<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Not sure why you conflate the inaccuracy rate of the ARS (which
acually shows an increase in overall contactibility of the
registrants IIRC) with GDPR compliance. A database filled with
100% inaccurate data would be fully GDPR compliant as there is no
personal data in it. How useful that data then is for any of the
purposes is another question though.</p>
<p>If anything, the functionality of the DNS with an error rate that
high might even call into question the validity of the purposes
for collection and processing in the first place, but I am sure we
don't want to go there.</p>
<p>Best,</p>
<p>Volker<br>
</p>
<div class="moz-cite-prefix">Am 30.05.2019 um 18:46 schrieb Margie
Milam:<br>
</div>
<blockquote type="cite"
cite="mid:CB7EBFF1-E262-4E63-A130-B0A906B5A2C1@fb.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri",sans-serif;
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;
color:black;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle21
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle22
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.EmailStyle23
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.EmailStyle24
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle25
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle26
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle27
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle28
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.EmailStyle30
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;color:windowtext">Georgios & All
–<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;color:black">Thank
you for the reply. With regard to accuracy – please note
that the latest accuracy report posted by ICANN in June,
2018 noted a
<b>decline</b> in accuracy rates</span><span
style="font-size:11.0pt;color:black">. It reported that
only
</span><span
style="font-size:11.0pt;color:black;background:white">56% of
domains passed all operability tests, a decrease from Cycle
5 (63% in Dec 2017). With a 44% inaccuracy rate – this
points to the need for us to examine whether the current
rules/policies incorporated in the ICANN contracts are
robust enough to produce a GDPR compliant system.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:black;background:white"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:black;background:white">All
the best,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:black;background:white">Margie<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:black;background:white"></span><span
style="font-size:11.0pt;color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:windowtext"><o:p> </o:p></span></p>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From: </b>Gnso-epdp-team
<a class="moz-txt-link-rfc2396E" href="mailto:gnso-epdp-team-bounces@icann.org"><gnso-epdp-team-bounces@icann.org></a> on behalf of
<a class="moz-txt-link-rfc2396E" href="mailto:Georgios.TSELENTIS@ec.europa.eu">"Georgios.TSELENTIS@ec.europa.eu"</a>
<a class="moz-txt-link-rfc2396E" href="mailto:Georgios.TSELENTIS@ec.europa.eu"><Georgios.TSELENTIS@ec.europa.eu></a><br>
<b>Date: </b>Thursday, May 30, 2019 at 4:12 AM<br>
<b>To: </b><a class="moz-txt-link-rfc2396E" href="mailto:vgreimann@key-systems.net">"vgreimann@key-systems.net"</a>
<a class="moz-txt-link-rfc2396E" href="mailto:vgreimann@key-systems.net"><vgreimann@key-systems.net></a>, <a class="moz-txt-link-rfc2396E" href="mailto:milton@gatech.edu">"milton@gatech.edu"</a>
<a class="moz-txt-link-rfc2396E" href="mailto:milton@gatech.edu"><milton@gatech.edu></a><br>
<b>Cc: </b><a class="moz-txt-link-rfc2396E" href="mailto:gnso-epdp-team@icann.org">"gnso-epdp-team@icann.org"</a>
<a class="moz-txt-link-rfc2396E" href="mailto:gnso-epdp-team@icann.org"><gnso-epdp-team@icann.org></a><br>
<b>Subject: </b>Re: [Gnso-epdp-team] For your review -
Clarifying Legal Questions Table<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:windowtext"><o:p> </o:p></span></p>
</div>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:#1F497D">Dear Volker, Milton,
EPDP colleagues,</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:#1F497D">I am reading with
great interest the reactions to the clarification questions
we sent, in particular regarding accuracy. The mere fact
that the community has different understandings as to what
exactly it means in the WHOIS policy reform under GDPR begs
for asking those questions and not putting the issue (again)
under the carpet. We might come with an outcome that current
accuracy measures are sufficient for WHOIS GDPR compliance,
or that we need more to do. Anyhow at this stage those are <u>clarification
questions</u> not a policy per se so I would welcome first
the legal counsel to provide some informed opinion before
any community jumping to conclusions.
