[gnso-rds-pdp-wg] ICANN Meetings/Conversations with Data Protection and Privacy Commissioners
Stephanie Perrin
stephanie.perrin at mail.utoronto.ca
Tue Sep 26 12:34:53 UTC 2017
With all due modesty, I am an expert in privacy legislation, having
worked in this field since 1984 in most capacities (and most
particularly, directing the drafting of the federal law here in Canada).
TBDF provisions appear in most data protection law, they are also
covered in many national constitutions and it is therefore impossible to
actually separate out TBDF from any privacy impact assessment of ICANN
policy and implementation. I don't think an explicit mention in our
Charter is at all necessary, we cannot examine privacy without looking
at TBDF.
Stephanie Perrin
On 2017-09-25 09:24, Alan Greenberg wrote:
> I am far from an expert on privacy legislation. GDPR is probably as
> good a base to look at as any, and perhaps better than some. I do not
> think we are in a position to survey all country's privacy legislation
> to ensure that we are in compliance, and even if we did, laws change
> over time. So we will need to put in place a framework that can adapt
> to local requirements.
>
> One issue that I do not think has been discussed (and is not even
> mentioned in our charter) is transborder data flow. ALthough that may
> be more associated with implementation, I suspect we will have to
> think about it, if only to say that implementation needs to address
> it. In that case, European legislation may not be the most stringent.
>
> Alan
>
>
> At 25/09/2017 08:57 AM, Ayden Férdeline wrote:
>
>> Hi Erica,
>>
>> That is a good question.
>>
>> My view is that GDPR is the best baseline that we have. I say for
>> this for two reasons. Firstly, because the Council of the European
>> Union has advised the European Commission that it cannot negotiate
>> away privacy rights in trade agreements. And secondly, as I touched
>> upon in an email a few days ago, over 100 countries now have data
>> protection laws, many of which were modelled after the European
>> Union’s 1995 Data Protection Directive. It seems possible to me
>> that a desire to emulate best practices could see these laws, based
>> upon the earlier 1995 standard, updated to reflect the standard now
>> set by GDPR.
>>
>> I am happy, of course, to hear alternative perspectives on this issue.
>>
>> Best wishes,
>>
>> Ayden Férdeline
>> linkedin.com/in/ferdeline <http://www.linkedin.com/in/ferdeline>
>>
>>
>>> -------- Original Message --------
>>> Subject: Re: [gnso-rds-pdp-wg] ICANN Meetings/Conversations with
>>> Data Protection and Privacy Commissioners
>>> Local Time: 25 September 2017 1:46 PM
>>> UTC Time: 25 September 2017 12:46
>>> From: gnso-rds-pdp-wg at icann.org
>>> To: gnso-rds-pdp-wg at icann.org
>>>
>>> It is clear that the PDP will have to be aware of and plan for
>>> GDPR-like protections (and not limited to Europe).
>>>
>>>
>>> Jumping back to Kris' comment, and the reference to other privacy
>>> regulations in various countries (i.e. South Africa), do we know for
>>> certain that GDPR is our best baseline? For example, perhaps there
>>> is a different regional set of regulations that are an even lower
>>> common denominator that would ensure compliance not only with GDPR,
>>> but other regions as well - and, hopefully, future laws. Possibly
>>> this has been spoken about before (I'm still rather new here), but I
>>> thought it may be worth confirming since so much of our information
>>> flow, generally speaking, tends to come from the US and the EU over
>>> other regions.
>>>
>>> Within the contect of ICANN, there is no other way to do this
>>> but through a GNSO PDP, and hopefully we can actually complete
>>> this and move forward. How timely we do it will depend on how
>>> willing we are to work together to reach consensus.
>>>
>>>
>>> Well said.
>>>
>>> Best,
>>> Erica
>>>
>>> Erica Varlese | .blog Shepherd @ KKWT
>>> Email: erica at my.blog
>>> Skype: evarlese
>>>
>>>
>>> On Mon, Sep 25, 2017 at 4:07 AM, Volker Greimann
>>> <vgreimann at key-systems.net <mailto:vgreimann at key-systems.net>> wrote:
>>>
>>>
>>> With the new proposals for whois privacy provider accreditation
>>> currently in the works and the costs attached to that program
>>> both in aded requirements that have to be followed and the
>>> accreditation cost, this service will never be "free".
