<div dir="ltr">Dear All, <div><br></div><div>If we are to look at Privacy as a global issue which is a fact, we cannot rule out the fact that there are already some territories that are have drafted there own policy on Data Privacy and Protection. I would not like to reference at this moment to specific documentation taking a global perspective, </div><div><br></div><div>I agree with @Farell that we need to focus on the topic, the documentation listed in this case of Europa does not provide a full benchmark in the drafting of the RDS Privacy policy and we can come up with a standard. </div><div><br></div><div>First and foremost Any Institution that is subjected to gathering of data becomes a data handler and the data of the subject must be subject to privacy, before any data must be shared to the third party then there must be consent to share the data. </div><div><br></div><div>There should be a benchmark of the data that is shared to third parties for the data to be shared. </div><div><br></div><div>When it comes to the WHOIS Database, the information shared is worth too much that poses a security risk to the registrant which includes but not limited to spam, hacks, attacks to mention based on access. </div><div><br></div><div>There is an improvision of Domain Privacy but it only protects the user information which I feel leaves a security gap. </div><div><br></div><div>Secondly following the statement made by @David</div><div><br></div><div><span style="font-size:12.8px">" ... Whether or not EU principles represent international best practice or are otherwise desirable for other jurisdictions is not a helpful debate to have in this sub-group. Some ICANN registrars are within EU jurisdictions, and so must comply with those rules, so it is relevant..."</span><br></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">I agree, the EU principles should be a guide as EU does not necessarily represent other territories that are not included in the EU. Every registrant must comply to the rules and policies of there respective territories and where there is need to stretch into other respective regions, then a guiding territorial policy works best as a benchmark with reference to both territories privacy policies. This means there is need for a Global Policy Benchmark that references to cross territorial cases regarding to the respective privacy policy of the data handlers. </span></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">This is where once there is breach of privacy and it cuts across territorial boundaries then International Policy takes rule. </span></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px"><br></span></div><div> <br></div><div class="gmail_extra"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div>Regards <br>Nanghaka Daniel K.<br>Executive Director - ILICIT Africa / Council Member - FOSSFA / Community Lead - ISOC Uganda Chapter<br>Mobile +256 772 898298 (Uganda)<br></div><div>Skype: daniel.nanghaka<br></div><div><br></div><div>----------------------------------------- <i><span>"Working for Africa" </span></i>-----------------------------------------</div><div><br></div><div><br></div><div>On Tue, Mar 29, 2016 at 12:29 PM, Farell Folly via Gnso-rds-pdp-privacy <span dir="ltr"><<a href="mailto:gnso-rds-pdp-privacy@icann.org" target="_blank">gnso-rds-pdp-privacy@icann.org</a>></span> wrote:<br></div></div></div></div></div></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Dear all,<div><br></div><div>I agree again with David Cake. Let's focus on our topic. Stereotypes are not good advisors for security/data privacy/data protection.<div><div class="h5"><br><br><div class="gmail_quote"><div dir="ltr">Le mar. 29 mars 2016 à 06:28, David Cake via Gnso-rds-pdp-privacy <<a href="mailto:gnso-rds-pdp-privacy@icann.org" target="_blank">gnso-rds-pdp-privacy@icann.org</a>> a écrit :<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">The purpose of this sub-group is simply to decide what material is relevant and useful to the working groups deliberation, and help produce summaries etc that will guide the WG through the large amount of relevant material. <div><br></div><div>Whether or not EU principles represent international best practice or are otherwise desirable for other jurisdictions is not a helpful debate to have in this sub-group. Some ICANN registrars are within EU jurisdictions, and so must comply with those rules, so it is relevant. Thank you Ayden for identifying some material that you feel is relevant to this working groups work. </div><div><br></div><div>David</div><div><br><div><br><div><blockquote type="cite"></blockquote></div></div></div></div><div style="word-wrap:break-word"><div><div><div><blockquote type="cite"><div>On 29 Mar 2016, at 1:43 AM, Greg Shatan <<a href="mailto:gregshatanipc@gmail.com" target="_blank">gregshatanipc@gmail.com</a>> wrote:</div><br></blockquote></div></div></div></div><div style="word-wrap:break-word"><div><div><div><blockquote type="cite"><div><div dir="ltr"><div style="font-family:verdana,sans-serif">Ayden,</div><div style="font-family:verdana,sans-serif"><br></div><div style="font-family:verdana,sans-serif">EU rulings do not necessarily impact the law in the rest of the world, much less California. I