[gnso-rds-pdp-wg] FW: IMPORTANT
theo geurts
gtheo at xs4all.nl
Sat Oct 14 06:56:23 UTC 2017
A DPIA would not be a bad thing for all WG's that deal with collection
and processing of data (regardless the type of data). Should be a
standard ICANN PDP practice in my opinion. Maybe we should start a PDP
for that ;)
Theo
On 14-10-2017 06:16, jonathan matkowsky wrote:
> Thanks- i have to think more about the point you explained regarding
> the government perspective, and followed all the other feedback, with
> one exception: The Privacy Directove is not law in Europe? I didn’t
> hear that from anyone clearly, just that the regulation amending it is
> subject to intense debate. And we know that the eprivacy directive is
> supposed to be consistent with GDPR as GDPR doesn’t supersede it. So
> if eprivacy directive is law, and has an exception for public
> databases, then we may need to address this to interpret the
> applicable law correctly.
>
> On Fri, Oct 13, 2017 at 3:52 PM Chuck <consult at cgomes.com
> <mailto:consult at cgomes.com>> wrote:
>
> Jonathan,
>
> Please see my responses below.
>
> Chuck
>
> *From:* jonathan matkowsky [mailto:jonathan.matkowsky at riskiq.net
> <mailto:jonathan.matkowsky at riskiq.net>]
> *Sent:* Friday, October 13, 2017 5:51 AM
> *To:* Chuck <consult at cgomes.com <mailto:consult at cgomes.com>>;
> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>
>
> *Subject:* Re: [gnso-rds-pdp-wg] FW: IMPORTANT
>
> Chuck, I don’t understand how anyone can share government
> perspective, and not represent a group in doing so.
>
> */[Chuck Gomes] I don’t understand what you are saying. Why would
> someone have to represent a group to be able to share a government
> perspective? If they have experience working with a government or
> governments or the GAC, they could have an understanding of how
> some governments might respond. It is important to understand
> that individuals including employees of a government organization
> can rarely ever speak for their government; we have heard over and
> over again in the GAC that GAC reps cannot speak for their
> governments in policy work. That understood, it is still helpful
> if they can share their own personal understanding of what they
> think is a government’s perspective. We just have to be careful
> never to conclude that it the government’s official view or the
> GAC’s view. At the same time, having individual’s views has the
> potential of helping us avoid pitfalls later in the process when
> the GAC gets involved and hopefully developing policy that may be
> less concerning to the GAC or at least showing that we tried to
> consider their perspectives. /*
>
> I wanted to know whether leadership team has decided to conduct a
> DPIA, and if so, whether you are using the UK’s guide. I would
> think while it makes sense to be looking at the purposes of
> collection, what is primary and secondary cannot be the focus
> because that presupposes knowing who the controller is. We have
> not yet decided that as a working group. The memo did not
> necessarily take into account the role of offering accreditation
> services and ICANN’s mission.
>
> */[Chuck Gomes] The leadership team has NOT decided to conduct a
> DPIA nor would it be the place of the leadership team to pursue
> that without involving the WG. If the WG decided to initiate a
> DPIA, the leadership team would support what the WG wanted as
> possible./*
>
> But it appears whether it’s primary or secondary doesn’t matter
> for purposes of defining purposes of collecting each data element.
>
> */[Chuck Gomes] I agree with you on this point and I believe that
> WSGR confirmed that, especially in their last clarification on
> this issue./*
>
> We are not defining the purposes of collecting Whois data but the
> data elements of the next generation of Whois. That’s what I meant
> the other day regarding RDS.
>
> */[Chuck Gomes] It seems to me that we will have to define the
> purposes of collecting Whois/RDS data in addition to deciding what
> data elements are included in that data./*
>
> To do that, we are not limited to the data elements that currently
> exist as when we go through this exercise to fulfill ICANN’s
> mission from ICANN’s perspective including all those involved in
> cybersecurity, or to offer accredited registration services. The
> primary purpose of accredited services is to fulfill the mission,
> and to provide that staple of a service to those that register
> names with an accredited registrar. It seems we need to carefully
> consider not only Spec 3 to the 2013 RAA but also Paragraph 14 to
> the 2017 global amendment to the registry agreement which says
> unique DNS records may be supportable in the RDS if RDAP supports
> it. We therefore need to know what RDAP can support, and at the
> very least need to consider all elements from RFC 7485. This is
> not a simple exercise, and will take **significant** time.
