<div dir="ltr"><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:small">Actually Steph, we made extensive use of RAA 2013 in one of the EWG subteams I worked.</div><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:small">Lack of user identification, authentication and access control was fingered as major disabilities of the existing WHOIS protocol. Scott [Hallenbeck], Lanre [Ajayi] and myself were members of the subteam (if memory serves it was G) that examined all the data elements described in the RAA 2013 WHOIS dataset from an access perspective, identify their source[s] and classified them for sensitivity to data protection rules.</div><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:small">That outcome was the basis for recommending the RDAP - then in final preparatory stage by the WEIRDS WG of the IETF - as fit and proper vehicle for processing registration data. </div><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:small">Another EWG subteam (could have been D with Michele on it) examined the RAA WHOIS dataset from a collection perspective + added some elements not described therein but which we know were generated in the course of the user/registrar transaction. Scott and myself then mapped the elements from collection perspective against those from the access perspective in an effort to harmonize elements, all under colour of data protection rules to decide the elements that would be gated for access.</div><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:small">These were fairly detailed pieces of work and I kept the worksheets. So no, I cannot agree we never examined the RAA 2013.</div><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:small">Best,</div><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:small">-Carlton</div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><br>==============================<br>Carlton A Samuels<br>Mobile: 876-818-1799<br><i><font color="#33CC00">Strategy, Planning, Governance, Assessment & Turnaround</font></i><br>=============================</div></div>
<br><div class="gmail_quote">On Mon, Apr 25, 2016 at 11:11 AM, Stephanie Perrin <span dir="ltr"><<a href="mailto:stephanie.perrin@mail.utoronto.ca" target="_blank">stephanie.perrin@mail.utoronto.ca</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<p><font size="+2"><font face="Lucida Grande">I would actually disagree.
We discussed the use cases for data, accepting those current
uses as by and large legitimate. From a data protection
perspective, it has been clear from the very beginning that
many of the new purposes that registrant data were being put
to, would not be permissible by law under the original purpose
of WHOIS. We never looked at the collection instrument, (RAA)
it was accepted as fait accompli. We did not go over the
extensive collection of documents that we had received from
the DPAs. So a thorough, tabula rasa discussion of the
purpose of collection of registrant data is in order, in my
view. And SAC 055 agrees with that view.</font></font></p><span class="HOEnZb"><font color="#888888">
<p><font size="+2"><font face="Lucida Grande">Stephanie Perrin</font></font><br>
</p></font></span><div><div class="h5">
<br>
<div>On 2016-04-25 17:34, Carlton Samuels
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div style="font-family:comic sans ms,sans-serif;font-size:small">...and FWIW, the Review Team's
final report was a very important substrate upon which the
EWG's work was advanced.</div>
<div style="font-family:comic sans ms,sans-serif;font-size:small"><br>
</div>
<div style="font-family:comic sans ms,sans-serif;font-size:small">The EWG spent an inordinate
amount of time resolving the question as to whether there was
a purposeful need for registration data and if so, what should
be collected, the standards for collection, how it should be
curated and the safeguards, why and how it should be published
and the mechanisms for publication.</div>
<div style="font-family:comic sans ms,sans-serif;font-size:small"><br>
</div>
<div style="font-family:comic sans ms,sans-serif;font-size:small">I say again, it would be a sign
of malignancy to embrace any attempt to bounce the rubble
here. If there is new and original insight of value to the end
game, let it be heard. </div>
<div style="font-family:comic sans ms,sans-serif;font-size:small"><br>
</div>
<div style="font-family:comic sans ms,sans-serif;font-size:small">Otherwise, enough good minds
and treasure are exhausted answering those questions. </div>
<div style="font-family:comic sans ms,sans-serif;font-size:small"><br>
</div>
<div style="font-family:comic sans ms,sans-serif;font-size:small">Lets get on with it.</div>
<div style="font-family:comic sans ms,sans-serif;font-size:small"><br>
</div>
<div style="font-family:comic sans ms,sans-serif;font-size:small">-Carlton</div>
</div>
<div class="gmail_extra"><br clear="all">
<div>
<div><br>
==============================<br>
Carlton A Samuels<br>
Mobile: <a href="tel:876-818-1799" value="+18768181799" target="_blank">876-818-1799</a><br>
<i><font color="#33CC00">Strategy, Planning, Governance,
Assessment & Turnaround</font></i><br>
=============================</div>
</div>
<br>
<div class="gmail_quote">On Mon, Apr 25, 2016 at 8:08 AM, Kathy
