[gnso-rds-pdp-wg] Self-certification for a purpose

[Rubens Kuhl]

I was reading the COA suggested framework for privacy laws compliance, available at https://www.icann.org/en/system/files/files/gdpr-cm2-coa-proposal-details-21dec17-en.pdf <https://www.icann.org/en/system/files/files/gdpr-cm2-coa-proposal-details-21dec17-en.pdf> , and noted the suggestion that someone could self-certify for a purpose. Is that really viable on a global scale ? I understand that a good number of common law jurisdictions allow for it, but those that make a false representation can face consequences... for instance, are there consequences that can be imposed on someone that said would access RDS to enforce IP rights and ends up spamming registrants ? If we do provide penalties, can we be sure they are being applied on the right individual ?

While I like the scale advantages and simplifying nature of self-certification, it seems there is something lacking if we are going to use such in RDS. One example of this not working is CZDS, where spammers get the information for newly registered domains and send commercial solicitations, usually of a deceiving nature, for registrants on WHOIS records. It has terms and conditions that would prohibit such activity, with no success whatsoever.



Rubens




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20171223/19ba8451/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 529 bytes
Desc: Message signed with OpenPGP
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20171223/19ba8451/signature.asc>