<html><head><meta http-equiv="Content-Type" content="text/html charset=windows-1252"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div>Hi Alan,</div><div><br></div><div>I can’t say I disagree with any of your rationale. It makes sense to me. Question though; is the IRT supposed to work on the implementation plan details, or is that supposed to come from staff with us weighing in with feedback and observations? The language in the operating procedures on that seem kinda fuzzy to me, and my understanding is that IRTs have not been common in the past.</div><div><br></div><div>Still…, according to the schedule shared, the legal review should be well underway (having started in July). I’m just wondering wether any plans have already been set or not, and whether any of those plans have been acted upon. One of the reasons I’m asking because I’m assuming (I’m making a lot of assumptions at this point) we didn’t have folks from ICANN legal on the last call. I don’t recall any of them participating during the conversation that took place, or confirming their being on the call during the roll-call.</div><div><br></div><div>In any case, I agree (Alan) that the legal review shouldn’t put any other work on hold. I had always assumed (there I go again) that the legal review would probably run in parallel with the implementation of the rest of the recommendations made by the WG. Just wondering where we’re at with that right now.</div><div><br></div><div>Thanks again.</div><div><br></div><div>Amr</div><br><div><div>On Aug 13, 2014, at 8:04 PM, Alan Greenberg <<a href="mailto:alan.greenberg@mcgill.ca">alan.greenberg@mcgill.ca</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">
<div>
Amr, I am clearly not ICANN legal staff, but I will take a stab at this,
and it is basically the same comment I made during the last call. At this
stage, we are obliged to come up with a plan based on our best
understanding of the tasks. It is possible that the legal review will
introduce something new that we have not taken into account, and that
could alter, delay or even cancel the entire project. I don't think we
have much choice but to plan for what we know now, and adjust as
necessary if and when the situation changes.<br><br>
The alternative is to defer doing anything until the legal review is over
that could add a lot of time to the overall process if no or easily
rectifiable stumbling blocks are uncovered. What is at risk here is ICANN
(and to a much lesser extent this IRT) doing work that later need to be
redone or altered. In my mind, a reasonable risk. This is no different
from any business decision made without full knowledge of all possible
issues (ie the norm!).<br><br>
Alan<br><br>
At 13/08/2014 11:27 AM, Amr Elsadr wrote:<br>
<blockquote type="cite" class="cite" cite="">Hi,<br><br>
I’d like to revisit two of the topics discussed during the last IRT call;
the legal review, and the level of detail of the current plan to address
the different implementation tasks (but actually that specific to the
legal review).<br><br>
The third recommendation of the “thick” WHOIS PDP WG was:<br><br>
<b><i>"As part of the implementation process a legal review of law
applicable to the transition of data from a thin to thick model that has
not already been considered in the EWG memo is undertaken and due
consideration is given to potential privacy issues that may arise from
the </i></b><i>discussions on the transition from thin to thick Whois,
including, for example, guidance on how the long-standing contractual
requirement that registrars give notice to, and obtain consent, from each
registrant for uses of any personally identifiable data submitted by the
registrant should apply to registrations involved in the transition.
Should any privacy issues emerge from these transition discussions that
were not anticipated by the WG and which would require additional policy
consideration, the Implementation Review Team is expected to notify the
GNSO Council of these so that appropriate action can be
taken."<br><br>
</i>I’m curious considering the IRT’s proposed schedule to address the
legal review between July and November of 2014. Is there a plan to
address this recommendation, and if so, what are the details?<br><br>
This was probably the most controversial topic of discussion during the
WG’s deliberations, and unfortunately remained unresolved. The idea (if I
recall correctly) was for the legal review to take action to mitigate any
potential conflicts between the implementation of the “thick” WHOIS
policy and legal jurisdictions with strict privacy and data protection
laws. This, I believe, was true for both “data at rest” and “data at
motion”. I personally felt it was even more relevant concerning “data at
motion” since implementation of a “thick” WHOIS policy will require a
great deal of registrant data being transferred across legal
jurisdictions for both existing “thin” gTLD registries as well as all
future gTLD registries in subsequent rounds of new gTLDs in the
future.<br><br>
Any insight on how this is being handled would be really appreciated at
this point, especially from ICANN legal staff, who I assume have a
significant role in implementing this recommendation.<br><br>
Thanks.<br><br>
Amr<br>
_______________________________________________<br>
Gnso-impl-thickwhois-rt mailing list<br>
<a href="mailto:Gnso-impl-thickwhois-rt@icann.org">Gnso-impl-thickwhois-rt@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-impl-thickwhois-rt" eudora="autourl">
https://mm.icann.org/mailman/listinfo/gnso-impl-thickwhois-rt</a>
</blockquote></div>
</blockquote></div><br></body></html>