>>>
>>> Volker
>>>
>>> Am 23.09.2017 um 15:47 schrieb John Bambenek via gnso-rds-pdp-wg:
>>>> Is one of there ways of exploring how to resolve the issue
>>>> including making whois privacy for free for individual
>>>> registrants?
>>>>
>>>> --
>>>> John Bambenek
>>>>
>>>> On Sep 22, 2017, at 21:06, Chuck <consult at cgomes.com
>>>> <mailto:consult at cgomes.com>> wrote:
>>>>
>>>>> Without in any way detracting from the concern for
>>>>> ICANN transparency and the need for keeping our PDP
>>>>> informed, I think it is important for us to recognize
>>>>> a few things:
>>>>> The GDPR is set to go into effect in May 2018.
>>>>> While I am cautiously hopeful that the RDS PDP WG will
>>>>> improve progress in our work, there is no way we will
>>>>> be close to done by May 2018.
>>>>> In the meantime, contracted parties will be faced with
>>>>> some serious conflicts between the terms of their
>>>>> agreements with ICANN and the GDPR that could result
>>>>> in significant fines if they continue to comply with
>>>>> their ICANN agreements.
>>>>> Therefore, it does not seem unreasonable for ICANN
>>>>> staff to be exploring ways to resolve this dilemma
>>>>> until policy work can be completed.
>>>>>
>>>>>
>>>>> Chuck
>>>>>
>>>>>
>>>>>
>>>>> From: gnso-rds-pdp-wg-bounces at icann.org
>>>>> <mailto:gnso-rds-pdp-wg-bounces at icann.org>
>>>>> [mailto:gnso-rds-pdp-wg-bounces at icann.org
>>>>> <mailto:gnso-rds-pdp-wg-bounces at icann.org>] On Behalf
>>>>> Of Vayra, Fabricio (Perkins Coie)
>>>>> Sent: Friday, September 22, 2017 8:16 AM
>>>>> To: Andrew Sullivan <ajs at anvilwalrusden.com
>>>>> <mailto:ajs at anvilwalrusden.com> >;
>>>>> gnso-rds-pdp-wg at icann.org
>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>> Subject: Re: [gnso-rds-pdp-wg] ICANN
>>>>> Meetings/Conversations with Data Protection and
>>>>> Privacy Commissioners
>>>>>
>>>>>
>>>>>
>>>>> Appreciate this feedback, Andrew. Simply put, my
>>>>> concern is that these independent and misinformed
>>>>> conversations will result in bad decision making that
>>>>> will run counter to our efforts here in this
>>>>> duly-constituted PDP WG that is following the standard
>>>>> ICANN processes for developing policy -- if not render
>>>>> them useless altogether. Which in turn highlights my
>>>>> earlier comment that this side-show effort from ICANN
>>>>> runs counter to the bottom up / standard ICANN
>>>>> processes for developing policy.
>>>>>
>>>>>
>>>>>
>>>>> Maybe it's just me making a mountain out of a
>>>>> molehill, but Stephanie echoing these concerns on the
>>>>> last call encouraged me to reach out to my fellow WG
>>>>> members to see if others share the concern and wanted
>>>>> to act on it.
>>>>>
>>>>>
>>>>>
>>>>> Others?
>>>>>
>>>>>
>>>>>
>>>>> -----Original Message-----
>>>>> From: gnso-rds-pdp-wg-bounces at icann.org
>>>>> <mailto:gnso-rds-pdp-wg-bounces at icann.org>
>>>>> [mailto:gnso-rds-pdp-wg-bounces at icann.org
>>>>> <mailto:gnso-rds-pdp-wg-bounces at icann.org>] On Behalf
>>>>> Of Andrew Sullivan
>>>>> Sent: Friday, September 22, 2017 11:09 AM
>>>>> To: gnso-rds-pdp-wg at icann.org
>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>> Subject: Re: [gnso-rds-pdp-wg] ICANN
>>>>> Meetings/Conversations with Data Protection and
>>>>> Privacy Commissioners
>>>>>
>>>>>
>>>>>
>>>>> Hi,
>>>>>
>>>>>
>>>>>
>>>>> On Fri, Sep 22, 2017 at 02:51:44PM +0000, Vayra,
>>>>> Fabricio (Perkins Coie) wrote:
>>>>>
>>>>> >
>>>>>
>>>>> > I couldn’t agree more with Stephanie and find it
>>>>> incredible that ICANN, despite our ongoing efforts and
>>>>> the plethora of published community concerns, are
>>>>> continuing with the approach of rushing to discussions
>>>>> with Data Protection and Privacy Commissioners
>>>>> “half-cocked.†Putting aside the apparent widely
>>>>> shared view that this approach is misinformed and
>>>>> dangerous, it’s simply redundant of and does not
>>>>> take advantage of our work within this PDP process --
>>>>> one could even say that it runs counter to the bottom
>>>>> up and community led initiative on RDS/WHOIS.