Kleiman <span dir="ltr"><<a href="mailto:kathy@kathykleiman.com" target="_blank">kathy@kathykleiman.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> Hi Marika and All, <br>
I think my concerns run to (iii) and (v) below as the
limitations of certain documents (especially ones people
refer to often) have definitely been a part of the
discussion of this subgroup. I would note that certain
document in the summaries already contain some red
highlighted notes, and I would like to request that
similar notes be added *within our summary* of the Whois
Review Team Final Report and within our subgroup report to
the full WG. Here are the bullet points you requested (tx
for asking!):<br>
<br>
- The Whois Review Team was<i> </i><i>expressly barred </i><i>from
looking at the purpose of the Whois system</i>. It was
allowed to look only at ICANN's "existing policy relating
to WHOIS" per the Affirmation of Commitments signed
between US Department of Commerce and ICANN in 2009. <br>
<br>
- Even within that scope, the Whois Review Team Final
Report expressly recommended protection of privacy for
commercial companies, noncommercial organizations and
individuals (finding that each shared with us legal and
legitimate reasons for privacy including
as-yet-unannounced mergers, new movie names, unpopular
religious, ethnic and policy views, etc). <br>
<br>
- The Whois Review Team Final Report advised ICANN to work
towards a standard of "contactability" <i>- reaching the
registrant by </i><i>some </i><i>means rather than </i><i>all
means </i>- which we wrote as: "ICANN should take
appropriate measures to reduce the number of WHOIS
registrations that fall into the accuracy groups
Substantial Failure and Full Failure (as defined by the
NORC Data Accuracy Study, 2009/10..." p. 87.<br>
<br>
We were tasked with conveying to the full WG our
understanding of "purpose" as guided by these documents -
and these notes add key insights and understandings to it
(as we shared many times in presenting this Final Report
to ICANN in 2012). <br>
<br>
Best,<br>
Kathy
<div>
<div><br>
<br>
On 4/24/2016 8:35 PM, Marika Konings wrote:<br>
<blockquote type="cite">
<pre>Kathy, all, as a reminder, each sub-team is expected to answer the
following questions in relation to the work it has undertaken:
(i) Did this input inventory produce any insights to inform the WG¹s work
plan?
(ii) Which inputs are likely to be the most important [relevant] during WG
deliberations and why?
(iii) Which inputs, if any, generated the most discussion within the small
team?
(iv) Which inputs may be obsolete or super-ceded by subsequent work?
(v) What input gaps, if any, may need to be addressed later?
(vi) Other key takeaways from this input inventory the team wishes to
share with the WG
Your concern appears to fall under item v? If you would like to summarise
your concerns in a few bullets, the sub-team can maybe use these to start
building out the responses to the questions?
Best regards,
Marika
On 22/04/16 15:13, <a href="mailto:gnso-rds-pdp-purpose-bounces@icann.orgonbehalfofKathyKleiman" target="_blank">"gnso-rds-pdp-purpose-bounces@icann.org on behalf of
Kathy Kleiman"</a> <a href="mailto:gnso-rds-pdp-purpose-bounces@icann.orgonbehalfofkathy@kathykleiman.com" target="_blank"><gnso-rds-pdp-purpose-bounces@icann.org on behalf of
kathy@kathykleiman.com></a> wrote:
</pre>
<blockquote type="cite">
<pre>Hi Susan and Lisa,
I have a question (which certainly does not have to be answered on a
Friday afternoon), but some deep concerns have been raised on this list
by people who helped created various documents and reports that we are
now evaluating. For example, I raised the fact that it was completely
out of scope for the Whois Review Team to evaluate the data collected in
Whois and the primary purpose for which it was created. By the
Affirmation of Commitments, we had to deal with the Whois system as it
existed (and had been passed to ICANN from the National Science
Foundation).
We could not and did not address or deal with primary purpose. I think
this limitation and fact is critical to the understanding and evaluation
of the Whois Review Team report, especially as it applies to our
question of "purpose."
How can this point be added to Whois Review Team Final Report summary -
perhaps in Additional Information? -- and to our discussion?
Tx,
Kathy
_______________________________________________
gnso-rds-pdp-purpose mailing list
<a href="mailto:gnso-rds-pdp-purpose@icann.org" target="_blank">gnso-rds-pdp-purpose@icann.org</a>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose</a>
</pre>
</blockquote>
</blockquote>
<br>
</div>
</div>
</div>
<br>
_______________________________________________<br>
gnso-rds-pdp-purpose mailing list<br>
<a href="mailto:gnso-rds-pdp-purpose@icann.org" target="_blank">gnso-rds-pdp-purpose@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose</a><br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
gnso-rds-pdp-purpose mailing list
<a href="mailto:gnso-rds-pdp-purpose@icann.org" target="_blank">gnso-rds-pdp-purpose@icann.org</a>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose</a></pre>
</blockquote>
<br>
</div></div></div>
<br>_______________________________________________<br>
gnso-rds-pdp-purpose mailing list<br>
<a href="mailto:gnso-rds-pdp-purpose@icann.org">gnso-rds-pdp-purpose@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose</a><br></blockquote></div><br></div></div>