[gnso-rds-pdp-wg] ICANN Meetings/Conversations with Data Protection and Privacy Commissioners
John Bambenek
jcb at bambenekconsulting.com
Tue Sep 26 12:48:50 UTC 2017
We just need to pick a reasonable baseline. There already is a process to handle conflicts with WHOIS and local laws (https://whois.icann.org/en/revised-icann-procedure-handling-whois-conflicts-privacy-law).
There is no reasonable way to pick some way to accommodate them all absolutely. Picking one set blindly also smacks of regionalism. ICANNs mandate is to protect the stability and security of the internet. Let's focus on the mission and not the secondary concerns.
--
John Bambenek
> On Sep 26, 2017, at 07:34, Stephanie Perrin <stephanie.perrin at mail.utoronto.ca> wrote:
>
> With all due modesty, I am an expert in privacy legislation, having worked in this field since 1984 in most capacities (and most particularly, directing the drafting of the federal law here in Canada). TBDF provisions appear in most data protection law, they are also covered in many national constitutions and it is therefore impossible to actually separate out TBDF from any privacy impact assessment of ICANN policy and implementation. I don't think an explicit mention in our Charter is at all necessary, we cannot examine privacy without looking at TBDF.
>
> Stephanie Perrin
>
>> On 2017-09-25 09:24, Alan Greenberg wrote:
>> I am far from an expert on privacy legislation. GDPR is probably as good a base to look at as any, and perhaps better than some. I do not think we are in a position to survey all country's privacy legislation to ensure that we are in compliance, and even if we did, laws change over time. So we will need to put in place a framework that can adapt to local requirements.
>>
>> One issue that I do not think has been discussed (and is not even mentioned in our charter) is transborder data flow. ALthough that may be more associated with implementation, I suspect we will have to think about it, if only to say that implementation needs to address it. In that case, European legislation may not be the most stringent.
>>
>> Alan
>>
>>
>> At 25/09/2017 08:57 AM, Ayden Férdeline wrote:
>>
>>> Hi Erica,
>>>
>>> That is a good question.
>>>
>>> My view is that GDPR is the best baseline that we have. I say for this for two reasons. Firstly, because the Council of the European Union has advised the European Commission that it cannot negotiate away privacy rights in trade agreements. And secondly, as I touched upon in an email a few days ago, over 100 countries now have data protection laws, many of which were modelled after the European Union’s 1995 Data Protection Directive. It seems possible to me that a desire to emulate best practices could see these laws, based upon the earlier 1995 standard, updated to reflect the standard now set by GDPR.
>>>
>>> I am happy, of course, to hear alternative perspectives on this issue.
>>>
>>> Best wishes,
>>>
>>> Ayden Férdeline
>>> linkedin.com/in/ferdeline
>>>
>>>
>>>> -------- Original Message --------
>>>> Subject: Re: [gnso-rds-pdp-wg] ICANN Meetings/Conversations with Data Protection and Privacy Commissioners
>>>> Local Time: 25 September 2017 1:46 PM
>>>> UTC Time: 25 September 2017 12:46
>>>> From: gnso-rds-pdp-wg at icann.org
>>>> To: gnso-rds-pdp-wg at icann.org
>>>>
>>>> It is clear that the PDP will have to be aware of and plan for GDPR-like protections (and not limited to Europe).
>>>>
>>>>
>>>> Jumping back to Kris' comment, and the reference to other privacy regulations in various countries (i.e. South Africa), do we know for certain that GDPR is our best baseline? For example, perhaps there is a different regional set of regulations that are an even lower common denominator that would ensure compliance not only with GDPR, but other regions as well - and, hopefully, future laws. Possibly this has been spoken about before (I'm still rather new here), but I thought it may be worth confirming since so much of our information flow, generally speaking, tends to come from the US and the EU over other regions.
>>>>
>>>> Within the contect of ICANN, there is no other way to do this but through a GNSO PDP, and hopefully we can actually complete this and move forward. How timely we do it will depend on how willing we are to work together to reach consensus.
>>>>
>>>>
>>>> Well said.
>>>>
>>>> Best,
>>>> Erica
>>>>
>>>> Erica Varlese | .blog Shepherd @ KKWT
>>>> Email: erica at my.blog
>>>> Skype: evarlese
>>>>
>>>>
>>>> On Mon, Sep 25, 2017 at 4:07 AM, Volker Greimann < vgreimann at key-systems.net> wrote:
>>>>
>>>> With the new proposals for whois privacy provider accreditation currently in the works and the costs attached to that program both in aded requirements that have to be followed and the accreditation cost, this service will never be "free".
>>>>
>>>> Volker
>>>>
>>>>> Am 23.09.2017 um 15:47 schrieb John Bambenek via gnso-rds-pdp-wg:
>>>>> Is one of there ways of exploring how to resolve the issue including making whois privacy for free for individual registrants?
>>>>>
>>>>> --
>>>>> John Bambenek
>>>>>
>>>>> On Sep 22, 2017, at 21:06, Chuck <consult at cgomes.com> wrote:
>>>>>
>>>>>> Without in any way detracting from the concern for ICANN transparency and the need for keeping our PDP informed, I think it is important for us to recognize a few things:
>>>>>> The GDPR is set to go into effect in May 2018.
