[gnso-rds-pdp-purpose] Summaries from Relevant Sections of International Working Group on Data Protection in Telecommunications and Media Documents - Purpose

Mon Apr 11 18:26:12 UTC 2016

Sana,

What is the final document you have summarized (which you entitled "Comments
on the data protection impact of the revision of the ICANN RAA concerning
accuracy and data retention of WHOIS data") I don't see this on our Wiki or
on the the website showing all of this group's papers.  Thank you.

Greg

On Sun, Apr 10, 2016 at 9:16 PM, Sana Ali via gnso-rds-pdp-purpose <
gnso-rds-pdp-purpose at icann.org> wrote:

> *Users/Purposes: Who should have access to gTLD registration data and why
> (for what purposes)?*
>
>
> *Common Position on data protection aspects in the Draft Convention on
> cyber-crime of the Council of Europe *
>
> In this respect the Working Group supports the findings of the European
> Data Protection Commissioners Conference that such retention of traffic
> data by Internet service providers would be an  improper invasion of the
> fundamental rights guaranteed to individuals by the European Convention on
> Human Rights.This goes also for storing data revealing the use of the
> Internet by  individuals. Existing powers for tracing crimes should not be
> extended in a way that invades privacy until the need for such measures has
> been clearly demonstrated. The Working Group has  in the past stated that
> any Interception of Private Communications should be subject to appropriate
> safeguards. Existing conditions and safeguards  provided for under domestic
> law and the Convention on Mutual Assistance in Criminal Matters between the
> Member States of the  European Union (Art. 23) must be respected. Such
> conditions and safeguards should at least include • prior judicial
> authorisation, •
> (subsequent) notification of individuals, • limits on use, •
> record-keeping requirements, • monitoring and auditing as well as • public
> reporting.  In particular the cooperation of national authorities with
> operators of public and private networks should be based on solid, legal
> obligations rather than on voluntary agreement that are very difficult to
> control.
>
>
>
> *Ten Commandments to protect Privacy in the Internet World Common Position
> on Incorporation of telecommunications-specific principles in multilateral
> privacy agreements*
>
> Informational Separation of Powers: Network and Service Providers must not
> intercept or interfere with any contents except where explicit law requires
> it. Insofar as Network or Service Providers provide contents themselves,
> responsibilities for the respective functions have to be separated.
> • Virtual Right to be Alone: Nobody must be forced to let his or her
> personal data be published in directories or other indices. Every user has
> to be given the right to object to his or her data being collected by a
> search engine or other agents. Every user has to be given the right and the
> technical means to prevent the intrusion of external software into his own
> devices.
> • Restriction on Secondary Use: Traffic data must not be used for other
> purposes than those which are necessary to run the networks or services
> without explicit consent of the user.
>
>
> *Common Position on Privacy and Data Protection aspects of the
> Registration of Domain Names on the Internet*
>
>
>
>
>    - these databases were originally intended to facilitate the technical
>    maintenance of the network (e.g. to contact the person running a domain
>    which produced errors hindering the functioning of the net)
>
> •  Any technical mechanism to be introduced to access the data collected
> from the registrants must furthermore have safeguards to meet the principle
> of purpose limitation and avoidance of the possibility to unauthorised
> secondary use of the registrant's data.
>
>
>
>
> *Common Position relating to Reverse Directories*
>
> • It is in any case necessary to endow the persons with the right to be
> informed by their provider of telephone or e-mail service, at the time of
> the collection of data concerning them, or if they have already subscribed,
> by a specific means of information, of the existence of services of reverse
> search and - if express consent is not required - of their right to object,
> free of charge, to such a search.
>
>
>
>
>
> * Comments on the data protection impact of the revision of the ICANN RAA
> concerning accuracy and data retention of WHOIS data*
>
>
> • In assessing these proposals, ICANN should be aware that the purpose of
> collecting and publishing contact details in the WHOIS database is to
> facilitate contact about technical issues. The original purpose definition
> reads: “The purpose of the gTLD Whois service is to provide information
> sufficient to contact a responsible party for a particular gTLD domain name
> who can resolve, or reliably pass on data to a party who can resolve,
> issues related to the configuration of the records associated with the
> domain name within a DNS name server."
> • The Working Party finds the proposed new requirement to annually
> re-verify both the telephone number and the e-mail address and publish
> these contact details in the publicly accessible WHOIS database excessive
> and therefore unlawful. Because ICANN is not addressing the root of the
> problem, the proposed solution is a disproportionate infringement of the
> right to protection of personal data.
>
>
>
>
> Sana Ali
> sana.ali2030 at gmail.com
> https://ca.linkedin.com/in/sanaali2030
>
>
>
>
>
>
> _______________________________________________
> gnso-rds-pdp-purpose mailing list
> gnso-rds-pdp-purpose at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-purpose/attachments/20160411/910991d6/attachment.html>