On 06/01/2018 09:37 AM, McBride, Mack wrote:
For routing whois information there aren't going to be many individuals and it would seem that the corporations who employee individuals should be the ones protecting those individuals work emails by providing a generic contact email forward. Which is good practice anyway since people leave and go on vacation and problems still happen. And the routing whois information is a lot more relevant to most of us here.
+1 Perhaps the Right Thing(SM) to do is to update the best practices documents regarding role e-mail accounts for network operators. 1. Add "networkmaster@example.com" to the list of required role accounts. 2. Require that e-mail sent to role "networkmaster@example.com" be accessible in some way by all technical people for the network in question. This can be done using a ticket system, or a simple mail exploder. 3. Require that e-mail sent to role account "abuse@example.com" by accessible in some way by all members of the abuse desk. This can be done using a ticket system, or a simple mail exploder. 4. Require the WHOIS information specify exactly these role accounts for TECH and ABUSE, not a person. This gets around the GDPR requirements while maintaining the usefulness of the WHOIS without having to go through an intermediate party or web site. ICANN may want to consider this idea when adjusting its contracts with registrars to eliminate GDPR exposure.