</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:#1F497D">Best regards,</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:#1F497D">Georgios</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-left:.5in"><b><span
style="font-size:11.0pt;color:windowtext">From:</span></b><span
style="font-size:11.0pt;color:windowtext">
Gnso-epdp-team <a class="moz-txt-link-rfc2396E" href="mailto:gnso-epdp-team-bounces@icann.org"><gnso-epdp-team-bounces@icann.org></a>
<b>On Behalf Of </b>Volker Greimann<br>
<b>Sent:</b> Wednesday, May 29, 2019 6:54 PM<br>
<b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:gnso-epdp-team@icann.org">gnso-epdp-team@icann.org</a><br>
<b>Subject:</b> Re: [Gnso-epdp-team] For your review -
Clarifying Legal Questions Table</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
<p style="margin-left:.5in">Hi Margie,<o:p></o:p></p>
<p style="margin-left:.5in">the risk of the poor registrant
losing his domain name due to inaccurate whois data is
actually entirely of ICANNs making as contracted parties
certainly do not need this data set for the purposes of
maintaining the registration. We have account data for that.
The only reason whois inaccuracies can cause a registrant to
lose his domain is ICANN policies and contractual obligations
regarding failures to update inaccurate data and registrars
opting for deletion instead of deactivation (do such
registrars still exist?).<o:p></o:p></p>
<p style="margin-left:.5in">For all other purposes reasonable
steps are already being taken, as I explained in my previous
mail.<o:p></o:p></p>
<p style="margin-left:.5in">Best,<o:p></o:p></p>
<p style="margin-left:.5in">Volker<o:p></o:p></p>
<div>
<p class="MsoNormal" style="margin-left:.5in">Am 29.05.2019 um
18:38 schrieb Margie Milam:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">Hi Chris and all –</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">To answer your question, the
legal advice provided by Bird & Bird on accuracy
addresses this issue and notes that there is a positive
obligation on the controller to ensure the data is
accurate depending on the circumstances and the
consequences of processing inaccurate data. It also notes
that a controller may have to get independent confirmation
where the impact is particularly significant. In
addition, the issue of data accuracy as part of a GDPR
compliant system was also raised by the European
Commission in its recent comments to the Board.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">In the case of domain names, the
consequence of inaccurate data affects not just the
registrant (who could lose its domain name), but those
that may be trying to resolve technical issues,
cyber-crime or consumer protection issues. We also have
numerous studies conducted by ICANN over the last decade
that show unacceptable levels of accuracy in the WHOIS
system. This is why the question of accuracy was pushed
to Phase 2 in our Phase 1 Final Report so that we could
explore these issues further. See Footnote 6 where it
says: <i>The topic of accuracy as related to GDPR
compliance is expected to be considered further as well
as the WHOIS Accuracy Reporting System.</i></span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">All the best,</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">Margie</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-left:.5in"><b>From: </b>Gnso-epdp-team
<a href="mailto:gnso-epdp-team-bounces@icann.org"
moz-do-not-send="true">
<gnso-epdp-team-bounces@icann.org></a> on behalf
of Chris Disspain <a
href="mailto:chris.disspain@board.icann.org"
moz-do-not-send="true">
<chris.disspain@board.icann.org></a><br>
<b>Date: </b>Tuesday, May 28, 2019 at 9:48 AM<br>
<b>To: </b><a href="mailto:gnso-epdp-team@icann.org"
moz-do-not-send="true">"gnso-epdp-team@icann.org"</a>
<a href="mailto:gnso-epdp-team@icann.org"
moz-do-not-send="true"><gnso-epdp-team@icann.org></a><br>
<b>Subject: </b>Re: [Gnso-epdp-team] For your review -
Clarifying Legal Questions Table<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
</div>
<p class="MsoNormal" style="margin-left:.5in">Greetings All, <o:p></o:p></p>
<div>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in">I’m a little
confused by this discussion. Apologies in advance if the
below is wrong or naive or has been covered before.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in">I don’t
understand the connection between accuracy and GDPR. <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in">The
regulations govern a registrars right to collect the data
and what they can do with it. Assuming they have that
right under GDPR, the registrants obligation to provide
them with *accurate* data is not governed by GDPR but
rather the contractual relationship between registrar and
registrant and the registrar is entitled to require
accurate information from the registrant pursuant to that.
