[gnso-rds-pdp-wg] RDS 5 Charter questions
Farell Folly
farellfolly at gmail.com
Fri Jun 17 13:39:19 UTC 2016
+1 Chuck.
Best Regards
--ff--
Mail sent from my mobile phone. Excuse for brievety.
Le 17 juin 2016 14:05, "Gomes, Chuck" <cgomes at verisign.com> a écrit :
> Stephanie,
>
>
>
> You provide some excellent input for the costing exercise and make a very
> valid point that none of us want to go through this lengthy exercise only
> to find out it can’t be funded because of prohibitive costs. So I
> definitely agree that we need start examining costs in Phase 1 but I think
> it will be a little easier (not easy) to start doing that after we
> deliberate on the possible requirements for the first five questions and
> agree on an answer to the fundamental question we have to answer at that
> point, i.e., whether a new RDS system is needed to meet the requirements.
> In the meantime, it will be wise for us to keep cost implications in mind
> in everything we do because they will be critical.
>
>
>
> Chuck
>
>
>
> *From:* Stephanie Perrin [mailto:stephanie.perrin at mail.utoronto.ca]
> *Sent:* Thursday, June 16, 2016 11:32 PM
> *To:* Gomes, Chuck; gnso-rds-pdp-wg at icann.org
> *Subject:* Re: [gnso-rds-pdp-wg] RDS 5 Charter questions
>
>
>
> Excellent question, and it is a hard one. In my view step one is to
> isolate every step in the data chain that involves a cost (to the
> registrant, to the registrar, registry, beneficial user of the data, access
> control entity, escrow entity, even ICANN etc.). I include time as money
> here. Systems and backup systems I am sure everyone has decent numbers
> for, I am less sure about the rest because if ICANN demands certain data
> practices as a condition of accreditation it is hardly worth costing it
> out. However, adding data elements, tiered access, authentication, decent
> security, escrow, adds cost elements. One of the questions that is factored
> in to that root question, what is the purpose of WHOIS?, is related to
> affordability and access to the DNS for every individual and company, as
> far as I am concerned (and I think I speak for most of us in NCSG when I
> say that). So if you tell me you can estimate this now, I will relax. It
> is a bit like knowing what your budget is when you reach for the grocery
> cart....and who gave you the money in your purse. If registrars have to
> deal with every law enforcement/IP holder demand for data with a human
> being, the cost may well be prohibitive. this is a nut that has to be
> cracked early, in my view, I do not want to be lulled into a false sense of
> security that tiered access with solve privacy problems if a couple of
> years from now we are told sorry, the registrant will have to be taxed an
> extra 250% to cover the cost of that. Since the EWG tried in vain to find
> a party who was keen to authenticate law enforcement, I suspect that piece
> will be extremely costly as well.
>
> SP
>
>
>
> On 2016-06-16 22:20, Gomes, Chuck wrote:
>
> Stephanie,
>
>
>
> You have brought up costs multiple times before but I am still puzzled how
> we can estimate costs until we have a better understanding of what the
> requirements will be along with the resulting policies. And solving the
> problem of who pays is pretty hard to do until we have a reasonable
> estimate of the amount of costs. How would you propose we deal with costs
> at this stage?
>
>
>
> Chuck
>
>
>
> *From:* gnso-rds-pdp-wg-bounces at icann.org [
> mailto:gnso-rds-pdp-wg-bounces at icann.org
> <gnso-rds-pdp-wg-bounces at icann.org>] *On Behalf Of *Stephanie Perrin
> *Sent:* Thursday, June 16, 2016 10:09 AM
> *To:* gnso-rds-pdp-wg at icann.org
> *Subject:* Re: [gnso-rds-pdp-wg] RDS 5 Charter questions
>
>
>
> I will repeat what I have said before. Discussing "requirements" before
> purpose sets up business requirements before we have defined the business.
> DIscussing accuracy and access before we have determined requirements
> merely throws the cement hardener into the mix. Why on earth discuss
> accuracy requirements for data elements that are on someone's wish list
> unless the costing (and who will pay) is also defined? Part of discussing
> original purpose of the collection, use and disclosure of registration data
> is to determine, in 2016 and for the foreseeable future, why we collect
> information, what is legally permissible to collect, and who will pay for
> that collection (in one form or another).
>
> as I have said before, I fully understand that tackling this problem is
> difficult, and I understand the rationale for going with all the
> "requirements" first. I do think getting further refinement will sway all
> of us in certain directions....towards accepting the assumptions that all
> this data collection is necessary and desirable. It will also tire out
> those of us who have another life, but perhaps that is a desired outcome of
> the majority.
>
> Apologies for missing the call yesterday, I was travelling and unable to
> accept the callout. Comments will be coming shortly.
