[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[icann-eu] NSI selling data of domain name holders issue


sorry for not always responding on the same day; as you can guess
it takes some time for me to get an overview. 

NSIīs action to sell data of domain name holders to mass marketers
is starting to get discussed within the icann board. Vint asked for
some legal advise for possible action and got

>The ICANN agreement most relevant to this practice is the Registrar
>Accreditation Agreement.  That agreement adopts a notice-and-consent
>approach to use of personal data.  Sections II.J.7.b and .c of the
>Registrar Accreditation Agreement provide that the registrar shall agree
>with the SLD holder (registrant) as follows:
>  "b. Registrar shall provide notice to each new or renewed SLD holder
>       stating:
>     i. The purposes for which any Personal Data collected from the
>       applicant are intended;
>     ii. The intended recipients or categories of recipients of the
>         data (including the Registry and others who will receive the 
>         data from Registry);
>    iii. Which data are obligatory and which data, if any, are
>        voluntary; and
>     iv. How the SLD holder or data subject can access and, if
>        necessary, rectify the data held about them.
>  "c. The SLD holder shall consent to the data processing referred to 
>       in Section II.J.7.b."
>At the time (March 1999) this language was approved by the Board, there
>was significant community comment that ICANN's approach in its Registrar
>Accreditation Agreement should be that, if fair notice is given and
>consent obtained as described above, registrars and customers should be
>free to agree to the manner in which personal data is treated.  For
>example, there was some comment that some business models may involve
>giving domain name registrations free of charge, on the condition that
>the customer must agree to allow his or her data to be sold to third
>parties.  Other registrars, on the other hand, may seek to attract
>customers by offering opt-outs for inclusion of the customer's data in
>mailing lists that are sold.  In this way, if there is consumer demand
>for more restrictive commercial use of consumer information, market
>forces should ensure that consumers have the option.

In my opinion of course this policy is a problem, even if it does not answer
the question if NSI has asked itīs customers if they agree to selling their data.

The issue will be discussed in Melbourne in March and Iīd be happy to collect
your thoughts for a better policy. 

If we want to drive ICANN to any change in this, it would be a good idea 
to workout a clear suggestion and to adress it also to the public. It might
sound a little heavy, but I donīt think the freedom to the selling of domain
names should be general given. So this would mean to clearly take a
standpoint against registrars who finance the business instead of fees
by doing so. I my eyes data should be strictly handled for the purpose
it has been given.

Thanx for your suggestions:



Andy Mueller-Maguhn, andy@ccc.de, Key ID 331F978, http://www.ccc.de/~andy