The registrar can also require the updating of changed
information and/or proactively seek re-confirmation of
accuracy. And ICANN, in its contract with a registrar, can
require that registrar to require the registrant to
provide accurate information. <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:12.0pt;margin-left:.5in">Other
than governing the right to collect the information (and
what can be done with it) does GDPR have some other role
that I’m missing?<o:p></o:p></p>
<div id="AppleMailSignature">
<div>
<p class="MsoNormal" style="margin-left:.5in">Cheers,<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:.5in">Chris<o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:12.0pt;margin-left:.5in"><br>
On 28 May 2019, at 17:23, Volker Greimann <<a
href="mailto:vgreimann@key-systems.net"
moz-do-not-send="true">vgreimann@key-systems.net</a>>
wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p style="margin-left:.5in">Didn't we have (and settle)
the same argument about six months ago?<o:p></o:p></p>
<p style="margin-left:.5in">This principle is a
protection of the data subject. When we create
personal data from the data provided to us by the data
subject or a third party, we must ensure we store it
accurately and our processing does not falsify it.
<o:p></o:p></p>
<p style="margin-left:.5in">As such, the contractual
provision that the data subject must provide to us
accurate data (and keep uit updated when it changes)
and the confirmation of the accuracy by the data
subject is sufficient for our purposes and therefore
reasonable in accordance with this principle. <o:p></o:p></p>
<p style="margin-left:.5in">The principles protect the
data subject, not third parties.<o:p></o:p></p>
<p style="margin-left:.5in">Can we now please stop going
over old settled issues?<o:p></o:p></p>
<p style="margin-left:.5in">Volker<o:p></o:p></p>
<div>
<p class="MsoNormal" style="margin-left:.5in">Am
28.05.2019 um 18:06 schrieb Greg Aaron:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">Milton, no, the word
“accuracy” does not appear only in GDPR Article
18. It appears most prominently in Article 5,
which says:</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">Art. 5 GDPR Principles
relating to processing of personal data</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">"1. Personal data shall
be: ... (d) accurate and, where necessary, kept up
to date; every reasonable step must be taken to
ensure that personal data that are inaccurate,
having regard to the purposes for which they are
processed, are erased or rectified without delay
(‘accuracy’);…</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#333333;background:white">2.
The controller shall be responsible for, and be
able to demonstrate compliance with, paragraph 1
(‘accountability’).”</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">There has been discussion
in legal and GDPR compliance communities that the
above means all of these:</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">a) Controllers have some
responsibilities to take positive steps to ensure
data collected from subjects is accurate.
</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">b) Organizations must
allow data subjects to rectify inaccuracies. (Your
point.)</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">c) The data controller
must carefully consider any challenges to the
accuracy of information – no matter where that
challenge comes from.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">d) Organizations must
identify essential steps to erase or rectify
inaccurate data without delay. And,</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">e) Within some limits,
the parties to a Date Sharing Agreement are free
to agree on terms and conditions applicable to
their sharing of data – for example specific
obligations and warranties about the accuracy and
completeness of data.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">How far the above extend,
and how they apply to RDS data, is a Phase 2
subject for exploration.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">GDPR certainly
discourages the submission or maintenance of data
that is incorrect or misleading. And Article 5
seems to mean more than “trust implicitly whatever
the data subject says, and correct the data only
if the data subject itself requests.” The GDPR
may contain some balancing mechanisms here, and
proportionality is a general principle of EU law.
