6. Policies & rules of disclosure¶
There are some built-in policies and rules concerning contact information disclosure to third-party entities, which include the public.
The contact information that is subject to the data collection policy and disclosure
policy entails these contact attributes:
name, organization, address (<addr/>), telephone (<voice/>),
fax (<fax/>), email (<email/>), vat (<vat/>),
identity document (<ident/>), notify email (<notifyEmail/>).
Clients (registrars) are not considered third-party entities in the FRED, and they deal with the information under terms of a contract with the Registry operator.
Changed in version 2.38: The policies are configurable. This chapter describes the default CZ-specific configuration that used to be hard-coded in version 2.37.
Note
The policies & rules of disclosure may be configured by the Registry operator differently.
The Registry operator is supposed to publish a document that declares the rules of registrar communication with the Registry, including a description of the policies & rules of disclosure.
If you are a CZ.NIC registrar, the following description applies to you.
6.1. Data collection policy¶
This policy is expressed in the greeting
from the EPP server, in the element <dcp> (data collection policy);
hide is expressed as <access><none/></access> and can be checked e.g.
by examining that the xpath /epp/greeting/dcp/access/none is an
existing node.
This says that the policy of the server is to disclose none of the data collected over EPP to third-party entities. However, this policy has exceptions arising from the disclosure policy of the server and individual disclosure preferences of each contact.
6.2. Server disclosure policy¶
The server disclosure policy defines the default disclosure preference (flag) for each attribute and also says which attribute’s disclosure preference is adjustable by contacts.
The server’s default disclosure preference is to hide all personal information except name and organization, which are always visible, and address, which is forced visible on creation, but is hidden later when certain conditions are met (see Hiding address). Visibility of other contact attributes can be adjusted on demand as explained in Contact disclosure preference.
Attributes |
name |
organization |
address |
telephone |
fax |
vat |
identity |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|---|
Default flags (contact:create) |
show |
show |
show |
hide |
hide |
hide |
hide |
hide |
hide |
Nature |
fixed |
fixed |
adjustable * |
adjustable |
adjustable |
adjustable |
adjustable |
adjustable |
adjustable |
Server disclosure preference also means, that responses to contact:info
use flag="1" to describe contact disclosure preference, i.e. which attributes
are shown as opposed to the server’s default disclosure preference.
6.3. Contact disclosure preference¶
The contact disclosure preference expresses an opposite of the server disclosure preference where it is allowed by the policy to be adjusted. With the server disclosure preference to hide data, the contact disclosure preference represents consent to disclose a piece of personal information.
To set or view disclosure preference, the <contact:disclose> element is used.
Its syntax is described in the reference of each command:
viewing disclosure preference with contact:info;
setting disclosure preference with contact:create is allowed for the attributes:
telephone (<voice/>), fax (<fax/>), email (<email/>), vat (<vat/>), identity document (<ident/>), notify email (<notifyEmail/>);setting disclosure preference with contact:update is allowed for the attributes:
address (<addr/>), telephone (<voice/>), fax (<fax/>), email (<email/>), vat (<vat/>), identity document (<ident/>), notify email (<notifyEmail/>).
Disclosure preference for name and organization cannot be adjusted, therefore they are never listed in requests nor responses.
If the contact does not satisfy the conditions for hiding address, then
<addr/> must be listed in update requests that are based on flag="1".
See also the examples at the end of this chapter.
6.4. Hiding address¶
When a new contact is being created, the contact disclosure preference for address cannot be requested and the server uses its default disclosure preference, which is to show address.
Once the contact [1] is verified (gets the status flag identifiedContact
or validatedContact), the server changes
the disclosure preference for address to “hide” automatically and
notifies the client (the designated registrar) about this change in a poll message.
At this point, the contact is allowed to change it.
When the contact [1] loses verification, the server changes the disclosure preference for address back to “show” automatically (the client is NOT notified about this change). At this point, the contact cannot change it.
When the contact [1] regains verification, the same thing happens as if it has gained it for the first time, see above. The previous contact disclosure preference for address is ignored and overwritten.
Note
The <addr/> disclose flag affects disclosure of all addresses
in a contact.
6.5. Examples of behaviour¶
6.5.1. contact:create command¶
6.5.1.1. Request – without the element <contact:disclose>¶
The EPP request does not contain <contact:disclose>
Result – the response to contact:info contains:
<contact:disclose flag="1">
<contact:addr/>
</contact:disclose>
Interpretation of the result:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
show |
hide |
hide |
hide |
hide |
hide |
hide |
6.5.1.2. Requests to show listed attributes – <contact:disclose flag="1">¶
6.5.1.2.1. Request – empty element <contact:disclose>¶
The EPP request contains:
<contact:disclose flag="1">
</contact:disclose>
Result – the response to contact:info contains:
<contact:disclose flag="1">
<contact:addr/>
</contact:disclose>
Interpretation of the result:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
show |
hide |
hide |
hide |
hide |
hide |
hide |
6.5.1.2.2. Request – show all you can¶
The EPP request contains:
<contact:disclose flag="1">
<contact:voice/>
<contact:fax/>
<contact:email/>
<contact:vat/>
<contact:ident/>
<contact:notifyEmail/>
</contact:disclose>
Result – the response to contact:info contains:
<contact:disclose flag="1">
<contact:addr/>
<contact:voice/>
<contact:fax/>
<contact:email/>
<contact:vat/>
<contact:ident/>
<contact:notifyEmail/>
</contact:disclose>
Interpretation of the result:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
show |
show |
show |
show |
show |
show |
show |
6.5.1.2.3. Request – show a specified subset¶
The EPP request contains:
<contact:disclose flag="1">
<contact:email/>
<contact:vat/>
<contact:ident/>
</contact:disclose>
Result – the response to contact:info contains:
<contact:disclose flag="1">
<contact:addr/>
<contact:email/>
<contact:vat/>
<contact:ident/>
</contact:disclose>
Interpretation of the result:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
show |
hide |
hide |
show |
show |
show |
hide |
6.5.1.3. Requests to hide listed attributes – <contact:disclose flag="0">¶
These requests don’t make sense when the policy is to hide; it always
results in a contact having all disclosure settings set to hide except
for address which can’t be set in the operation create and is set
to show.
