includes the policy of "no privacy is possible" that
would result from the lack of privacy specification tools in the base
protocol).

I must also point out that, according for example to the European law,
it is the customer, nor the registrar nor the registry nor any policy or
standard making body, that decides what should be published and what
should not. The registrar or registry are not allowed to alter the
customer's indications on privacy. At most, the registrar/registry may
refuse to supply the service if the customer does not accept to
distribute data that are strictly necessary for the service to work. (It
seems to me very doubtful that publishing my name and e-mail to the
whole world is strictly necessary for my name servers to work. But this
is a policy and legal discussion anyway, and is out of this list's
scope.)

So, the minimum level of granularity that the protocol should support to
be applicable in real life is the ability to mark each field of each
domain name registration form as private or public, singularly for each
(domain, field) couple.

The EU law also states that the owner of the data has the right to
verify and update the data and retire the consensus to the distribution
at any time. So the protocol should allow for updates not only of the
data but of the privacy indications too.

Theoretically, a registrar could ask separate approvals to the customer
for different uses of the same data. In this case, a mechanism with more
levels of privacy would be necessary. However, this is an option for the
registrar, not a requirement, so this could be left to extensions.
Similarly, a specific approval is required to export data outside of the
European Union, so a mechanism to specify a list of countries to which
data can(not) be exported could be of use, but this problem can be
easily avoided by the registrar by asking for such consensus, so this
could be left as a possible extension too.

Thus, summarizing, I support the idea that a mechanism to specify (at
least) whether each single field of each single domain name is meant to
be public or private should be added to the base protocol, and its
implementation should be mandatory.
-- 
vb.                  [Vittorio Bertola - vb [at] bertola.eu.org]<---
-------------------> http://bertola.eu.org/ <-----------------------