</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">So, given all that, and
because there’s not a common understanding within
our group, these issues are definitely good ones
to ask Bird & Bird about.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">All best,</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">--Greg</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-left:.5in"><b><span
style="font-size:11.0pt">From:</span></b><span
style="font-size:11.0pt"> Gnso-epdp-team
<a
href="mailto:gnso-epdp-team-bounces@icann.org"
moz-do-not-send="true"><gnso-epdp-team-bounces@icann.org></a>
<b>On Behalf Of </b>Mueller, Milton L<br>
<b>Sent:</b> Saturday, May 25, 2019 9:18 AM<br>
<b>To:</b> <a
href="mailto:Georgios.TSELENTIS@ec.europa.eu"
moz-do-not-send="true">Georgios.TSELENTIS@ec.europa.eu</a>;
<a href="mailto:caitlin.tubergen@icann.org"
moz-do-not-send="true">caitlin.tubergen@icann.org</a><br>
<b>Cc:</b> <a
href="mailto:gnso-epdp-team@icann.org"
moz-do-not-send="true">gnso-epdp-team@icann.org</a><br>
<b>Subject:</b> Re: [Gnso-epdp-team] For your
review - Clarifying Legal Questions Table</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">Dear
Georgios and colleagues:</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">I think the
questions related to accuracy below are not worth
sending to the lawyers.
</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">They are
based on a fundamental misconception, one which we
have identified many times. Accuracy in GDPR and
other data protection law is a right _<i>of the
data subject</i>_, not a right of third parties
to accurate data about the data subject. </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">To prove
this, beyond a shadow of the doubt, let me note
that the word “accuracy” appears in GDPR in only
two places, in Art 18. </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">Article 18,
Right to restriction of processing:</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">-----------------------------------------------------------</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F4E79;background:white">“The
data subject shall have the right to obtain from
the controller restriction of processing where one
of the following applies: the </span><span
style="font-size:11.0pt;color:#1F4E79;border:none
windowtext 1.0pt;padding:0in;background:#FAF5E1">accuracy</span><span
style="font-size:11.0pt;color:#1F4E79;background:white"> of the personal
data is contested by the data subject, for a
period enabling the controller to verify the </span><span
style="font-size:11.0pt;color:#1F4E79;border:none
windowtext 1.0pt;padding:0in;background:#FAF5E1">accuracy</span><span
style="font-size:11.0pt;color:#1F4E79;background:white"> of the personal
data;” </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">So data
subjects can contest the accuracy of data about
them, or require controllers to verify its
accuracy. There is NO OTHER reference to accuracy
in the entire GDPR.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">Georgios’s
questions are based on the assumption that third
parties have a right to accurate contact data
about the data subject. That assumption was
embedded in the old Whois and pre-GDPR Whois
accuracy policies, all of which were predicated on
indiscriminate publication of the contact data to
any and all third parties. That regime is gone.
And it’s recognized even by the most militant
pro-surveillance interests that such
indiscriminate disclosure is illegal. </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">Likewise,
Georgios asks about liability under Article 82 of
GDPR. Again all we need to do is actually read Art
82 to find the answer:
</span><o:p></o:p></p>
<p class="MsoNormal"
style="mso-margin-top-alt:12.0pt;margin-right:0in;margin-bottom:12.0pt;margin-left:.5in;background:white;vertical-align:baseline"><span
style="font-size:11.0pt;color:#1F497D">Article 82
says “</span><span
style="font-size:11.0pt;color:#1F4E79">Any person
who has suffered material or non-material damage
as a result of an infringement of this Regulation
shall have the right to receive compensation from
the controller or processor for the damage
suffered.” So this is a right of PERSONS (data
subjects) to compensation based on illegal acts of
controllers and processors of THEIR data. It is
not a right of third parties to accurate
information about the data subject, and it
certainly creates no liability for controllers or
processors for the inaccuracy of the registrants’
data.
</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">Dr. Milton
L Mueller</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">Georgia
Institute of Technology</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">School of
Public Policy</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-left:.5in"><b><span
style="font-size:11.0pt">From:</span></b><span
style="font-size:11.0pt"> Gnso-epdp-team <<a
href="mailto:gnso-epdp-team-bounces@icann.org" moz-do-not-send="true">gnso-epdp-team-bounces@icann.org</a>>
<b>On Behalf Of </b><a
href="mailto:Georgios.TSELENTIS@ec.europa.eu"
moz-do-not-send="true">Georgios.TSELENTIS@ec.europa.eu</a><br>
<b>Sent:</b> Friday, May 24, 2019 7:02 PM<br>
<b>To:</b> <a
href="mailto:caitlin.tubergen@icann.org"
moz-do-not-send="true">caitlin.tubergen@icann.org</a><br>
<b>Cc:</b> <a
href="mailto:gnso-epdp-team@icann.org"
moz-do-not-send="true">gnso-epdp-team@icann.org</a><br>
<b>Subject:</b> Re: [Gnso-epdp-team] For your
review - Clarifying Legal Questions Table</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal" style="margin-left:.5in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">Dear
Caitlin, colleagues,</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">Please find
below questions on the topics of the legal memos
from the GAC:</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><b><span
style="font-size:11.0pt;color:#1F497D">Accuracy</span></b><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">. If
current verification statistics provide that a
large number of data is inaccurate isn't that a
metric to deduce that the accuracy principle is
not served in a reasonable manner as demanded by
the GDPR?</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">.