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
show |
hide |
hide |
hide |
hide |
hide |
hide |
6.5.2. contact:update command¶
6.5.2.1. Request – without the element <contact:disclose>¶
Contact disclosure settings before the request:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
show |
hide |
hide |
hide |
hide |
hide |
show |
The EPP request does not contain <contact:disclose>
Result – the response to contact:info contains:
<contact:disclose flag="1">
<contact:addr/>
<contact:notifyEmail/>
</contact:disclose>
Interpretation of the result:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
show |
hide |
hide |
hide |
hide |
hide |
show |
6.5.2.2. Requests to show listed attributes – <contact:disclose flag="1">¶
The result depends on the contact, whether it satisfies conditions for
hiding address and the element <addr/> is listed in the request.
Element |
Contact satisfies conditions for hiding address |
Result |
|---|---|---|
NO |
NO |
|
NO |
YES |
|
YES |
NO |
|
YES |
YES |
|
6.5.2.2.1. Request – empty element <contact:disclose> – contact does NOT satisfy conditions for hiding address¶
The EPP request contains:
<contact:disclose flag="1">
</contact:disclose>
The request results in an error:
<result code="2304">
<msg>Object status prohibits operation</msg>
</result>
6.5.2.2.2. Request – empty element <contact:disclose> – contact DOES satisfy conditions for hiding address¶
Contact disclosure settings before the request:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
show |
show |
show |
hide |
hide |
hide |
hide |
The EPP request contains:
<contact:disclose flag="1">
</contact:disclose>
Result – the response to contact:info contains:
<contact:disclose flag="1"/>
Interpretation of the result:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
hide |
hide |
hide |
hide |
hide |
hide |
hide |
6.5.2.2.3. Request – show all you can¶
Contact disclosure settings before the request:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
show |
show |
show |
hide |
hide |
hide |
hide |
The EPP request contains:
<contact:disclose flag="1">
<contact:addr/>
<contact:voice/>
<contact:fax/>
<contact:email/>
<contact:vat/>
<contact:ident/>
<contact:notifyEmail/>
</contact:disclose>
Result – the response to contact:info contains:
<contact:disclose flag="1">
<contact:addr/>
<contact:voice/>
<contact:fax/>
<contact:email/>
<contact:vat/>
<contact:ident/>
<contact:notifyEmail/>
</contact:disclose>
Interpretation of the result:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
show |
show |
show |
show |
show |
show |
show |
6.5.2.2.4. Request – show a specified subset – contact does NOT satisfy conditions for hiding address (and <addr/> is NOT listed)¶
The EPP request contains:
<contact:disclose flag="1">
<contact:email/>
<contact:vat/>
<contact:ident/>
<contact:notifyEmail/>
</contact:disclose>
The request results in an error:
<result code="2304">
<msg>Object status prohibits operation</msg>
</result>
6.5.2.2.5. Request – show a specified subset – contact does NOT satisfy conditions for hiding address (and <addr/> IS listed)¶
Contact disclosure settings before the request:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
show |
hide |
show |
hide |
hide |
show |
show |
The EPP request contains:
<contact:disclose flag="1">
<contact:addr/>
<contact:email/>
<contact:vat/>
<contact:ident/>
<contact:notifyEmail/>
</contact:disclose>
Result – the response to contact:info contains:
<contact:disclose flag="1">
<contact:addr/>
<contact:email/>
<contact:vat/>
<contact:ident/>
<contact:notifyEmail/>
</contact:disclose>
Interpretation of the result:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
show |
hide |
hide |
show |
show |
show |
show |
6.5.2.2.6. Request – show a specified subset – contact DOES satisfy conditions for hiding address¶
Contact disclosure settings before the request:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
show |
hide |
show |
hide |
hide |
show |
show |
The EPP request contains:
<contact:disclose flag="1">
<contact:email/>
<contact:vat/>
<contact:ident/>
<contact:notifyEmail/>
</contact:disclose>
Result – the response to contact:info contains:
<contact:disclose flag="1">
<contact:email/>
<contact:vat/>
<contact:ident/>
<contact:notifyEmail/>
</contact:disclose>
Interpretation of the result:
name |
organization |
address |
telephone |
fax |
vat |
ident |
notifyemail |
|
|---|---|---|---|---|---|---|---|---|
show |
show |
hide |
hide |
hide |
show |
show |
show |
show |
6.5.2.3. Requests to hide listed attributes – <contact:disclose flag="0">¶
These requests don’t make sense when the policy is to hide; it results in:
an error if the contact does not satisfy conditions for hiding address:
<result code="2304"> <msg>Object status prohibits operation</msg> </result>
otherwise, all disclosure settings being set to hide:
name
organization
address
telephone
fax
email
vat
ident
notifyemail
show
show
hide
hide
hide
hide
hide
hide
hide