would not categorize an attempt to embrace EU principles as a "race to the top" nor would I categorize those principles as "international best practices." Certainly, we as a group should not adopt such attitudes. But, hey, it's nice to know where you stand. </div><div style="font-family:verdana,sans-serif"> <br></div><div style="font-family:verdana,sans-serif"><br></div><div style="font-family:verdana,sans-serif">Best regards,</div><div style="font-family:verdana,sans-serif"><br></div><div style="font-family:verdana,sans-serif">Greg Shatan</div></div></div></blockquote></div></div></div></div><div style="word-wrap:break-word"><div><div><div><blockquote type="cite"><div><div class="gmail_extra"><br clear="all"><div><div><div dir="ltr"><div><div dir="ltr"><div style="margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"><font size="3" face="Times New Roman"><span style="font-size:12pt;font-family:'Times New Roman',serif"> <u></u></span></font></div><div style="font-size:12.8px"><table border="0" cellspacing="0" cellpadding="0" width="800" style="width:600pt"><tbody><tr><td width="100" valign="top" style="width:75pt;padding:0in"><div style="margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"><font size="3" face="Times New Roman"><span style="font-size:12pt;font-family:'Times New Roman',serif"><span><image001.jpg></span></span></font><font size="3" face="Times New Roman"><span style="font-size:12pt;font-family:'Times New Roman',serif"><u></u><u></u></span></font></div></td><td width="8" style="width:6pt;padding:0in"><div style="margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"><font size="3" face="Times New Roman"><span style="font-size:12pt;font-family:'Times New Roman',serif"> <u></u><u></u></span></font></div></td><td style="padding:0in"><div style="margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"><b><font size="1" color="#002e62" face="Arial"><span style="font-size:8.5pt;font-family:Arial,sans-serif">Gregory S. Shatan | Partner<br></span></font></b><font size="1" face="Arial"><span style="font-size:7.5pt;font-family:Arial,sans-serif">McCARTER & ENGLISH, LLP<br><br>245 Park Avenue, 27th Floor | New York, New York 10167<br>T: <a href="tel:212-609-6873" value="+12126096873" style="color:rgb(17,85,204)" target="_blank">212-609-6873</a><br>F: <a href="tel:212-416-7613" value="+12124167613" style="color:rgb(17,85,204)" target="_blank">212-416-7613</a><br><a href="mailto:gshatan%20@mccarter.com" style="color:rgb(17,85,204)" target="_blank"><font color="#225599">gshatan @mccarter.com</font></a> | <a href="http://www.mccarter.com/" style="color:rgb(17,85,204)" target="_blank"><font color="#225599">www.mccarter.com</font></a> <br><br></span></font><font size="1" color="#777777" face="Arial"><span style="font-size:7pt;font-family:Arial,sans-serif">BOSTON | HARTFORD | STAMFORD | NEW YORK | NEWARK <br>EAST BRUNSWICK | PHILADELPHIA | WILMINGTON | WASHINGTON, DC</span></font><font size="3" face="Times New Roman"><span style="font-size:12pt;font-family:'Times New Roman',serif"><u></u><u></u></span></font></div></td></tr></tbody></table></div><div style="margin:0in 0in 0.0001pt;font-size:11pt;font-family:Calibri,sans-serif"><font size="2" face="Calibri"><span style="font-size:11pt"><u></u> </span></font></div></div></div></div></div></div></div></div></blockquote></div></div></div></div><div style="word-wrap:break-word"><div><div><div><blockquote type="cite"><div><div class="gmail_extra">
<br><div class="gmail_quote">On Mon, Mar 28, 2016 at 12:01 PM, Ayden Fabien Férdeline <span dir="ltr"><<a href="mailto:gnso-rds-pdp-privacy@icann.org" target="_blank">gnso-rds-pdp-privacy@icann.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<u></u>
<div style="word-wrap:normal;word-break:break-word">
<table lang="container" border="0" cellpadding="0" cellspacing="0" valign="top" style="width:100%;margin-top:6px">
<tbody><tr>
<td valign="top" style="line-height:1.31;color:#222;font-family:arial,sans-serif">
<div><font size="2" style="font-size:13px">Hello all,</font></div><div><font size="2" style="font-size:13px"><br></font></div><div><font size="2" style="font-size:13px">I would like to introduce some material relating to the 'right to be forgotten' in Europe. Here's <a href="https://links2.mixmaxusercontent.com/aMjjKHWxnLSD3SEwj/l/Y6pG8Inj7cxRfeEQg?rn=IyZy9mLu5WYjlGQ5NWY2lmcw1CckBXLzRmct82cudmI&re=IyZy9mLu5WYjlGQ5NWY2lmcw1CckBXLzRmct82cudmI" target="_blank">a court judgement</a> <<a href="http://curia.europa.eu/juris/document/document.jsf?text=&docid=152065&pageIndex=0&doclang=EN&mode=req&dir=&occ=first&part=1&cid=11654" target="_blank">http://curia.europa.eu/juris/document/document.jsf?text=&docid=152065&pageIndex=0&doclang=EN&mode=req&dir=&occ=first&part=1&cid=11654</a>>.</font></div><div><font size="2" style="font-size:13px"><br></font></div><div><font size="2" style="font-size:13px">The protection of personal data in Europe is seen as a fundamental right on equal standing with all other human rights. The Court of Justice of the European Union has consistently held that any and all data processing must be subject to stringent proportionality assessments.