According to the GDPR all personal data are
processed based on the principle that they are
necessary for the purpose for which they are
collected. If those data are necessary, how can
the purpose be served while the data are
inaccurate? </span>
<o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">. Can
you provide an analysis on the third-parties
mentioned in para 19 on which "ICANN and the
relevant parties may rely on to confirm the
accuracy of personal data if it is reasonable to
do so"? Do they become in such a scenario data
processors?
</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">. How
does the accuracy principle in connection to the
parties' liability has to be understood in light
of the accountability principle of the GDPR? What
are the responsibilities of ICANN and the
contracted parties (who are subject to the GDPR)
under Chapter IV pf the GDPR? If the contracted
parties (as data controllers) engage third
entities as processors (e.g. to provide data
back-up services), what are the responsibilities
of these entities? What does this mean in terms of
liabilities (in light of Art. 82 GDPR)?</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">.
While in the first place it is up to the
registrants to provide accurate details about
themselves and it is up to the registrants not to
mistakenly identify themselves as natural or legal
persons, the Memo on "Natural vs Legal persons"
provides interesting ideas/suggestions for the
contracted parties to proactively ensuring the
reliability of information provided, including
through measures to independently verify the data.
Could similar mechanisms be identified also for
ensuring the reliability of the contact details of
the registrant? Can best practices be drawn from
the ccTLD?</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><b><span
style="font-size:11.0pt;color:#1F497D">Natural
or non-natural persons</span></b><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">. How
is the (inaccurate or accurate) designation by the
registrant about her status as non-natural person
considered personal data information? If it's not
is the analysis about whether the accuracy
principle applies relevant?</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">. How
would the analysis provided take into account the
possibility for registrants who are natural
persons to "opt-in" for a full publication of
their personal data? Indeed it might be the case
that some of these registrants might wish to
ensure their details are available on WHOIS.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><b><span
style="font-size:11.0pt;color:#1F497D">Technical
contact
</span></b><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">Most of the
issue for not allowing this seems to be around the
inability to verify if the RNH has obtained
consent from the technical contact. When the CP's
verify the email address could consent also be
confirmed for the term of the registration?
</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><b><span
style="font-size:11.0pt;color:#1F497D">General
question:</span></b><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">. How
could anonymisatio/pseudonymisation techniques be
of help in complying with the GDPR while also
allowing for additional disclosure of certain data
elements? E.g. use of anonymised/pseudonymised
emails and names, in particular in the context of
registrations by legal persons.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">Apologies
again for the delay of our submission.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D">Georgios
Tselentis (GAC-EPDP)</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt;color:#1F497D"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-left:1.0in"><b><span
style="font-size:11.0pt">From:</span></b><span
style="font-size:11.0pt"> Gnso-epdp-team <<a
href="mailto:gnso-epdp-team-bounces@icann.org" moz-do-not-send="true">gnso-epdp-team-bounces@icann.org</a>>
<b>On Behalf Of </b>Caitlin Tubergen<br>
<b>Sent:</b> Wednesday, May 22, 2019 5:22 PM<br>
<b>To:</b> <a
href="mailto:gnso-epdp-team@icann.org"
moz-do-not-send="true">gnso-epdp-team@icann.org</a><br>
<b>Subject:</b> [Gnso-epdp-team] For your
review - Clarifying Legal Questions Table</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal" style="margin-left:1.0in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span
style="font-size:11.0pt">Dear EPDP Team,</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span
style="font-size:11.0pt">Following up on an action
item from our last meeting, please find attached a
table which organizes the clarifying legal
questions received to date. We will discuss the
table during our next meeting.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span
style="font-size:11.0pt">Please note that the
deadline for submitting additional clarifying
questions is before 14:00 UTC on Thursday, 23 May.