>>>>>
>>>>> >
>>>>>
>>>>>
>>>>>
>>>>> I don't understand what the problem is supposed to
>>>>> be. We are a
>>>>>
>>>>> duly-constituted PDP WG that is following the standard
>>>>> ICANN processes
>>>>>
>>>>> for developing policy. If other parts of ICANN want
>>>>> to talk to data
>>>>>
>>>>> protection and privacy commissioners, or activists in
>>>>> favour of
>>>>>
>>>>> publishing all personal data available in the
>>>>> universe, or privacy
>>>>>
>>>>> activists who think the DNS should be closed in favour
>>>>> of onion
>>>>>
>>>>> routing, or the committee of the Present King of
>>>>> France and the Easter
>>>>>
>>>>> Bunny, why should we care? In the event (for which I
>>>>> have diminshing
>>>>>
>>>>> hope) that we publish a report that is actionable by
>>>>> the GNSO, the
>>>>>
>>>>> ordinary ICANN policy mechanisms will grind forward no
>>>>> matter what
>>>>>
>>>>> meetings people have had.
>>>>>
>>>>>
>>>>>
>>>>> We can best contribute to that end, in my opinion, by
>>>>> focussing on
>>>>>
>>>>> getting done the work that we are supposed to be
>>>>> doing, rather than
>>>>>
>>>>> worrying about all the other things other people might
>>>>> be doing. By
>>>>>
>>>>> concentrating on this and making some progress, we
>>>>> might even reduce
>>>>>
>>>>> the temptation of others to second guess this
>>>>> process. At the rate we
>>>>>
>>>>> are currently moving, we appear to be destined to
>>>>> deliver something
>>>>>
>>>>> right after heat death of the universe, and I suggest
>>>>> that that pace
>>>>>
>>>>> is partly because there is no issue on which people
>>>>> are willing to
>>>>>
>>>>> focus, come to a clear conclusion, and then let that
>>>>> conclusion stand.
>>>>>
>>>>>
>>>>>
>>>>> I therefore urge that we focus on our task and not
>>>>> make our job harder
>>>>>
>>>>> than it already is by attending to outside distractions.
>>>>>
>>>>>
>>>>>
>>>>> Best regards,
>>>>>
>>>>>
>>>>>
>>>>> A
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> Andrew Sullivan
>>>>>
>>>>> ajs at anvilwalrusden.com <mailto:ajs at anvilwalrusden.com>
>>>>>
>>>>> _______________________________________________
>>>>>
>>>>> gnso-rds-pdp-wg mailing list
>>>>>
>>>>> gnso-rds-pdp-wg at icann.org
>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>
>>>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_mailman_listinfo_gnso-2Drds-2Dpdp-2Dwg&d=DwIGaQ&c=XRWvQHnpdBDRh-yzrHjqLpXuHNC_9nanQc6pPG_SpT0&r=6lUxzkhJPN5qts-Nve5TYqxoGjP81z1kCvXgsmw-MiQ&m=9eU57wIVscyGuvbIbm2BAi8LELlVrSQBl5k9N2YJxfQ&s=EWf3FrLMoZXzDzHkrW30uyrwfH-GkQk1TGt5Jc2ndKs&e
>>>>> =
>>>>>
>>>>>
>>>>> ------------------------------------------------------------------------
>>>>>
>>>>>
>>>>> NOTICE: This communication may contain privileged or
>>>>> other confidential information. If you have received
>>>>> it in error, please advise the sender by reply email
>>>>> and immediately delete the message and any attachments
>>>>> without copying or disclosing the contents. Thank you.