</font></div><div><font size="2" style="font-size:13px"><br></font></div><div><font size="2" style="font-size:13px">It has been unsuccessfully argued that allowing users to delete their data is an affront to other fundamental rights such as free speech. The Court of Justice of the EU has consistently ruled that if and when the privacy interests of the data subject outweigh the public interest, the individual should be able to enforce his or her 'right to be forgotten'.</font></div><div><font size="2" style="font-size:13px"><br>This decision is something we should carefully consider when looking at how long we retain information for. Certainly once a domain name has expired, it would be difficult to justify under these rulings the continued storage of the sensitive personal information of registrants.</font></div><div><font size="2" style="font-size:13px"><br></font></div><div><font size="2" style="font-size:13px">I appreciate that EU rulings do not necessarily impact Californian law, but hey, why not have a race to the top and adopt international best practices in privacy law… :-)</font></div><div><font size="2" style="font-size:13px"><br></font></div><div><font size="2" style="font-size:13px">Best wishes,</font></div><div><font size="2" style="font-size:13px"><br></font></div><div><font size="2" style="font-size:13px">Ayden Férdeline</font></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div>On Sun, Mar 27, 2016 at 5:37 AM, David Cake via Gnso-rds-pdp-privacy <span dir="ltr"><<a href="mailto:gnso-rds-pdp-privacy@icann.org" target="_blank">gnso-rds-pdp-privacy@icann.org</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div><div style="word-wrap:break-word">Welcome all of you to the Privacy sub-team. Thanks to all of you for volunteering. <div><br></div><div>Our task is first to collect information on privacy issues relevant to registration data. Then we will go on to decide how best to present that information for use of the working group - we may consolidate, summarise, prioritise etc in order to make the important information easily available. Hopefully the privacy experts on this group will help us locate the most important material, and make it easily digestible to the broader working group. </div><div><p style="font-family:Calibri,sans-serif;font-size:14px">This is a link to the RDS PDP WG document that describes the approach the WG agreed upon <a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__community.icann.org_download_attachments_58730879_RDS-2DPDP-2DProposed-2DSummary-2DApproach.pdf&d=CwMBAg&c=5VD0RTtNlTh3ycd41b3MUw&r=gvEx8xF7ynrYQ7wShqEr-w&m=u1EVRiHe_hJc7jxNs5HvrA_j6PFk6zDIgTHzeV5HW-I&s=2ky2gNfugoilw7hdnuB-Li1SPS7b_5IFQFq5Dm1QeEk&e=" target="_blank">https://community.icann.org/download/attachments/58730879/RDS-PDP-Proposed-Summary-Approach.pdf</a> </p><div>At this early stage, we are in collection mode - please send documents that you think will be valuable to the group. If you add a bit more information for context as to why you think it would be useful, that will probably be very helpful for later work. </div></div><div><br></div><div>Looking forward to working with you all. </div><span><font color="#888888"><div><br></div><div>David</div><div><br></div><div><br></div></font></span></div><br></div></div>_______________________________________________<br>
Gnso-rds-pdp-privacy mailing list<br>
<a href="mailto:Gnso-rds-pdp-privacy@icann.org" target="_blank">Gnso-rds-pdp-privacy@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy</a><br></blockquote></div><br></div><div><br></div><div><div style="line-height:17.03px">Ayden Férdeline</div><div style="line-height:17.03px"><a href="tel:%2B44.77.8018.7421" value="+447780187421" target="_blank">+44.77.8018.7421</a></div></div><img align="left" width="0" height="0" style="border:0;width:0px;min-height:0px" src="https://app.mixmax.com/api/track/v2/i5PFRJfeym67Ismz9/i02bj5SZulGblRmclZGQuVGZ5FmI/IyZy9mLu5WYjlGQ5NWY2lmcw1CckBXLzRmct82cudmI/IyZy9mLu5WYjlGQ5NWY2lmcw1CckBXLzRmct82cudmI?sc=false" alt="">
</td>
</tr>
</tbody></table>
</div>
<br>_______________________________________________<br>
Gnso-rds-pdp-privacy mailing list<br>
<a href="mailto:Gnso-rds-pdp-privacy@icann.org" target="_blank">Gnso-rds-pdp-privacy@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy</a><br></blockquote></div><br></div></div></blockquote></div></div></div></div>_______________________________________________<br>
Gnso-rds-pdp-privacy mailing list<br>
<a href="mailto:Gnso-rds-pdp-privacy@icann.org" target="_blank">Gnso-rds-pdp-privacy@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy</a></blockquote></div></div></div></div></div><span class="HOEnZb"><font color="#888888"><div dir="ltr">-- <br></div><div dir="ltr">Best regards,<div><br><div>@__f_f__</div></div></div>
</font></span><br>_______________________________________________<br>
Gnso-rds-pdp-privacy mailing list<br>
<a href="mailto:Gnso-rds-pdp-privacy@icann.org">Gnso-rds-pdp-privacy@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-privacy</a><br></blockquote></div><br></div></div><div hspace="streak-pt-mark" style="max-height:1px"><img style="width:0px;max-height:0px;overflow:hidden" src="https://mailfoogae.appspot.com/t?sender=aZG5kYW5uYW5nQGdtYWlsLmNvbQ%3D%3D&type=zerocontent&guid=f2441a1c-9596-4790-8226-7ee323cb348e"><font color="#ffffff" size="1">ᐧ</font></div>