If additional questions come in before the
deadline, we will update the table accordingly.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span
style="font-size:11.0pt">Thank you.</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span
style="font-size:11.0pt">Best regards,</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span
style="font-size:11.0pt">Marika, Berry, and
Caitlin</span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-left:1.0in"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt"><br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre style="margin-left:.5in">_______________________________________________<o:p></o:p></pre>
<pre style="margin-left:.5in">Gnso-epdp-team mailing list<o:p></o:p></pre>
<pre style="margin-left:.5in"><a href="mailto:Gnso-epdp-team@icann.org" moz-do-not-send="true">Gnso-epdp-team@icann.org</a><o:p></o:p></pre>
<pre style="margin-left:.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_mailman_listinfo_gnso-2Depdp-2Dteam&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=KsnUZFZN_ds3hfDU81KaQh1PouUijCAV1NUDwpIOsAg&e=" moz-do-not-send="true">https://mm.icann.org/mailman/listinfo/gnso-epdp-team</a><o:p></o:p></pre>
<pre style="margin-left:.5in">_______________________________________________<o:p></o:p></pre>
<pre style="margin-left:.5in">By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_policy&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=FwUQq5l0Y2FAOewYgUPeC3ZpkOkUcsYGbDQDGdrn51g&e=" moz-do-not-send="true">https://www.icann.org/privacy/policy</a>) and the website Terms of Service (<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_tos&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=DIqsoPEEZERBjh2YW7dICqGWkBj7ALzyba1voyOPzMk&e=" moz-do-not-send="true">https://www.icann.org/privacy/tos</a>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.<o:p></o:p></pre>
</blockquote>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">-- <br>
Volker A. Greimann<br>
General Counsel and Policy Manager<br>
<strong><span
style="font-family:"Calibri",sans-serif">KEY-SYSTEMS
GMBH</span></strong><br>
<br>
T: +49 6894 9396901<br>
M: +49 6894 9396851<br>
F: +49 6894 9396851<br>
W: <a
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__www.key-2Dsystems.net&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=hwQnHWrq0qIdx6kVhoowbCd4SZ1nSrXYOX7R9KBc0JM&e="
moz-do-not-send="true">
www.key-systems.net</a><br>
<br>
Key-Systems GmbH is a company registered at the
local court of Saarbruecken, Germany with the
registration no. HR B 18835<br>
CEO: Alexander Siffrin<br>
<br>
Part of the CentralNic Group PLC (LON: CNIC) a
company registered in England and Wales with
company number 8576358.</span><o:p></o:p></p>
</div>
</div>
</blockquote>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-size:11.0pt">_______________________________________________<br>
Gnso-epdp-team mailing list<br>
<a href="mailto:Gnso-epdp-team@icann.org"
moz-do-not-send="true">Gnso-epdp-team@icann.org</a><br>
<a
href="https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_mailman_listinfo_gnso-2Depdp-2Dteam&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=KsnUZFZN_ds3hfDU81KaQh1PouUijCAV1NUDwpIOsAg&e="
moz-do-not-send="true">https://mm.icann.org/mailman/listinfo/gnso-epdp-team</a><br>
_______________________________________________<br>
By submitting your personal data, you consent to the
processing of your personal data for purposes of
subscribing to this mailing list accordance with the
ICANN Privacy Policy (<a
href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_policy&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=FwUQq5l0Y2FAOewYgUPeC3ZpkOkUcsYGbDQDGdrn51g&e="
moz-do-not-send="true">https://www.icann.org/privacy/policy</a>)
and the website Terms of Service (<a
href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_tos&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=i8lF_vDhT_peOZsF_kHctAAjfsmIBrNuFvOup8q3LFs&s=DIqsoPEEZERBjh2YW7dICqGWkBj7ALzyba1voyOPzMk&e="
moz-do-not-send="true">https://www.icann.org/privacy/tos</a>).
