<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p><font size="+1"><font face="Lucida Grande">Sadly, I was not on
that workteam. I recall pointing out that dividing into subteams
was not a good idea, (do you recall me trying to get out of
the privacy subteam, saying I needed to be on all the others?
I bet Rod might....) but I do not recall discussion of the
2013 RAA in plenary....although I have a vivid memory of
arguing with Michele (as one does) when he said the 2013 was
out of scope as it was in negotiation. However, I do think us
arguing about my (apparently but not necessarily) faulty
memory is fruitless and boring for all the others who were not
in the EWG. It was not, unfortunately, a recorded
discussion, and was quite non-transparent to others outside
the process. Also of course hard for those of us new to ICANN
to refresh our memories, absent an official record. Not the
problem in this exercise, thank goodness.</font></font></p>
<p><font size="+1"><font face="Lucida Grande">kind regards, <br>
</font></font></p>
<p><font size="+1"><font face="Lucida Grande">Steph</font></font></p>
<p><font size="+1"><font face="Lucida Grande">PS if the list of data
elements was lifted straight from the RAA after signing, then
discussed in that subteam, I would not have recognized all the
other bits, eg escrow and retention, which are problematic...as
you can see, this could go on and on but I will indeed check
my email records just to find out how I missed this. </font></font><br>
</p>
<br>
<div class="moz-cite-prefix">On 2016-04-27 2:36, Carlton Samuels
wrote:<br>
</div>
<blockquote
cite="mid:CAOZQb9RUen=RV5UAmFdTLDRApqXTqPmu8GK52U9E-5Whfq64_A@mail.gmail.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<div dir="ltr">
<div class="gmail_default" style="font-family:comic sans
ms,sans-serif;font-size:small">Actually Steph, we made
extensive use of RAA 2013 in one of the EWG subteams I worked.</div>
<div class="gmail_default" style="font-family:comic sans
ms,sans-serif;font-size:small"><br>
</div>
<div class="gmail_default" style="font-family:comic sans
ms,sans-serif;font-size:small">Lack of user identification,
authentication and access control was fingered as major
disabilities of the existing WHOIS protocol. Scott
[Hallenbeck], Lanre [Ajayi] and myself were members of the
subteam (if memory serves it was G) that examined all the data
elements described in the RAA 2013 WHOIS dataset from an
access perspective, identify their source[s] and classified
them for sensitivity to data protection rules.</div>
<div class="gmail_default" style="font-family:comic sans
ms,sans-serif;font-size:small"><br>
</div>
<div class="gmail_default" style="font-family:comic sans
ms,sans-serif;font-size:small">That outcome was the basis for
recommending the RDAP - then in final preparatory stage by the
WEIRDS WG of the IETF - as fit and proper vehicle for
processing registration data. </div>
<div class="gmail_default" style="font-family:comic sans
ms,sans-serif;font-size:small"><br>
</div>
<div class="gmail_default" style="font-family:comic sans
ms,sans-serif;font-size:small">Another EWG subteam (could have
been D with Michele on it) examined the RAA WHOIS dataset from
a collection perspective + added some elements not described
therein but which we know were generated in the course of the
user/registrar transaction. Scott and myself then mapped the
elements from collection perspective against those from the
access perspective in an effort to harmonize elements, all
under colour of data protection rules to decide the elements
that would be gated for access.</div>
<div class="gmail_default" style="font-family:comic sans
ms,sans-serif;font-size:small"><br>
</div>
<div class="gmail_default" style="font-family:comic sans
ms,sans-serif;font-size:small">These were fairly detailed
pieces of work and I kept the worksheets. So no, I cannot
agree we never examined the RAA 2013.</div>
<div class="gmail_default" style="font-family:comic sans
ms,sans-serif;font-size:small"><br>
</div>
<div class="gmail_default" style="font-family:comic sans
ms,sans-serif;font-size:small">Best,</div>
<div class="gmail_default" style="font-family:comic sans
ms,sans-serif;font-size:small">-Carlton</div>
<div class="gmail_extra"><br clear="all">
<div>
<div class="gmail_signature"><br>
==============================<br>
Carlton A Samuels<br>
Mobile: 876-818-1799<br>
<i><font color="#33CC00">Strategy, Planning, Governance,
Assessment & Turnaround</font></i><br>
=============================</div>
</div>
<br>
<div class="gmail_quote">On Mon, Apr 25, 2016 at 11:11 AM,
