Presentation is loading. Please wait.

Presentation is loading. Please wait.

Domain Name Registrant Data: The Privacy Questions Alan Davidson Center for Democracy and Technology

Published byLesley Patrick Modified over 9 years ago

Similar presentations

Presentation on theme: "Domain Name Registrant Data: The Privacy Questions Alan Davidson Center for Democracy and Technology"— Presentation transcript:

1 Domain Name Registrant Data: The Privacy Questions Alan Davidson Center for Democracy and Technology http://www.cdt.org

2  Goal: A framework for considering potential privacy questions raised by collection of and access to DNS registrant data.  Context: What data is collected, why is it needed, and who is it collected about?  Privacy: What privacy questions are raised?  Best practices: Ideas for reconciling privacy questions and data access needs. 1 Understanding the Privacy Questions

3 Context: The Need for Registrant Data u Technical stability u Law enforcement u Consumer protection u Intellectual property protection u Competition 2

4 A Spectrum of DNS Registrants  Range of domain name registrants: From large companies to individuals pursuing non-commercial purposes.  Increasing number of individuals in gTLDs. (Verisign estimate: 15% “non-business” and growing)  Note: Very different privacy expectations for different types of users. 3

5 Data Collection and Access Requirements The gTLD experience:  Data collected: Technical, billing, and administrative contact. Require name, address, phone, and email.  Access to data: Full public access, as quickly and completely as possible, for anyone online.  Bulk access: Both individual queries and bulk transfer to compilers and resellers of registrant info. 4

6 Privacy Questions  Note: Wide range of cultural perspectives and national laws.  Is personal information collected? For businesses, almost certainly not. For individuals, data can be personally identifiable and sensitive. (ex. home phone number)  Is there an expectation of privacy? For businesses, should be no. But for individuals, possible expectation of privacy today. 5

7 Privacy Questions II For individuals with a privacy expectation:  Are Fair Information Practices followed? Key issue is use of data.  Is the data used solely for the purpose for which it was collected? Difficult to enforce against secondary uses today. Possible unintended uses: Marketing and unsolicited email. Criminal use. Government persecution.  Other concerns? Some will not want to sacrifice privacy in order to access the DNS. 6

8 Reconciling Privacy Questions Some ideas for dealing with individual privacy::  Public education: Good notice, clear understanding of alternatives  Meaningful alternatives to registration  Allow proxy contacts (like “unlisted” numbers in the telephone book) for some registrant data 7

9 Reconciling Privacy Questions II Other ideas, raising implementation difficulties:  Limit secondary uses (allow bona fide requests, prohibit others)  Make only some data widely available (such as tech contact, legal address)  Separate commercial actors and non- commercial individuals (difficult!)  Create audit system and allow review of database queries (with delay as needed) 8

10 Conclusion u Range of important demands for fast access to registrant data. u Privacy questions limited in commercial setting, but raised by individual registrants and secondary use of information. u Look forward to working on ways to balance these concerns and reconcile privacy questions. 9

11 Fair Information Practice Principles  Openness (Notice)  Consent (Choice)  Access  Security  Accountability (Enforcement) Collection Limitation Data Quality Use Limitation

Download ppt "Domain Name Registrant Data: The Privacy Questions Alan Davidson Center for Democracy and Technology"

Similar presentations

Why the Financial Privacy Law is Better than People Think Professor Peter P. Swire Ohio State University University of Minnesota Symposium February 9,

Why the Financial Privacy Law is Better than People Think Professor Peter P. Swire Ohio State University University of Minnesota Symposium February 9,
EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.

EU Privacy Directive. What is a directive? A piece of European legislation, passed by bureaucrats, addressed to member states Member states must ensure.
ICANN Report Presented by: Dr Paul Twomey CEO and President LACNIC, Montevideo 31 March 2004.

ICANN Report Presented by: Dr Paul Twomey CEO and President LACNIC, Montevideo 31 March 2004.
Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.

Identifying Data Protection Issues Developing Lifelong Learner Record Systems and ePortfolios in FE and HE: Planning for, and Coping with, Legal Issues.
CcTLD Meetings Rome 2004 WHOIS & Data Privacy Jean-Christophe Vignes Registry Liaison Manager.