>
> SP
>
>
>
> On 2016-06-16 5:59, Victoria Sheckler wrote:
>
> +1
>
>
>
> *From:* gnso-rds-pdp-wg-bounces at icann.org [
> mailto:gnso-rds-pdp-wg-bounces at icann.org
> <gnso-rds-pdp-wg-bounces at icann.org>] *On Behalf Of *Vayra, Fabricio
> (Perkins Coie)
> *Sent:* Wednesday, June 15, 2016 10:50 AM
> *To:* Gomes, Chuck <cgomes at verisign.com> <cgomes at verisign.com>; Ayden
> Férdeline <icann at ferdeline.com> <icann at ferdeline.com>; Susan Kawaguchi
> <susank at fb.com> <susank at fb.com>
> *Cc:* gnso-rds-pdp-wg at icann.org
> *Subject:* Re: [gnso-rds-pdp-wg] RDS 5 Charter questions
>
>
>
> I agree with Susan. There’s a reason the charter was written as is and to
> change it unwinds the charter without the benefit of the thoughtful work
> and deliberations that went into it. Moreover, leaving access and accuracy
> out of the discussion until the end has us making decisions in a vacuum.
> And, finally, I’m not sure how you divorce Users/Purposes, Privacy, and
> Data elements from Access and Accuracy, as the latter two are a constant
> and vital reference within all documents I’ve reviewed on the former three
> … so to separate these two topics out until later just sets us up for
> unnecessary grid-lock when we have to revisit the first three topics
> through the interrelated latter two topics of Access and Accuracy.
>
>
>
> Thanks,
>
>
>
> *Fabricio Vayra*
>
> *PARTNER*
>
> 700 Thirteenth Street, N.W. Suite 600
>
> Washington, DC 20005-3960
>
> D. +1.202.654.6255
>
> F. +1.202.654.9678
>
> E. FVayra at perkinscoie.com
>
> [image: cid:image001.jpg at 01D054C5.01001EE0]
>
>
>
> *From:* gnso-rds-pdp-wg-bounces at icann.org [
> mailto:gnso-rds-pdp-wg-bounces at icann.org
> <gnso-rds-pdp-wg-bounces at icann.org>] *On Behalf Of *Gomes, Chuck
> *Sent:* Wednesday, June 15, 2016 9:21 AM
> *To:* Ayden Férdeline; Susan Kawaguchi
> *Cc:* gnso-rds-pdp-wg at icann.org
> *Subject:* Re: [gnso-rds-pdp-wg] RDS 5 Charter questions
> *Importance:* High
>
>
>
> Thanks for continuing the discussion on the approach to reaching
> consensus. I strongly encourage others to express your opinion on that
> along with your rationale: 1) Should we leave our work plan as is or 2)
> should we change it from two issue reports to three issue reports with the
> first one following deliberation on the user/purpose, privacy/data
> protection and data element questions?
>
>
>
> I appreciate the time you took to explain your position but note that much
> of what you said gets into what we will discuss in our future deliberations
> so I ask everyone to not go there yet but instead focus on commenting on
> the approach to reaching consensus. Our goal is to finalize that approach
> in our meeting next week.
>
>
>
> Chuck
>
>
>
> *From:* Ayden Férdeline [mailto:icann at ferdeline.com <icann at ferdeline.com>]
>
> *Sent:* Wednesday, June 15, 2016 6:54 AM
> *To:* Susan Kawaguchi
> *Cc:* gnso-rds-pdp-wg at icann.org; Gomes, Chuck
> *Subject:* Re: [gnso-rds-pdp-wg] RDS 5 Charter questions
>
>
>
> Hi Susan,
>
>
>
> Thanks for sharing these reflections. I understand the desire not to
> complicate this task. As someone who is new to the ICANN community and its
> approach to policy-making – and, also, someone who is an advocate of
> privacy – it would seem to me that all the costs and burdens associated
> with rallying against an open-access Registration Directory Service have
> been put on some stakeholders, while proponents of the status quo profit
> from the lack of consensus or inertia on a different path forward. I say
> this not to demonise any views, but to clarify that I do indeed share your
> perspective that we don’t want to be permanently gridlocked here.
>
>
>
> This is actually why my preference would be to go down the path that was
> suggested on our call yesterday – from what I recall, it would mean three
> opportunities for public comment, and a mandate to focus our energies on
> understanding Users/Purposes, Privacy, and Data Elements before we consider
> whether or not gated access is necessary or whether or not records should
> be accurate. It seems a little premature to me to consider the latter
> points when we have not yet established if there is a basis for collecting
> registration data in the first place. I share your point, though, that we
> should be distinguishing between individuals and commercial entities –
> which is not to presuppose that there ultimately will be a need for
> variations in treatment if the RDS is warranted.
