[Gnso-rds-pdp-privacy] Summaries of Relevant Section from International Working Group on Data Protection in Telecommunications and Media Documents - Privacy

Mon Apr 11 22:49:05 UTC 2016

Hello All,

This is, in attach, my summary of the Comment on the WHOIS Review Team
Report by the SSAC. The main thing to note is the main unsolved problem is
the purpose of the registration data, which is an issue covered by another
subgroup. However, understanding the purpose is good to know who should
access, why to access and how protection can  be done.

I apologize in advance for the typos.. I am not English native speaker nor
a full bilingual, but I've tried my best.

Can we have a list of the remaining to docs to summarize ?

Le lun. 11 avr. 2016 à 02:04, Sana Ali via Gnso-rds-pdp-privacy <
gnso-rds-pdp-privacy at icann.org> a écrit :

> *• Privacy: What steps are needed to protect data and privacy?*
>
> *Common Position on data protection aspects in the Draft Convention on
> cyber-crime of the Council of Europe *
>
>  Existing conditions and safeguards provided for under domestic law and
> the Convention on Mutual Assistance in Criminal Matters between the Member
> States of the European Union (Art. 23) must be respected. Such conditions
> and safeguards should at least include • prior judicial authorisation, •
> (subsequent) notification of individuals, • limits on use, • record-keeping
> requirements, • monitoring and auditing as well as • public reporting.  In
> particular the cooperation of national authorities with operators of public
> and private networks should be based on solid, legal obligations rather
> than on voluntary agreement that are very difficult to control.
> Existing powers for tracing crimes should not be extended in a way that
> invades privacy until the need for such measures has been clearly
> demonstrated. The Working Group has in the past stated that any
> Interception of Private Communications should be subject to appropriate
> safeguards
> The introduction of new offences in the criminal law has to be handled
> extremely carefully, as a broad wording of such new offences as well as the
> penalisation of attempt and aiding and abetting such offences might lead to
> a considerable lowering of the privacy standard for all users of
> telecommunications networks by producing an enormous amount of personal
> identifiable data about Internet and telecommunications network usage, thus
> abolishing the right to anonymous use of such services.
>
>
> *Ten Commandments to protect Privacy in the Internet World Common Position
> on Incorporation of telecommunications-specific principles in multilateral
> privacy agreements*
>
>
>  Virtual Right to be Alone: Nobody must be forced to let his or her
> personal data be published in directories or other indices. Every user has
> to be given the right to object to his or her data being collected by a
> search engine or other agents. Every user has to be given the right and the
> technical means to prevent the intrusion of external software into his own
> devices.
>
>
> *Common Position on Privacy and Data Protection aspects of the
> Registration of Domain Names on the Internet*
>
> The necessity to protect individuals has been recognised for more than
> twenty years in the existing national data protection regimes as well as in
> the international community (e.g. in the OECD guidelines on Privacy of
> 1980, the Council of Europe Convention No. 108, and, more recently, the
> Directive 95/46/EC of the European Parliament and of the Council of 24
> October 1995 on the protection of individuals with regard to the processing
> of personal data and on the free movement of such data). These regulations
> outline similar basic principles on the fair processing of personal
> information. Among these principles are the obligation to inform the data
> subjects about the processing of their personal data, the principle of
> limiting the collection and use of personal data to what is essential to
> the purpose specified and protection against unauthorised secondary uses.
> At the same time, any secondary use incompatible with the original purpose
> specified (e.g. marketing) should be based on the data subject´s informed
> consent. In this respect the level of privacy guaranteed by the present RAA
> (cf. point II.F.6.f) is not sufficient.
>
> The Working Group stresses that any registrar operating within the
> jurisdiction of existing data protection laws and any national domain name
> registration procedures are subject to the existing national data
> protection and privacy legislation and to the control by the existing
> national Data Protection and Privacy Commissioners.
>
>
> *Common Position relating to Reverse Directories*
>
> It is in any case necessary to endow the persons with the right to be
> informed by their provider of telephone or e-mail service, at the time of
> the collection of data concerning them, or if they have already subscribed,
> by a specific means of information, of the existence of services of reverse
> search and - if express consent is not required - of their right to object,
> free of charge, to such a search.
>
>
>
> * Comments on the data protection impact of the revision of the ICANN RAA
> concerning accuracy and data retention of WHOIS data*
>
>
>  The Working Party finds the proposed new requirement to annually
> re-verify both the telephone number and the e-mail address and publish
> these contact details in the publicly accessible WHOIS database excessive
> and therefore unlawful. Because ICANN is not addressing the root of the
> problem, the proposed solution is a disproportionate infringement of the
> right to protection of personal data.
>
> Sana Ali
> sana.ali2030 at gmail.com
> https://ca.linkedin.com/in/sanaali2030
>
>
>
>
>
> _______________________________________________
> Gnso-rds-pdp-privacy mailing list
> Gnso-rds-pdp-privacy at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy

-- 
Best regards,

@__f_f__
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-privacy/attachments/20160411/a8b721f3/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SAC055_summary_Farell.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 16724 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-privacy/attachments/20160411/a8b721f3/SAC055_summary_Farell-0001.docx>