[Gnso-rds-pdp-privacy] Privacy sub-group
Stephanie Perrin
stephanie.perrin at mail.utoronto.ca
Wed Mar 30 15:55:13 UTC 2016
For those interested in which countries have privacy law, I think Graham
Greenleaf's table is a good reference:
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2603502
cheers Stephanie Perrin
On 2016-03-30 6:04, DANIEL NANGHAKA via Gnso-rds-pdp-privacy wrote:
> Dear All,
>
> If we are to look at Privacy as a global issue which is a fact, we
> cannot rule out the fact that there are already some territories that
> are have drafted there own policy on Data Privacy and Protection. I
> would not like to reference at this moment to specific documentation
> taking a global perspective,
>
> I agree with @Farell that we need to focus on the topic, the
> documentation listed in this case of Europa does not provide a full
> benchmark in the drafting of the RDS Privacy policy and we can come up
> with a standard.
>
> First and foremost Any Institution that is subjected to gathering of
> data becomes a data handler and the data of the subject must be
> subject to privacy, before any data must be shared to the third party
> then there must be consent to share the data.
>
> There should be a benchmark of the data that is shared to third
> parties for the data to be shared.
>
> When it comes to the WHOIS Database, the information shared is worth
> too much that poses a security risk to the registrant which includes
> but not limited to spam, hacks, attacks to mention based on access.
>
> There is an improvision of Domain Privacy but it only protects the
> user information which I feel leaves a security gap.
>
> Secondly following the statement made by @David
>
> " ... Whether or not EU principles represent international best
> practice or are otherwise desirable for other jurisdictions is not a
> helpful debate to have in this sub-group. Some ICANN registrars are
> within EU jurisdictions, and so must comply with those rules, so it is
> relevant..."
>
> I agree, the EU principles should be a guide as EU does not
> necessarily represent other territories that are not included in the
> EU. Every registrant must comply to the rules and policies of there
> respective territories and where there is need to stretch into other
> respective regions, then a guiding territorial policy works best as a
> benchmark with reference to both territories privacy policies. This
> means there is need for a Global Policy Benchmark that references to
> cross territorial cases regarding to the respective privacy policy of
> the data handlers.
>
> This is where once there is breach of privacy and it
> cuts across territorial boundaries then International Policy takes rule.
>
>
>
> Regards
> Nanghaka Daniel K.
> Executive Director - ILICIT Africa / Council Member - FOSSFA /
> Community Lead - ISOC Uganda Chapter
> Mobile +256 772 898298 (Uganda)
> Skype: daniel.nanghaka
>
> ----------------------------------------- /"Working for Africa"
> /-----------------------------------------
>
>
> On Tue, Mar 29, 2016 at 12:29 PM, Farell Folly via
> Gnso-rds-pdp-privacy <gnso-rds-pdp-privacy at icann.org
> <mailto:gnso-rds-pdp-privacy at icann.org>> wrote:
>
> Dear all,
>
> I agree again with David Cake. Let's focus on our topic.
> Stereotypes are not good advisors for security/data privacy/data
> protection.
>
>
> Le mar. 29 mars 2016 à 06:28, David Cake via Gnso-rds-pdp-privacy
> <gnso-rds-pdp-privacy at icann.org
> <mailto:gnso-rds-pdp-privacy at icann.org>> a écrit :
>
> The purpose of this sub-group is simply to decide what
> material is relevant and useful to the working groups
> deliberation, and help produce summaries etc that will guide
> the WG through the large amount of relevant material.
>
> Whether or not EU principles represent international best
> practice or are otherwise desirable for other jurisdictions is
> not a helpful debate to have in this sub-group. Some ICANN
> registrars are within EU jurisdictions, and so must comply
> with those rules, so it is relevant. Thank you Ayden for
> identifying some material that you feel is relevant to this
> working groups work.
>
> David
>
>
>> On 29 Mar 2016, at 1:43 AM, Greg Shatan
>> <gregshatanipc at gmail.com <mailto:gregshatanipc at gmail.com>> wrote:
>>
>> Ayden,
>>
>> EU rulings do not necessarily impact the law in the rest of
>> the world, much less California. I would not categorize an
>> attempt to embrace EU principles as a "race to the top" nor
>> would I categorize those principles as "international best
>> practices." Certainly, we as a group should not adopt such
>> attitudes. But, hey, it's nice to know where you stand.
