[gnso-rds-pdp-wg] Sign-Up Sheet - Task 8
Ayden Férdeline
icann at ferdeline.com
Thu May 26 15:12:28 UTC 2016
Dear Greg,
Thank you for your comments. I was under the impression that at this time we
were simply gathering possible requirements, and not debating their content or
merits. Even if there is a feeling that I have not faithfully carried through
the views of the Special Rapporteur - and that may well be a fair comment - I
would still like these to be included in our list of possible requirements
please.
If we do not want or it does not feel appropriate attributing these possible
requirements to the Special Rapporteur's report, that is fine. When the timing
is appropriate, I will flesh them out with supporting evidence to help the WG
digest what is being asked. I think this is the fairest path forward, but of
course I am open to feedback from others if there is a feeling that I/we should
be approaching this task differently. Thanks
Best wishes,
Ayden
On Thu, May 26, 2016 3:48 PM, Greg Aaron gca at icginc.com wrote:
Dear Ayden:
I have several questions about your summaries; I suggest that they need further
examination, and revision, before they are added to the list.
I am not sure how you derived some of your requirements from the source UN
document. These are non-exhaustive examples:
· The UN doc said: “Contemporary research over the past five years has
highlighted ever-increasing concern of citizens with the ease with which their
good name and reputation may be attacked and destroyed on the Internet as well
as the sense of helplessness that is felt by many netizens when seeking
safeguards and remedies in cases of defamation and/or breach of privacy.” That
is not a policy statement or requirement from the UN, and the document does not
say that online systems must be designed to protect people’s reputations. So I
am not sure how you got from there to here: “The RDS must not be used to allow
the good name and/or reputation of a citizen to be attacked and/or destroyed.
There must be concrete safeguards protecting privacy, and real remedies for
violations to privacy, dignity and reputation online which are or were enabled
by the RDS.”
· Another of your summaries is: “If there is gated access, the RDS must feature
strong encryption.” I do not see where this UN document makes any
recommendations about the use of encryption. It notes that there is concern
about back-doors to circumvent encryption, and does not go so far as to say that
back-doors are against UN policy.
· The UN document does not say that RDS systems “must foster cyberpeace.” It says
“The SRP is firmly of the opinion that Cyberspace risks being ruined by Cyberwar
and Cyber-surveillance and that Governments and other stakeholders should work
towards Cyberpeace. In this sense at least, privacy protection is also part of
the Cyberpeace movement.” In context of the document, that's a statement about
cyberwar and mass state-sponsored cybersurveillance (cf Snowden). Those things
are not about anything like access to domain registration records.
Also, heaven help us if ICANN is responsible for fostering world peace.
I also have an observation about attribution and precision. The document you
summarized makes general statements about privacy and related subjects. It never
refers specifically to WHOIS or domain registration systems, or to any specific
data collection systems. So when you summaries say “The RDS must” do one thing
or another, it makes it sound like the UN Special Rapporteur was writing
specifically about RDS systems. I am sure this was unintentional. There are
other documents that specifically talk about RDS systems and domain data, and I
just suggest that the WG must be clear about what authority said what about
what. Direct quotes from sources are preferable. That may not always be
possible, but I think your summaries went beyond paraphrasing.
With best wishes,
--Greg
From: gnso-rds-pdp-wg-bounces at icann.org [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of Ayden Férdeline
Sent: Thursday, May 26, 2016 9:24 AM
To: Gomes, Chuck <cgomes at verisign.com>
Cc: gnso-rds-pdp-wg at icann.org
Subject: Re: [gnso-rds-pdp-wg] Sign-Up Sheet - Task 8
Hi Lisa,
I would like to add the following six possible requirements to the list please.
These have been inspired by the report from the UN Special Rapporteur on the
Right to Privacy, though I have adjusted the wording where necessary for the
purposes of this exercise.
Foundational Questions (FQ)
* The RDS must foster cyberpeace. Cyberspace will be destroyed by cyberwar and
cybersurveillance if privacy is not respected online. Cyberspace will not be
a peaceful sphere if the RDS enables, in any form, threats posed by
terrorists, the activities of some States, organised crime, and/or
corporations acting illegitimately.
Privacy (PR)
* Any collection of personal data must be both conscious and consenting. Where
individuals are aware that they are making data available for public view, it
must be made clear the extent of the risk to them and their reputation were
this data to be used or misused.
* The RDS must not be used to allow the good name and/or reputation of a
citizen to be attacked and/or destroyed. There must be concrete safeguards
protecting privacy, and real remedies for violations to privacy, dignity and
reputation online which are or were enabled by the RDS.