You can visit the Mailman link above to change your
membership status or configuration, including
unsubscribing, setting digest-style delivery or
disabling delivery altogether (e.g., for a
vacation), and so on.</span><o:p></o:p></p>
</div>
</blockquote>
</div>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-family:"Times New Roman",serif"><br>
<br>
<br>
</span><o:p></o:p></p>
<pre style="margin-left:.5in">_______________________________________________<o:p></o:p></pre>
<pre style="margin-left:.5in">Gnso-epdp-team mailing list<o:p></o:p></pre>
<pre style="margin-left:.5in"><a href="mailto:Gnso-epdp-team@icann.org" moz-do-not-send="true">Gnso-epdp-team@icann.org</a><o:p></o:p></pre>
<pre style="margin-left:.5in"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_mailman_listinfo_gnso-2Depdp-2Dteam&d=DwMGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=6ugXFDtMSp5TN-tGQMAzXjvDtHOuYWQWQNcAzRH3LdY&s=14PnxLXVFMTIGWWbF7k0KG1crIpW38SedNJjX9-zNn0&e=" moz-do-not-send="true">https://mm.icann.org/mailman/listinfo/gnso-epdp-team</a><o:p></o:p></pre>
<pre style="margin-left:.5in">_______________________________________________<o:p></o:p></pre>
<pre style="margin-left:.5in">By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_policy&d=DwMGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=6ugXFDtMSp5TN-tGQMAzXjvDtHOuYWQWQNcAzRH3LdY&s=D1dN_llu6Tbkcs62nPs2bv31b8e3lKufIbEiylp3GdI&e=" moz-do-not-send="true">https://www.icann.org/privacy/policy</a>) and the website Terms of Service (<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_tos&d=DwMGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=6ugXFDtMSp5TN-tGQMAzXjvDtHOuYWQWQNcAzRH3LdY&s=JH0Fkze6xob9fbzReu0Azcu6-Rq2iStP-ZCyB_jFoCo&e=" moz-do-not-send="true">https://www.icann.org/privacy/tos</a>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.<o:p></o:p></pre>
</blockquote>
<div>
<p class="MsoNormal" style="margin-left:.5in"><span
style="font-family:"Times New Roman",serif">--
<br>
Volker A. Greimann<br>
General Counsel and Policy Manager<br>
<strong>KEY-SYSTEMS GMBH</strong><br>
<br>
T: +49 6894 9396901<br>
M: +49 6894 9396851<br>
F: +49 6894 9396851<br>
W: <a
href="https://urldefense.proofpoint.com/v2/url?u=http-3A__www.key-2Dsystems.net&d=DwMGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=6ugXFDtMSp5TN-tGQMAzXjvDtHOuYWQWQNcAzRH3LdY&s=UhiYqnRvRppumnSvfFWK9c32gZOekoZ1T3kbYAo1WAI&e="
moz-do-not-send="true">
www.key-systems.net</a><br>
<br>
Key-Systems GmbH is a company registered at the local
court of Saarbruecken, Germany with the registration no.
HR B 18835<br>
CEO: Alexander Siffrin<br>
<br>
Part of the CentralNic Group PLC (LON: CNIC) a company
registered in England and Wales with company number
8576358.</span><o:p></o:p></p>
</div>
</div>
</blockquote>
<div class="moz-signature">-- <br>
Volker A. Greimann<br>
General Counsel and Policy Manager<br>
<strong style="border-bottom: 3px solid #5C46B5">KEY-SYSTEMS GMBH</strong><br>
<br>
T: +49 6894 9396901<br>
M: +49 6894 9396851<br>
F: +49 6894 9396851<br>
W: <a class="moz-txt-link-abbreviated" href="http://www.key-systems.net">www.key-systems.net</a><br>
<br>
Key-Systems GmbH is a company registered at the local court of
Saarbruecken, Germany with the registration no. HR B 18835<br>
CEO: Alexander Siffrin<br>
<br>
Part of the CentralNic Group PLC (LON: CNIC) a company registered
in England and Wales with company number 8576358.</div>
</body>
</html>