[gnso-rds-pdp-wg] international law enforcement association resolution regarding domain registration data

Thu Apr 27 19:21:17 UTC 2017

I fail to see anything appealing in this future scenario. Was this meant to
be appealing?

Sharing whois info is also a vital part of legitimate use of whois. Not
only the company's whois info, but even the owners' personal sites and
their whois info.

On Thu, Apr 27, 2017 at 3:16 PM, theo geurts <gtheo at xs4all.nl> wrote:

> Hi John,
>
> Let's use this solution to explore and let me put you on the spot in this
> exercise ;)
>
> Now I am going to modify your example and focus on RDS with gated access.
> In this scenario, all info is available worldwide with the exception of EU
> Registrants that are not a company. This access is restricted and requires
> gated access.
>
> The first thing that will happen is a rise of EU registrants with Rogue
> Pharmacies how will enjoy the protection of gated access for the wrong
> reasons in my opinion.
>
> What is the solution?
> LegitScript, and I suggest others will have a good look at Article 40
> (code of conduct) of the GDPR.
> After you and others went through this process, you almost have gated
> access.
>
> The only barrier left is Privacy Shield certification and its key
> requirements.
> https://www.privacyshield.gov/Key-New-Requirements
>
> Congrats! You are all set and done, welcome to the gated access!
>
> Sure you have to comply with a set of rules and regulations, but access is
> there.
>
> Of course, you will have to stop showing full WHOIS info like for
> pharmacy-xl.com also, and you cannot push the data to other companies
> without consent from the data subject, after all, you got a subsidiary
> company located in Dublin and you do not want to end up with a 20 million
> Euro fine.
>
> Best regards,
>
> Theo
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> Well, on that note, let me propose a solution to consider.
>
> Volker and others have pointed out that the EU has some legal requirements
> pertaining to privacy. As far as I can tell, these generally don't exist
> elsewhere. (That's not to say "nowhere," but it's the exception, not the
> rule.) Let's stipulate, for the sake of argument, that registrars in those
> countries have to adhere to those laws. However, the purpose of privacy
> laws in Germany, France or Sweden are to protect the citizens of those
> countries -- not registrants in other countries.
>
> As a trade-off, it seems reasonable to me to explore a solution where EU
> registrars agree to forego accepting domain name registrations from outside
> their own jurisdiction. We can then have a bi-furcated system -- this
> should only apply to registrants using the domain name for non-commercial
> reasons, by the way, since the privacy laws only apply to individuals, not
> corporations -- where, say, a German citizen can register with Key-Systems
> (for example) and enjoy whatever data protections Key-Systems feels that it
> needs to implement. (Volker, I'm not picking on you here, I'm just using
> you as an EU-based example.) It's incredibly easy to implement technically:
> just restrict the available countries in the drop-down menu during
> registration to a single country.
>
> After all, as a US citizen, why should I -- or a Chinese citizen, or a
> Brazilian citizen -- have the right to avail myself of the privacy
> protections afforded by the German government to German citizens? Those
> aren't meant for me.
>
> And, after all, why should privacy protections that apply to a minority of
> the world's population force a global change everywhere?
>
> I'd be interested to hear from registrars whether, in exchange for being
> able to implement rigorous privacy protections for domain names used for
> non-commercial purposes, they would be willing to forego accepting
> registrations from outside of their own jurisdiction (or, perhaps, the EU).
> This would allow Volker and others to comply with their own laws but in a
> minimally disruptive way.
>
> John Horton
> President and CEO, LegitScript
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
>
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>

-- 
_________________________________
Note to self: Pillage BEFORE burning.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170427/bd829eda/attachment.html>