[gnso-rds-pdp-wg] The States are Getting into the Act
Sam Lanfranco
sam at lanfranco.net
Wed Jun 22 14:36:50 UTC 2016
I have a brief comment to follow up on Volker’s comments, the spirit of
which I completely support. I recognize that my comments may be
unpopular. I have kept a low profile in these discussions and I fear
that despite heroic work and dedication on the part of all, there is a
serious risk of this turning into a train wreck in practice.
Registries and registrars operate under the existing laws of the
countries in which they reside. Increasingly they cannot conduct
business in countries unless they have a business presence in that
country. This gives countries power over registries and registrars,
including the power to override elements of contracts with ICANN. How
can this reality be reconciled with extending the most extensive privacy
protection level to customers in ways that are workable for all
providers and their customers?
ICANN can identify the absolute minimum data set required by ICANN.
ICANN does not have the country by country experience or exposure of
registrars and registries. It could participate in DNS industry led
efforts to deal with registries and registrar data requirements, but
those efforts are probably best held outside ICANN and (horror of
horrors) will likely involve multilateral efforts to reconcile
inter-country differences where ICANN could/should engage both as a
stakeholder and as an advocate for the common good in Internet governance.
In short, ICANN should (but probably won’t) focus on ICANN’s minimum
needs, and then work elsewhere in partnership, as a stakeholder and
offer wise counsel, within the larger multilateral and country by
country struggle for customer privacy and security in ways workable for
all providers and their customers. Does this sound like a new ICANN?
Yes. Is there a choice? I think not. Might I be wrong? Maybe. A train
wreck? Hope not.
Sam L.
On 6/22/2016 7:06 AM, Volker Greimann wrote:
>
> Frankly, as a provider that is handing over private details of my
> customer I do not care about anything less than the maximum required
> protection in any jurisdiction that may be applicable. So what if the
> states have lower privacy protection requirements than Europe and
> India has none? The only acceptable result in my eyes is an
> accomodation of the most extensive privacy protection level that may
> be required.
>
> If we start looking at the countries which do not care about the
> privacy of their citizens, then we will get nowhere. Only be adhering
> to a maximum standard can we ensure that the result is workable for
> all providers and their customers.
>
> Volker
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160622/c72313fd/attachment.html>
More information about the gnso-rds-pdp-wg
mailing list