<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="Arial">Hi All,<br>
I think we have been asked for our list of the most relevant
documents for the Working Group from our Privacy subgroup. It is
hard to choose from the excellent list and summaries prepared! <br>
<br>
My thoughts are that the documents below provide the best overview
of pivotal legal principles of data protection, show the enormous
spread of these principles around the world (particularly
recently), and give us guidance for interpretation of these
principles (including what it means to be a "data controller" and
requires) are below. <br>
<br>
Best regards,<br>
Kathy<br>
<br>
In answer to subgroup question "(ii) Which inputs are likely to be
the most important [relevant] during WG deliberations and why?", I
share:<br>
<br>
1) The EU Data Protection Directive 1995 (the best known of all
data protection laws; the legal obligations of all countries in
the EU)<br>
2) The Council of Europe's Treaty 108 on Data Protection (created
in 1981, and signed about 47 countries within and outside the EU,
this is a key founding document of comprehensive data protection
laws) <br>
<br>
3) Professor Greenleaf's two articles (part of the same book) set
out his studies showing that the adoption of data protection laws
is growing rapidly -- and in 2015 the number of countries with
comprehensive data protection laws surpassed those without data
protections laws. More than a majority of the countries of the
world have now adopted comprehensive data protection laws and
legal frameworks. <br>
<br>
4) <font size="3"><span lang="en-GB">Schrems v.</span></font><font
size="3"><span lang="en-GB"> Data Protection Commissioner
(2015)/EU-US Privacy Shield (2016) - very recent cases and
agreements which clearly show that rigorous enforcement of EU
data protection laws is on the rise by high courts and their
decisions are forcing new agreements to be negotiated which
raise the legal requirements for transferring data from the EU
countries to other parts of the world. The new EU-U.S. Privacy
Shield is an important example of these higher legal
requirements. The Article 29 Working Party Opinion on the
Privacy Shield -- only about two weeks old -- is important for
its discussion of these newest of major legal data protection
frameworks.<br>
<br>
5) Opinion 2/2003 on the Application of the Data Protection
Principles to the Whois directories is the Article 29 Working
Party's opinion expressly guiding ICANN on how to apply data
protection laws and frameworks to the Whois issues. What could
be more "on point" for our full Working Group's work? <br>
<br>
6) McIntyre v. Ohio Elections Commission, a decision in 1995
by the US Supreme Court, affirming the importance of anonymous
speech in creating an avenue for important, but unpopular and
minority ideas to enter into a country's robust political,
cultural and artistic discussions. In this decision, the US
Supreme Court found that anonymity speech is a protected under
the US First Amendment and a person cannot be forced to put
her/his name and address on all of statements. <br>
<br>
Best regards, <br>
Kathy</span></font></font><font face="Times New Roman, serif"><font
size="3"><span lang="en-GB"><br>
</span></font></font>
</body>
</html>