>>>>> _______________________________________________
>>>>> gnso-rds-pdp-wg mailing list
>>>>> gnso-rds-pdp-wg at icann.org
>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>>
>>>> gnso-rds-pdp-wg mailing list
>>>> gnso-rds-pdp-wg at icann.org
>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>
>>>
>>> --
>>>
>>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>>> Mit freundlichen Grüßen,
>>> Volker A. Greimann
>>> - Rechtsabteilung -
>>> Key-Systems GmbH
>>> Im Oberen Werk 1
>>> 66386 St. Ingbert
>>> Tel.: +49 (0) 6894 - 9396 901 <tel:+49%206894%209396901>
>>> Fax.: +49 (0) 6894 - 9396 851 <tel:+49%206894%209396851>
>>> Email: vgreimann at key-systems.net
>>> <mailto:vgreimann at key-systems.net>
>>> Web: www.key-systems.net <http://www.key-systems.net> /
>>> www.RRPproxy.net <http://www.rrpproxy.net/>
>>> www.domaindiscount24.com <http://www.domaindiscount24.com> /
>>> www.BrandShelter.com <http://www.brandshelter.com/>
>>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei
>>> Facebook:
>>> www.facebook.com/KeySystems
>>> <http://www.facebook.com/KeySystems>
>>> www.twitter.com/key_systems
>>> <http://www.twitter.com/key_systems>
>>> Geschäftsführer: Alexander Siffrin
>>> Handelsregister Nr.: HR B 18835 - Saarbruecken
>>> Umsatzsteuer ID.: DE211006534
>>> Member of the KEYDRIVE GROUP
>>> www.keydrive.lu <http://www.keydrive.lu>
>>> Der Inhalt dieser Nachricht ist vertraulich und nur für den
>>> angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe,
>>> Veröffentlichung oder Weitergabe an Dritte durch den
>>> Empfänger ist unzulässig. Sollte diese Nachricht nicht
>>> für Sie bestimmt sein, so bitten wir Sie, sich mit uns per
>>> E-Mail oder telefonisch in Verbindung zu setzen.
>>> --------------------------------------------
>>> Should you have any further questions, please do not
>>> hesitate to contact us.
>>> Best regards,
>>> Volker A. Greimann
>>> - legal department -
>>> Key-Systems GmbH
>>> Im Oberen Werk 1
>>> 66386 St. Ingbert
>>> Tel.: +49 (0) 6894 - 9396 901 <tel:+49%206894%209396901>
>>> Fax.: +49 (0) 6894 - 9396 851 <tel:+49%206894%209396851>
>>> Email: vgreimann at key-systems.net
>>> <mailto:vgreimann at key-systems.net>
>>> Web: www.key-systems.net <http://www.key-systems.net> /
>>> www.RRPproxy.net <http://www.rrpproxy.net/>
>>> www.domaindiscount24.com <http://www.domaindiscount24.com> /
>>> www.BrandShelter.com <http://www.brandshelter.com/>
>>> Follow us on Twitter or join our fan community on Facebook
>>> and stay updated:
>>> www.facebook.com/KeySystems
>>> <http://www.facebook.com/KeySystems>
>>> www.twitter.com/key_systems
>>> <http://www.twitter.com/key_systems>
>>> CEO: Alexander Siffrin
>>> Registration No.: HR B 18835 - Saarbruecken
>>> V.A.T. ID.: DE211006534
>>> Member of the KEYDRIVE GROUP
>>> www.keydrive.lu <http://www.keydrive.lu>
>>> This e-mail and its attachments is intended only for the
>>> person to whom it is addressed. Furthermore it is not
>>> permitted to publish any content of this email. You must not
>>> use, disclose, copy, print or rely on this e-mail. If an
>>> addressing or transmission error has misdirected this
>>> e-mail, kindly notify the author by replying to this e-mail
>>> or contacting us by telephone.
>>>
>>>
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>
>>
>> Content-Type: text/plain; charset="us-ascii"
>> Content-Transfer-Encoding: 7bit
>> Content-Disposition: inline
>> X-Microsoft-Exchange-Diagnostics:
>> 1;DM5PR03MB2714;27:hvd+12IHFEDC5zG2SFGJUI8wzX09iFX8918xshWCQo/rid5WRmWbOSDBecFyjNyKMeBpbcVirQ6f821KkUUeGsZynHEE1O0FFdMERWm0q/Vqwzdu+L9IxmvRP11LCIVh
>> X-Microsoft-Antispam-Mailbox-Delivery:
>> ex:0;auth:0;dest:I;ENG:(400001000128)(400125000095)(20160514016)(750103)(520002050)(400001001223)(400125100095)(61617095)(400001002128)(400125200095);
>>
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>
>
> This body part will be downloaded on demand.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170926/c7691626/attachment-0001.html>
More information about the gnso-rds-pdp-wg
mailing list