>>
>>
>> Best regards,
>>
>> Greg Shatan
>>
>> <image001.jpg>
>>
>>
>> *Gregory S. Shatan | Partner
>> *McCARTER & ENGLISH, LLP
>>
>> 245 Park Avenue, 27th Floor | New York, New York 10167
>> T: 212-609-6873 <tel:212-609-6873>
>> F: 212-416-7613 <tel:212-416-7613>
>> gshatan @mccarter.com <mailto:gshatan%20 at mccarter.com> |
>> www.mccarter.com <http://www.mccarter.com/>
>>
>> BOSTON | HARTFORD | STAMFORD | NEW YORK | NEWARK
>> EAST BRUNSWICK | PHILADELPHIA | WILMINGTON | WASHINGTON, DC
>>
>>
>> On Mon, Mar 28, 2016 at 12:01 PM, Ayden Fabien Férdeline
>> <gnso-rds-pdp-privacy at icann.org
>> <mailto:gnso-rds-pdp-privacy at icann.org>> wrote:
>>
>> Hello all,
>>
>> I would like to introduce some material relating to the
>> 'right to be forgotten' in Europe. Here's a court
>> judgement
>> <https://links2.mixmaxusercontent.com/aMjjKHWxnLSD3SEwj/l/Y6pG8Inj7cxRfeEQg?rn=IyZy9mLu5WYjlGQ5NWY2lmcw1CckBXLzRmct82cudmI&re=IyZy9mLu5WYjlGQ5NWY2lmcw1CckBXLzRmct82cudmI> <http://curia.europa.eu/juris/document/document.jsf?text=&docid=152065&pageIndex=0&doclang=EN&mode=req&dir=&occ=first&part=1&cid=11654>.
>>
>> The protection of personal data in Europe is seen as a
>> fundamental right on equal standing with all other human
>> rights. The Court of Justice of the European Union has
>> consistently held that any and all data processing must
>> be subject to stringent proportionality assessments.
>>
>> It has been unsuccessfully argued that allowing users to
>> delete their data is an affront to other fundamental
>> rights such as free speech. The Court of Justice of the
>> EU has consistently ruled that if and when the privacy
>> interests of the data subject outweigh the public
>> interest, the individual should be able to enforce his or
>> her 'right to be forgotten'.
>>
>> This decision is something we should carefully consider
>> when looking at how long we retain information for.
>> Certainly once a domain name has expired, it would be
>> difficult to justify under these rulings the continued
>> storage of the sensitive personal information of registrants.
>>
>> I appreciate that EU rulings do not necessarily impact
>> Californian law, but hey, why not have a race to the top
>> and adopt international best practices in privacy law… :-)
>>
>> Best wishes,
>>
>> Ayden Férdeline
>>
>> On Sun, Mar 27, 2016 at 5:37 AM, David Cake via
>> Gnso-rds-pdp-privacy <gnso-rds-pdp-privacy at icann.org
>> <mailto:gnso-rds-pdp-privacy at icann.org>> wrote:
>>
>> Welcome all of you to the Privacy sub-team. Thanks to
>> all of you for volunteering.
>>
>> Our task is first to collect information on privacy
>> issues relevant to registration data. Then we will go
>> on to decide how best to present that information for
>> use of the working group - we may consolidate,
>> summarise, prioritise etc in order to make the
>> important information easily available. Hopefully the
>> privacy experts on this group will help us locate the
>> most important material, and make it easily
>> digestible to the broader working group.
>>
>> This is a link to the RDS PDP WG document that
>> describes the approach the WG agreed upon
>> https://community.icann.org/download/attachments/58730879/RDS-PDP-Proposed-Summary-Approach.pdf
>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__community.icann.org_download_attachments_58730879_RDS-2DPDP-2DProposed-2DSummary-2DApproach.pdf&d=CwMBAg&c=5VD0RTtNlTh3ycd41b3MUw&r=gvEx8xF7ynrYQ7wShqEr-w&m=u1EVRiHe_hJc7jxNs5HvrA_j6PFk6zDIgTHzeV5HW-I&s=2ky2gNfugoilw7hdnuB-Li1SPS7b_5IFQFq5Dm1QeEk&e=>
>>
>>
>> At this early stage, we are in collection mode -
>> please send documents that you think will be valuable
>> to the group. If you add a bit more information for
>> context as to why you think it would be useful, that
>> will probably be very helpful for later work.
>>
>> Looking forward to working with you all.
>>
>> David
>>
>>
>>
>> _______________________________________________
>> Gnso-rds-pdp-privacy mailing list
>> Gnso-rds-pdp-privacy at icann.org
>> <mailto:Gnso-rds-pdp-privacy at icann.org>
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy
>>
>>
>>
>> Ayden Férdeline
>> +44.77.8018.7421 <tel:%2B44.77.8018.7421>
>>
>>
>> _______________________________________________
>> Gnso-rds-pdp-privacy mailing list
>> Gnso-rds-pdp-privacy at icann.org
>> <mailto:Gnso-rds-pdp-privacy at icann.org>
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy
>>
>>
> _______________________________________________
> Gnso-rds-pdp-privacy mailing list
> Gnso-rds-pdp-privacy at icann.org
> <mailto:Gnso-rds-pdp-privacy at icann.org>
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy
>
> --
> Best regards,
>
> @__f_f__
>
> _______________________________________________
> Gnso-rds-pdp-privacy mailing list
> Gnso-rds-pdp-privacy at icann.org <mailto:Gnso-rds-pdp-privacy at icann.org>
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy
>
>
> ᐧ
>
>
> _______________________________________________
> Gnso-rds-pdp-privacy mailing list
> Gnso-rds-pdp-privacy at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-privacy/attachments/20160330/c6739a79/attachment-0001.html>
More information about the Gnso-rds-pdp-privacy
mailing list