CcTLD Meetings Rome 2004 WHOIS & Data Privacy Jean-Christophe Vignes Registry Liaison Manager.
Safeguarding Data to Ensure Effective Data Use Paige Kowalski |Director| State Policy & Advocacy July 2014.

Safeguarding Data to Ensure Effective Data Use Paige Kowalski |Director| State Policy & Advocacy July 2014.
© 2003 Public Interest Registry Whois Workshop Introduction to Registry/Registrar Issues Presented by Bruce W. Beckwith VP, Operations June 23, 2003 Serving.

© 2003 Public Interest Registry Whois Workshop Introduction to Registry/Registrar Issues Presented by Bruce W. Beckwith VP, Operations June 23, 2003 Serving.
CHAPTER 4 E-ENVIRONMENT

CHAPTER 4 E-ENVIRONMENT
1 Allan Chiang, S.B.S. Privacy Commissioner for Personal Data 8 July 2013 Asian Privacy Scholars Network Conference Balance between Access to Public Domain.

1 Allan Chiang, S.B.S. Privacy Commissioner for Personal Data 8 July 2013 Asian Privacy Scholars Network Conference Balance between Access to Public Domain.
Registrar experiences with WHOIS Bruce Tonkin Melbourne IT Ltd.

Registrar experiences with WHOIS Bruce Tonkin Melbourne IT Ltd.
TRADE SECRETS, UNFAIR COMPETITION, EMPLOYEE RAIDS AND EMPLOYEE COVENANTS Alan N. Greenspan Jackson Walker LLP.

TRADE SECRETS, UNFAIR COMPETITION, EMPLOYEE RAIDS AND EMPLOYEE COVENANTS Alan N. Greenspan Jackson Walker LLP.
Slide 1 Whois Workshop, ICANN Montreal Meeting Topic, June 2003 Privacy and Data protection consideration of the Whois directories discussion Diana ALONSO.

Slide 1 Whois Workshop, ICANN Montreal Meeting Topic, June 2003 Privacy and Data protection consideration of the Whois directories discussion Diana ALONSO.
IS3350 Security Issues in Legal Context

IS3350 Security Issues in Legal Context
CONSUMER CREDIT LEGISLATION Carl Johnson Financial Literacy Jenks High School.

CONSUMER CREDIT LEGISLATION Carl Johnson Financial Literacy Jenks High School.
1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,

1 PRIVACY ISSUES IN THE U.S. – CANADA CROSS BORDER BUSINESS CONTEXT Presented by: Anneli LeGault ACC Greater New York Chapter Compliance Seminar May 19,
McCarthy Tétrault McCarthy Tétrault LLP An Act respecting the protection of personal information in the private sector (Quebec): « Particularities of the.

McCarthy Tétrault McCarthy Tétrault LLP An Act respecting the protection of personal information in the private sector (Quebec): « Particularities of the.
P3P: Platform for Privacy Preferences Charlin Lu Sensitive Information in a Wired World November 11, 2003.

P3P: Platform for Privacy Preferences Charlin Lu Sensitive Information in a Wired World November 11, 2003.
Legal European Aspects of Digital Rights Management © Abdullah Sherbini 2006 بسم الله الرحمن الرحيم.

Legal European Aspects of Digital Rights Management © Abdullah Sherbini 2006 بسم الله الرحمن الرحيم.
March 13, 2004Securing Privacy Conference1 SENSOR NETWORKS & PRIVACY Pamela Samuelson, UC Berkeley, Securing Privacy Conference, March 13, 2004.

March 13, 2004Securing Privacy Conference1 SENSOR NETWORKS & PRIVACY Pamela Samuelson, UC Berkeley, Securing Privacy Conference, March 13, 2004.
Institute of Information Systems, Humboldt University, 2006· Privacy Engineering Sarah Spiekermann & Lorrie Faith Cranor DIMACS Workshop, Rutgers University.

Institute of Information Systems, Humboldt University, 2006· Privacy Engineering Sarah Spiekermann & Lorrie Faith Cranor DIMACS Workshop, Rutgers University.

Similar presentations

Ads by Google