[gnso-rds-pdp-wg] ICANN Meetings/Conversations with Data Protection and Privacy Commissioners

Sat Sep 23 07:18:14 UTC 2017

@ Rob very true GDPR is already here just the enforcement of it. 

@ All, However, we are only focussing on GDPR there are other privacy acts that have gone into effect since which already aligns with GDPR like POPI (south africa) https://www.workpool.co/featured/popi/ <https://www.workpool.co/featured/popi/> and so many others are going to be enforcing theres. We are way closer to enforcement. I also know Nigeria has followed closely same and it will be all over. The fact that GDPR pushes others to align everyone even the US Government will be going strong. So really ICANN needs to help us as well. 

It is not way above our head but if we spend time discussing things where there is a document that clearly defines what is required or not, then working blindly puts us as the guarantors of the decision and then it might be resent to the WG to do same all over again to align. In a way i have to say Chuck has been doing his best to lets get doing what is needed or not. And then revisit them on receiving the legal opinions. What i fail to understand is why ICANN is still sitting on top of the opinion. I fear this is not the only group with a communications breakdown. Reminds me when one is in the army and you are dropped somewhere the first thing to do is establish communications then carry on with your mission. 

In this particular case we have been dropped but we are all navigating in the dark. Some countries do not have any Data Protection laws. So my take is lets look at it face to face one way or the other the best way is to ensure we respect privacy laws whether a country practices or has a law or not. I would say let’s just align. Keep things private and ensure based on law enforcement requirements with an order from court as is done when it comes to telecommunications laws. I know SMS and calls are recorded and kept its not about live tapping. So basically i would say make private and with a court order the registries can release pertinent details.

Thats my two cents.

Kris

> On Sep 23, 2017, at 07:23, Rob Golding <rob.golding at astutium.com> wrote:
> 
> On 2017-09-23 03:06, Chuck wrote:
>> 	* The GDPR is set to go into effect in May 2018.
> 
> The GDPR came into effect 20 days after it was published on the 5th May 2016
> 
> Data Processors should be 18months into making they're compliant and have the appropriate policies/procedures in place before _enforcement_ of the regulations starts on May 2018
> 
>> 	* Therefore, it does not seem unreasonable for ICANN staff to be
>> exploring ways to resolve this dilemma
> 
> I'm not sure there is a dilemma - the contract can't require you to break the law.
> 
> Certain aspects of the GDPR will be "interesting" to see how this PDP interprets such things as the right to erasure - does that mean RDS must somehow prohibit all forms of "copying" of the data - how exactly that can be handled if viewed by people with photographic memories, or someone taking an actual photograph with their James Bond matchbox spy camera ?
> 
> etc
> 
> Rob
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

Kris Seeburn
seeburn.k at gmail.com
www.linkedin.com/in/kseeburn/ <http://www.linkedin.com/in/kseeburn/>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170923/1cff6792/attachment-0001.html>