* In the event that the decision is made for the RDS to contain personal data,
the RDS must actively and regularly raise awareness amongst those individuals
whose personal data is stored to help them understand what privacy is, what
their privacy rights are, and how their privacy may be infringed upon.
Information must also be actively provided on how privacy risks can be
mitigated or minimised, and on what remedies are available if necessary. It
is not sufficient for this information to be communicated solely via
electronic means.
Gated Access (GA)
* If there is gated access, the RDS must feature strong encryption.
* The RDS must not be engineered to contain any back-doors. By introducing a
technical input into an encryption product that would enable any party, even
authorities, access to data, would also make encrypted data vulnerable to
criminals, terrorists and foreign intelligence services, among others. This
would have an undesirable consequence for the security of data stored in the
RDS.
Best wishes,
Ayden Férdeline
On Thu, May 26, 2016 2:06 PM, Gomes, Chuck cgomes at verisign.com wrote:
I think it would be helpful if the instructions for using the wiki were
distributed to the full WG again.
Chuck
From: gnso-rds-pdp-wg-bounces at icann.org [ mailto:gnso-rds-pdp-wg-bounces at icann.org ] On Behalf Of Lisa Phifer
Sent: Wednesday, May 25, 2016 9:50 PM
To: “Ayden Férdeline”
Cc: gnso-rds-pdp-wg at icann.org
Subject: Re: [gnso-rds-pdp-wg] Sign-Up Sheet - Task 8
Hi Ayden,
Thanks for volunteering to cover this document. I have added your name to the
sign-up sheet.
Thanks too for letting us know that you had trouble editing the sign-up sheet to
add your name. You must log in to the wiki in order to edit a page, but no edit
restrictions are defined for that wiki page. If you have logged in but do not
see an “Edit” button at the upper right of the sign-up sheet, please let us
know.
Best, Lisa
At 03:09 PM 5/25/2016, Ayden Férdeline wrote:
Hi Lisa,
I would like to review the following document for requirements please:
Human Rights Council - Report by the UN Special Rapporteur on the right to
privacy (2016)
I do not appear to have the ability to edit the wiki page - I wonder if global
editing is enabled?Â
Best wishes,
Ayden
On Tue, May 24, 2016 7:46 PM, Lisa Phifer lisa at corecom.com wrote:
Per RDS PDP WG Call 24 May, 2016 , Action item #3: Staff to create a sign-up list to facilitate volunteers
coming forward to review documents and identify possible requirements. WG
members to sign up to review documents for possible requirements within 48 hours
of circulation of sign-up sheet (see attached document, also posted on the
WG’s wiki at https://community.icann.org/x/shOOAw ).
Â
Instructions: The wiki sign-up sheet is to be used by RDS PDP WG members to volunteer to extract possible
requirements for gTLD registration data or directory services (see https://community.icann.org/x/8waOAw ) . To volunteer, visit the wiki sign-up sheet at https://community.icann.org/x/shOOAw . Sign up for a key input document that is familiar to you by picking an
unassigned document from the sign-up sheet and entering your name in the
“Volunteer†column. You may volunteer to review multiple documents, but
please sign up for only one document at a time to give all a chance to
contribute in parallel. If you are unable to access the wiki sign-up sheet, you
may reply to this email asking staff to sign you up for a document.
Â
How to submit possible requirements: Send all possible requirements via email to gnso-rds-pdp-wg at icann.org . For each possible requirement:
·       Identify the associated charter question(s);
·       Succinctly quote or paraphrase a possible requirement, focusing on phase 1
policy requirements;
·       Cite the source document by title and hyperlink. Possible requirements may also
be submitted from new sources not already listed below.
Â
For example, Greg just submitted this possible User/Purpose requirement quoted
from SAC055: “There is a critical need for a policy asserting the purpose of
collecting and maintaining registration data. This policy should address the
operational concerns of the parties who collect, maintain or use this data as it
relates to ICANN’s remit.†Additional examples can be found in draft 1 of
the possible requirements list, posted at https://community.icann.org/x/8waOAw .
Â
Due date: WG members are encouraged to make progress on this task before the
next WG call (31 May 2016), at which time the WG will assess progress and
determine a reasonable extension to that initial due date.
Â
Ayden Férdeline
Statement of Interest
Ayden Férdeline
Statement of Interest
Ayden Férdeline Statement of Interest
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20160526/3632911a/attachment.html>
More information about the gnso-rds-pdp-wg
mailing list