>
>
>
> We can make our work easier, however. If we decide upon a standard by
> which to assess whether or not the RDS complies with, say, data privacy
> laws, we might have a more straightforward exercise ahead. And on that
> point I would like to note that just because the Internet originated in the
> US and its governance framework has been historically dominated by US-based
> actors does not mean we should by default turn to US law for contextual
> protections or principles. I would like to respectfully suggest that
> European instruments such as the European Convention on Human Rights,
> standards set by the European Union Data Protection Directive, and
> Convention 108 of the Council of Europe might be helpful starting points.
> These are not obscure laws or conventions which apply to no one: the EU
> population is over 500 million people, far greater than that of the US.
>
>
>
> I am not a lawyer and I do not come at this topic with the same
> institutional knowledge that others do have. I do not know all the details
> or decisions that have led us to this point where, it would seem, the
> (political) cost to move away from the current default is so very high. I
> say this to be clear, from the onset, that I might well be misinformed or
> wrong about how we move forward in this working group. However, it is my
> view that just because the Internet is by nature cross-border does not mean
> that it should be treated as a self-governing realm beyond the reach of
> national laws. WHOIS today, to me, seems to subvert and/or undermine
> domestic norms and institutions in many territories worldwide. I don’t want
> to get into the question of sovereignty online, but it would be helpful to
> at least establish whether or not we believe ICANN should mandate through
> its contracts with registrars that they comply with local legal
> regulations, or whether we instead believe that market forces should be
> driving fundamental decisions about the nature of the Internet.
>
>
>
> You can probably guess my position here, but I’d like to think we can
> reach some common ground. What are we more concerned about – the rights of
> the data subject and controller, or the rights of those who wish to
> monetise it? To come up with, like we have, a list of something like 780
> possible requirements for the RDS strikes me as a recipe for disaster. It
> seems inevitable that we will accidentally impose huge costs on some
> stakeholder groups – the unintended consequence of trying to achieve some
> short-term policy goal not to do with any functional imperative of the
> Internet itself, but to meet someone’s obscure interest. That’s why I want
> to hammer down on what data is being collected, why it is being used, and
> what are the implications for privacy before we proceed any further.
>
>
>
> Just my $0.02.
>
>
>
> - Ayden
>
>
>
>
>
> On Tue, Jun 14, 2016 10:51 PM, Susan Kawaguchi susank at fb.com wrote:
>
> Hello All,
>
>
>
> I have been thinking about the RDS discussion from this morning’s meeting
> and wanted to clarify my personal position (not as a vice chair of the WG)
> I think we will complicate our task if we initially limit the discussion
> to three of the charter questions relating to users/purposes, privacy and
> data elements. Much thought went into drafting the charter and
> brainstorming how a WG should approach deliberations.
>
>
>
> Users/Purposes
>
> Privacy
>
> Data elements
>
> Access
>
> Accuracy
>
>
>
> All of the above are very interrelated and I can’t imagine that we can
> sufficiently discuss one or two without the others.
>
>
>
> One other issue that comes to mind is that we must keep in mind PII data
> but we also have to be wary of creating requirements that convey data
> protection rights of individuals to commercial entities. For each of the
> topics above we need to address how it would affect an individual or a
> commercial entity.
>
>
>
> I think we should move forward with the original plan according to the
> Charter and discuss all 5 issues in the first pass.
>
> Susan Kawaguchi
>
> Domain Name Manager
>
> Facebook Legal Dept.
>
>
>
>
>
> Ayden Férdeline
>
> Statement of Interest
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__community.icann.org_display_gnsosoi_Ayden-26-2343-3BF-25C3-25A9rdeline-26-2343-3BSOI&d=CwMGaQ&c=XRWvQHnpdBDRh-yzrHjqLpXuHNC_9nanQc6pPG_SpT0&r=6lUxzkhJPN5qts-Nve5TYqxoGjP81z1kCvXgsmw-MiQ&m=fLy_j2dJidfz8cbOpf5vyO1JREPzgsOw2KKOvpqP3eI&s=kkHizDWFLQRbNkD1e9Kt9tnqA6BmHLWlIte1Qy8Q500&e=>
>
>
>
>
> ------------------------------
>
>
> NOTICE: This communication may contain privileged or other confidential
> information. If you have received it in error, please advise the sender by
> reply email and immediately delete the message and any attachments without
> copying or disclosing the contents. Thank you.
>
>
>
>
>
> _______________________________________________
>
> gnso-rds-pdp-wg mailing list
>
> gnso-rds-pdp-wg at icann.org
>
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
>
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160617/b6c3bf1d/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 4701 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160617/b6c3bf1d/image001.jpg>
More information about the gnso-rds-pdp-wg
mailing list