[gnso-rds-pdp-wg] Does the principle of proportionality apply to thin data?

John Bambenek jcb at bambenekconsulting.com
Wed May 31 19:50:45 UTC 2017 

Someone get a third party legal opinion on whether thin data falls under privacy laws. It is pointless for us to debate what needs to be done when operating under divergent understands of what data the law applies to. 

If thin data actually does fall under GDPR et al then fine. I think the consensus here is that it doesn't which makes compliance a non-issue. But let's actually get the answer of whether thin data applies or not. 

Sent from my iPhone

> On May 31, 2017, at 14:01, nathalie coupet <nathaliecoupet at yahoo.com> wrote:
> 
> Benefits: making sure ICANN is in compliance with privacy laws. Isn't it the purpose of this WG? Issues pertaining to cost and protection of IP address I will leave other to answer. But it seems to me that pseudonimization, randomization and encryption could be candidate solutions. 
> 
>  
> Nathalie 
> 
> 
> On Wednesday, May 31, 2017 2:48 PM, John Bambenek via gnso-rds-pdp-wg <gnso-rds-pdp-wg at icann.org> wrote:
> 
> 
> This applies a web interface... would an API be exposed for those of us who use the command-line? Would there be a central point of query or would a consumer have to google it? Who pays for constructing such a system and what is the commensurate return on the investment for them paying to make all this? If you are asking for this information, surely you are also getting source data (for instance consumer IP, which can be PII), how will all that be protected?
> There is a whole lot of complexity, in general, and costs for registries/registrars, specifically.  What problem does this solve that it makes sense to engineer a solution for it?
> 
>> On 5/31/2017 1:40 PM, nathalie coupet via gnso-rds-pdp-wg wrote:
> 
> Hi Chuck,
> 
> My position was and is to secure unauthenticated access to thin data for all. 
> I envisioned access to RDS through 3 chock points to weed out bad actors as much as possible: 
> An end-user would need to check the first box for authenticated/unauthenticated access, then another         box for consumer and a third would be to select the purpose or a default purpose would be selected for him (maybe no purpose could also be possible). 
> Consumers don't need all the thin data to be published for their simple queries, since - in my mind - they want to make sure the website is legitimate or they want to identify the author in case of abuse (such as defamation, abuse or threats). 
> If the principle of proportionality doesn't apply to most other cases, that's fine. But I think it does apply for simple consumer queries. 
> This is an interesting debate, but I never thought it would lead to people actually proposing to drop vital data for the functioning of the Internet.
> I had in mind the other principle that you do not volunteer data when it is not required. It should be useful. Not because it is PPI, but out of caution.
> 
> 
> 
> Sent from my iPhone
> 
> On May 31, 2017, at 2:21 PM, Gomes, Chuck <cgomes at verisign.com> wrote:
> 
> 
> Nathalie,
>  
> Thank you for your suggestion that the principle of proportionality be added.  That has generated a very lively discussion.
>  
> As I am sure you have seen, a lot of WG members have stated that they do not believe that the principle of proportionality applies to thin data and have provided what I think is pretty good rationale in support of their position.  As the originator of the suggestion, do you still maintain that the principle applies to thin data?  If so, how would you counter the arguments that have been made to the contrary?
>  
> All – If anyone else thinks that the principle of proportionality applies to think data, please speak up and provide your counters to the arguments that have been made to the contrary.
>  
> Chuck
> 
> 
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> 
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170531/8c34c1ca/attachment.html>

More information about the gnso-rds-pdp-wg mailing list