[Gnso-impl-thickwhois-rt] Task 4 of the Thick WHOIS Implementation Plan (Legal Review)

Amr Elsadr aelsadr at egyptig.org
Wed Aug 13 19:10:32 UTC 2014 

Hi Alan,

I can’t say I disagree with any of your rationale. It makes sense to me. Question though; is the IRT supposed to work on the implementation plan details, or is that supposed to come from staff with us weighing in with feedback and observations? The language in the operating procedures on that seem kinda fuzzy to me, and my understanding is that IRTs have not been common in the past.

Still…, according to the schedule shared, the legal review should be well underway (having started in July). I’m just wondering wether any plans have already been set or not, and whether any of those plans have been acted upon. One of the reasons I’m asking because I’m assuming (I’m making a lot of assumptions at this point) we didn’t have folks from ICANN legal on the last call. I don’t recall any of them participating during the conversation that took place, or confirming their being on the call during the roll-call.

In any case, I agree (Alan) that the legal review shouldn’t put any other work on hold. I had always assumed (there I go again) that the legal review would probably run in parallel with the implementation of the rest of the recommendations made by the WG. Just wondering where we’re at with that right now.

Thanks again.

Amr

On Aug 13, 2014, at 8:04 PM, Alan Greenberg <alan.greenberg at mcgill.ca> wrote:

> Amr, I am clearly not ICANN legal staff, but I will take a stab at this, and it is basically the same comment I made during the last call. At this stage, we are obliged to come up with a plan based on our best understanding of the tasks. It is possible that the legal review will introduce something new that we have not taken into account, and that could alter, delay or even cancel the entire project. I don't think we have much choice but to plan for what we know now, and adjust as necessary if and when the situation changes.
> 
> The alternative is to defer doing anything until the legal review is over that could add a lot of time to the overall process if no or easily rectifiable stumbling blocks are uncovered. What is at risk here is ICANN (and to a much lesser extent this IRT) doing work that later need to be redone or altered. In my mind, a reasonable risk. This is no different from any business decision made without full knowledge of all possible issues (ie the norm!).
> 
> Alan
> 
> At 13/08/2014 11:27 AM, Amr Elsadr wrote:
>> Hi,
>> 
>> I’d like to revisit two of the topics discussed during the last IRT call; the legal review, and the level of detail of the current plan to address the different implementation tasks (but actually that specific to the legal review).
>> 
>> The third recommendation of the “thick” WHOIS PDP WG was:
>> 
>> "As part of the implementation process a legal review of law applicable to the transition of data from a thin to thick model that has not already been considered in the EWG memo is undertaken and due consideration is given to potential privacy issues that may arise from the discussions on the transition from thin to thick Whois, including, for example, guidance on how the long-standing contractual requirement that registrars give notice to, and obtain consent, from each registrant for uses of any personally identifiable data submitted by the registrant should apply to registrations involved in the transition. Should any privacy issues emerge from these transition discussions that were not anticipated by the WG and which would require additional policy consideration, the Implementation Review Team is expected to notify the GNSO Council of these so that appropriate action can be taken."
>> 
>> I’m curious considering the IRT’s proposed schedule to address the legal review between July and November of 2014. Is there a plan to address this recommendation, and if so, what are the details?
>> 
>> This was probably the most controversial topic of discussion during the WG’s deliberations, and unfortunately remained unresolved. The idea (if I recall correctly) was for the legal review to take action to mitigate any potential conflicts between the implementation of the “thick” WHOIS policy and legal jurisdictions with strict privacy and data protection laws. This, I believe, was true for both “data at rest” and “data at motion”. I personally felt it was even more relevant concerning “data at motion” since implementation of a “thick” WHOIS policy will require a great deal of registrant data being transferred across legal jurisdictions for both existing “thin” gTLD registries as well as all future gTLD registries in subsequent rounds of new gTLDs in the future.
>> 
>> Any insight on how this is being handled would be really appreciated at this point, especially from ICANN legal staff, who I assume have a significant role in implementing this recommendation.
>> 
>> Thanks.
>> 
>> Amr
>> _______________________________________________
>> Gnso-impl-thickwhois-rt mailing list
>> Gnso-impl-thickwhois-rt at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-impl-thickwhois-rt

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-impl-thickwhois-rt/attachments/20140813/f4af130f/attachment.html>

More information about the Gnso-impl-thickwhois-rt mailing list