Stephanie Perrin <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:stephanie.perrin@mail.utoronto.ca"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:stephanie.perrin@mail.utoronto.ca">stephanie.perrin@mail.utoronto.ca</a></a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<p><font size="+2"><font face="Lucida Grande">I would
actually disagree. We discussed the use cases for
data, accepting those current uses as by and large
legitimate. From a data protection perspective,
it has been clear from the very beginning that
many of the new purposes that registrant data were
being put to, would not be permissible by law
under the original purpose of WHOIS. We never
looked at the collection instrument, (RAA) it was
accepted as fait accompli. We did not go over the
extensive collection of documents that we had
received from the DPAs. So a thorough, tabula
rasa discussion of the purpose of collection of
registrant data is in order, in my view. And SAC
055 agrees with that view.</font></font></p>
<span class="HOEnZb"><font color="#888888">
<p><font size="+2"><font face="Lucida Grande">Stephanie
Perrin</font></font><br>
</p>
</font></span>
<div>
<div class="h5"> <br>
<div>On 2016-04-25 17:34, Carlton Samuels wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div style="font-family:comic sans
ms,sans-serif;font-size:small">...and FWIW,
the Review Team's final report was a very
important substrate upon which the EWG's work
was advanced.</div>
<div style="font-family:comic sans
ms,sans-serif;font-size:small"><br>
</div>
<div style="font-family:comic sans
ms,sans-serif;font-size:small">The EWG spent
an inordinate amount of time resolving the
question as to whether there was a purposeful
need for registration data and if so, what
should be collected, the standards for
collection, how it should be curated and the
safeguards, why and how it should be published
and the mechanisms for publication.</div>
<div style="font-family:comic sans
ms,sans-serif;font-size:small"><br>
</div>
<div style="font-family:comic sans
ms,sans-serif;font-size:small">I say again, it
would be a sign of malignancy to embrace any
attempt to bounce the rubble here. If there is
new and original insight of value to the end
game, let it be heard. </div>
<div style="font-family:comic sans
ms,sans-serif;font-size:small"><br>
</div>
<div style="font-family:comic sans
ms,sans-serif;font-size:small">Otherwise,
enough good minds and treasure are exhausted
answering those questions. </div>
<div style="font-family:comic sans
ms,sans-serif;font-size:small"><br>
</div>
<div style="font-family:comic sans
ms,sans-serif;font-size:small">Lets get on
with it.</div>
<div style="font-family:comic sans
ms,sans-serif;font-size:small"><br>
</div>
<div style="font-family:comic sans
ms,sans-serif;font-size:small">-Carlton</div>
</div>
<div class="gmail_extra"><br clear="all">
<div>
<div><br>
==============================<br>
Carlton A Samuels<br>
Mobile: <a moz-do-not-send="true"
href="tel:876-818-1799"
value="+18768181799" target="_blank">876-818-1799</a><br>
<i><font color="#33CC00">Strategy, Planning,
Governance, Assessment & Turnaround</font></i><br>
=============================</div>
</div>
<br>
<div class="gmail_quote">On Mon, Apr 25, 2016 at
8:08 AM, Kathy Kleiman <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:kathy@kathykleiman.com"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:kathy@kathykleiman.com">kathy@kathykleiman.com</a></a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"> Hi
Marika and All, <br>
I think my concerns run to (iii) and (v)
below as the limitations of certain
documents (especially ones people refer to
often) have definitely been a part of the
discussion of this subgroup. I would note
that certain document in the summaries
already contain some red highlighted
notes, and I would like to request that
similar notes be added *within our
summary* of the Whois Review Team Final
Report and within our subgroup report to
the full WG. Here are the bullet points
you requested (tx for asking!):<br>
<br>
- The Whois Review Team was<i> </i><i>expressly
barred </i><i>from looking at the
purpose of the Whois system</i>. It was
allowed to look only at ICANN's "existing
policy relating to WHOIS" per the
Affirmation of Commitments signed between
US Department of Commerce and ICANN in
2009. <br>
<br>
- Even within that scope, the Whois Review
Team Final Report expressly recommended
protection of privacy for commercial
companies, noncommercial organizations and
individuals (finding that each shared with
us legal and legitimate reasons for
privacy including as-yet-unannounced
mergers, new movie names, unpopular
religious, ethnic and policy views, etc).
