ICANN's GNSO Council stumbled and bumbled its way to a nonresolution of the Whois privacy controversy today (Wednesday, All Hallows Eve). On the surface, nothing changed. ICANN's domain name policy Council managed to kill a proposal to shield the address information of natural persons through an “operational point of contact” — an idea which even privacy advocates had come to mistrust as it became increasingly warped by trademark lawyers seeking leverage as it wound its way through the process. The Council also narrowly defeated a radical proposal, backed by privacy advocates, to “sunset” Whois after a year, although that resolution fell by an unexpectedly slim margin of 13-10. But what, exactly, did the Council pass? To simplify the murky jumble of amendments assembled on the fly, the GNSO left the status quo in place while recognizing that something needs to be done and calling for….studies, but deferring to a later date a definition of the nature of the studies. In short, nothing has changed. Or has it?
Despite ICANN's inertia the “status quo” Whois is gradually being eroded by a combination of market forces, which allow registrants to buy a modicum of privacy protection from registrars, and the ongoing threat of legal assaults on Whois from outside the United States. A growing number of ccTLDs and gTLDs can be expected to force ICANN to adjust its Whois requirements to the data protection laws of other countries, the most current example being the TELNIC case. This means that the status quo equilibrium left in place by ICANN's inability to act is tilting slowly in favor of privacy. At the same time, law enforcement and takedown measures are taking new directions, pioneered by the Anti-Phishing Working Group, that also work outside the ICANN process.
The IGP blog piece on how the TELNIC request for an exception to Whois was bogged down in the GAC seems to have had a big impact at this meeting. The GNSO-GAC meeting put the problem first on the agenda. Although there was a lot of hemming and hawing, eventually the GAC was forced to concede that it would never be able to agree on the issue. The ICANN Board seems to be interpreting this in the proper way — i.e., as a license to make the decision itself. The ability to act globally when differences among territorial authorities would create a morass of conflict was one of the most important justifications for creating ICANN in the first place.
The ICANN Board will therefore begin to bless exemptions from Whois based on national law, a trend that is inevitable, cumulative and as right as rain. And by that time the law enforcement and trademark interests, who will be avidly pursuing aggressive takedown or identification measures that rely only marginally on Whois, will be forced to concede that Whois data was not all that critical in the first place., it is just a supplement for more basic kinds of information. And oh, by the way, the trademark interests who during this latest process consistently used the privacy services of registrars as a justification for the status quo will have a much harder time attacking the proxy industry further down the road.