>
> */[Chuck Gomes] What do you mean by accredited registration
> services? Do you mean registration services accredited by ICANN
> for registries and registrar to perform? You are correct that we
> are not limited to currently collected data elements or to the
> current RAA. We have several well qualified members who know what
> RDAP supports; if we make any recommendations that require RDAP
> upgrades we would need to take that into consideration and if we
> believe the recommendations are warranted, we would need to seek
> support from the technical community in that regard. /*
>
> As we undertake this, we must know from WS law firm what role the
> public directory service plays in the Privacy Directive, as I
> understand it is not superseded by GDPR, and Whois is a public
> directory. This is critical analysis we are possibly missing. Can
> you ask them to address this ASAP please?
>
> */[Chuck Gomes] We cannot ask WSGR new questions and there is a
> limit to how many clarifications we can expect from them. I
> suspect that the funds in the agreement we had with them are used
> up. We can of course seek additional funding but I am not
> convinced we are ready for that yet. I am sure we will need
> additional expert advice in the future. As others have pointed
> out, the Privacy Directive is not law./*
>
> Thanks
>
> Jonathan
>
> On Wed, Oct 11, 2017 at 11:35 AM Chuck <consult at cgomes.com
> <mailto:consult at cgomes.com>> wrote:
>
> We have 34 volunteers at present; it would help a lot if we
> could get a lot more so that teams will not have to cover more
> than one of the nine purposes.
>
> Thanks much to the 34 of you who have volunteered. I hope
> many more will complete the poll and volunteer in the
> remaining 6 or so hours of the poll.
>
> We are particularly low for the government perspective.
> Remember, team members are not being asked to represent any
> group but rather to share their understanding of the perspective.
>
> Chuck
>
> *From:* gnso-rds-pdp-wg-bounces at icann.org
> <mailto:gnso-rds-pdp-wg-bounces at icann.org>
> [mailto:gnso-rds-pdp-wg-bounces at icann.org
> <mailto:gnso-rds-pdp-wg-bounces at icann.org>] *On Behalf Of
> *Lisa Phifer
> *Sent:* Tuesday, October 10, 2017 10:19 AM
> *To:* gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
> *Subject:* [gnso-rds-pdp-wg] IMPORTANT: Invitation for Poll
> from 10 October Meeting
> *Importance:* High
>
> Dear all,
>
> In follow-up to this week’s WG meeting, *all RDS PDP WG
> Members* are encouraged to participate in the following poll:
>
> https://www.surveymonkey.com/r/5LXJRF3
>
> Responses should be submitted through the above URL. For
> offline reference, a PDF of poll questions can also be found at:
>
> https://community.icann.org/download/attachments/66086772/Poll-from-10OctoberCall.pdf
>
> *This poll will close at COB Wednesday 11 October.
> Expressions of interest gathered through this poll will be
> used form drafting teams.*
>
> Please note that you _must be a WG Member_ to participate in
> polls. If you are a WG Observer wishing to participate in
> polls, you must first contact gnso-secs at icann.org
> <mailto:gnso-secs at icann.org> to upgrade to WG Member.
>
> Regards,
>
> Lisa
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
> --
>
> Jonathan Matkowsky
>
>
> *******************************************************************
> This message was sent from RiskIQ, and is intended only for the
> designated recipient(s). It may contain confidential or
> proprietary information and may be subject to confidentiality
> protections. If you are not a designated recipient, you may not
> review, copy or distribute this message. If you receive this in
> error, please notify the sender by reply e-mail and delete this
> message. Thank you.
>
> *******************************************************************
>
> --
> Jonathan Matkowsky
>
> *******************************************************************
> This message was sent from RiskIQ, and is intended only for the
> designated recipient(s). It may contain confidential or proprietary
> information and may be subject to confidentiality protections. If you
> are not a designated recipient, you may not review, copy or distribute
> this message. If you receive this in error, please notify the sender
> by reply e-mail and delete this message. Thank
> you.*******************************************************************
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20171014/6198136f/attachment-0001.html>
More information about the gnso-rds-pdp-wg
mailing list