<br>
<br>
- The Whois Review Team Final Report
advised ICANN to work towards a standard
of "contactability" <i>- reaching the
registrant by </i><i>some </i><i>means
rather than </i><i>all means </i>-
which we wrote as: "ICANN should take
appropriate measures to reduce the number
of WHOIS registrations that fall into the
accuracy groups Substantial Failure and
Full Failure (as defined by the NORC Data
Accuracy Study, 2009/10..." p. 87.<br>
<br>
We were tasked with conveying to the full
WG our understanding of "purpose" as
guided by these documents - and these
notes add key insights and understandings
to it (as we shared many times in
presenting this Final Report to ICANN in
2012). <br>
<br>
Best,<br>
Kathy
<div>
<div><br>
<br>
On 4/24/2016 8:35 PM, Marika Konings
wrote:<br>
<blockquote type="cite">
<pre>Kathy, all, as a reminder, each sub-team is expected to answer the
following questions in relation to the work it has undertaken:
(i) Did this input inventory produce any insights to inform the WG¹s work
plan?
(ii) Which inputs are likely to be the most important [relevant] during WG
deliberations and why?
(iii) Which inputs, if any, generated the most discussion within the small
team?
(iv) Which inputs may be obsolete or super-ceded by subsequent work?
(v) What input gaps, if any, may need to be addressed later?
(vi) Other key takeaways from this input inventory the team wishes to
share with the WG
Your concern appears to fall under item v? If you would like to summarise
your concerns in a few bullets, the sub-team can maybe use these to start
building out the responses to the questions?
Best regards,
Marika
On 22/04/16 15:13, <a moz-do-not-send="true" href="mailto:gnso-rds-pdp-purpose-bounces@icann.orgonbehalfofKathyKleiman" target="_blank">"gnso-rds-pdp-purpose-bounces@icann.org on behalf of
Kathy Kleiman"</a> <a moz-do-not-send="true" href="mailto:gnso-rds-pdp-purpose-bounces@icann.orgonbehalfofkathy@kathykleiman.com" target="_blank"><gnso-rds-pdp-purpose-bounces@icann.org on behalf of
kathy@kathykleiman.com></a> wrote:
</pre>
<blockquote type="cite">
<pre>Hi Susan and Lisa,
I have a question (which certainly does not have to be answered on a
Friday afternoon), but some deep concerns have been raised on this list
by people who helped created various documents and reports that we are
now evaluating. For example, I raised the fact that it was completely
out of scope for the Whois Review Team to evaluate the data collected in
Whois and the primary purpose for which it was created. By the
Affirmation of Commitments, we had to deal with the Whois system as it
existed (and had been passed to ICANN from the National Science
Foundation).
We could not and did not address or deal with primary purpose. I think
this limitation and fact is critical to the understanding and evaluation
of the Whois Review Team report, especially as it applies to our
question of "purpose."
How can this point be added to Whois Review Team Final Report summary -
perhaps in Additional Information? -- and to our discussion?
Tx,
Kathy
_______________________________________________
gnso-rds-pdp-purpose mailing list
<a moz-do-not-send="true" href="mailto:gnso-rds-pdp-purpose@icann.org" target="_blank">gnso-rds-pdp-purpose@icann.org</a>
<a moz-do-not-send="true" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose</a>
</pre>
</blockquote>
</blockquote>
<br>
</div>
</div>
</div>
<br>
_______________________________________________<br>
gnso-rds-pdp-purpose mailing list<br>
<a moz-do-not-send="true"
href="mailto:gnso-rds-pdp-purpose@icann.org"
target="_blank">gnso-rds-pdp-purpose@icann.org</a><br>
<a moz-do-not-send="true"
href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose"
rel="noreferrer" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose</a><br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
gnso-rds-pdp-purpose mailing list
<a moz-do-not-send="true" href="mailto:gnso-rds-pdp-purpose@icann.org" target="_blank">gnso-rds-pdp-purpose@icann.org</a>
<a moz-do-not-send="true" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose</a></pre>
</blockquote>
<br>
</div>
</div>
</div>
<br>
_______________________________________________<br>
gnso-rds-pdp-purpose mailing list<br>
<a moz-do-not-send="true"
href="mailto:gnso-rds-pdp-purpose@icann.org">gnso-rds-pdp-purpose@icann.org</a><br>
<a moz-do-not-send="true"
href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose"
rel="noreferrer" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-purpose</a><br>
</blockquote>
</div>
<br>
</div>
</div>
</blockquote>
<br>
</body>
</html>