>>>>>> While I am cautiously hopeful that the RDS PDP WG will improve progress in our work, there is no way we will be close to done by May 2018.
>>>>>> In the meantime, contracted parties will be faced with some serious conflicts between the terms of their agreements with ICANN and the GDPR that could result in significant fines if they continue to comply with their ICANN agreements.
>>>>>> Therefore, it does not seem unreasonable for ICANN staff to be exploring ways to resolve this dilemma until policy work can be completed.
>>>>>>
>>>>>>
>>>>>> Chuck
>>>>>>
>>>>>>
>>>>>>
>>>>>> From: gnso-rds-pdp-wg-bounces at icann.org [ mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of Vayra, Fabricio (Perkins Coie)
>>>>>> Sent: Friday, September 22, 2017 8:16 AM
>>>>>> To: Andrew Sullivan <ajs at anvilwalrusden.com >; gnso-rds-pdp-wg at icann.org
>>>>>> Subject: Re: [gnso-rds-pdp-wg] ICANN Meetings/Conversations with Data Protection and Privacy Commissioners
>>>>>>
>>>>>>
>>>>>>
>>>>>> Appreciate this feedback, Andrew. Simply put, my concern is that these independent and misinformed conversations will result in bad decision making that will run counter to our efforts here in this duly-constituted PDP WG that is following the standard ICANN processes for developing policy -- if not render them useless altogether. Which in turn highlights my earlier comment that this side-show effort from ICANN runs counter to the bottom up / standard ICANN processes for developing policy.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Maybe it's just me making a mountain out of a molehill, but Stephanie echoing these concerns on the last call encouraged me to reach out to my fellow WG members to see if others share the concern and wanted to act on it.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Others?
>>>>>>
>>>>>>
>>>>>>
>>>>>> -----Original Message-----
>>>>>> From: gnso-rds-pdp-wg-bounces at icann.org [ mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of Andrew Sullivan
>>>>>> Sent: Friday, September 22, 2017 11:09 AM
>>>>>> To: gnso-rds-pdp-wg at icann.org
>>>>>> Subject: Re: [gnso-rds-pdp-wg] ICANN Meetings/Conversations with Data Protection and Privacy Commissioners
>>>>>>
>>>>>>
>>>>>>
>>>>>> Hi,
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, Sep 22, 2017 at 02:51:44PM +0000, Vayra, Fabricio (Perkins Coie) wrote:
>>>>>>
>>>>>> >
>>>>>>
>>>>>> > I couldn’t agree more with Stephanie and find it incredible that ICANN, despite our ongoing efforts and the plethora of published community concerns, are continuing with the approach of rushing to discussions with Data Protection and Privacy Commissioners “half-cocked.†Putting aside the apparent widely shared view that this approach is misinformed and dangerous, it’s simply redundant of and does not take advantage of our work within this PDP process -- one could even say that it runs counter to the bottom up and community led initiative on RDS/WHOIS.
>>>>>>
>>>>>> >
>>>>>>
>>>>>>
>>>>>>
>>>>>> I don't understand what the problem is supposed to be. We are a
>>>>>>
>>>>>> duly-constituted PDP WG that is following the standard ICANN processes
>>>>>>
>>>>>> for developing policy. If other parts of ICANN want to talk to data
>>>>>>
>>>>>> protection and privacy commissioners, or activists in favour of
>>>>>>
>>>>>> publishing all personal data available in the universe, or privacy
>>>>>>
>>>>>> activists who think the DNS should be closed in favour of onion
>>>>>>
>>>>>> routing, or the committee of the Present King of France and the Easter
>>>>>>
>>>>>> Bunny, why should we care? In the event (for which I have diminshing
>>>>>>
>>>>>> hope) that we publish a report that is actionable by the GNSO, the
>>>>>>
>>>>>> ordinary ICANN policy mechanisms will grind forward no matter what
>>>>>>
>>>>>> meetings people have had.
>>>>>>
>>>>>>
>>>>>>
>>>>>> We can best contribute to that end, in my opinion, by focussing on
>>>>>>
>>>>>> getting done the work that we are supposed to be doing, rather than
>>>>>>
>>>>>> worrying about all the other things other people might be doing. By
>>>>>>
>>>>>> concentrating on this and making some progress, we might even reduce
>>>>>>
>>>>>> the temptation of others to second guess this process. At the rate we
>>>>>>
>>>>>> are currently moving, we appear to be destined to deliver something
>>>>>>
>>>>>> right after heat death of the universe, and I suggest that that pace
>>>>>>
>>>>>> is partly because there is no issue on which people are willing to
>>>>>>
>>>>>> focus, come to a clear conclusion, and then let that conclusion stand.
>>>>>>
>>>>>>
>>>>>>
>>>>>> I therefore urge that we focus on our task and not make our job harder
>>>>>>
>>>>>> than it already is by attending to outside distractions.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Best regards,
>>>>>>
>>>>>>
>>>>>>
>>>>>> A
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Andrew Sullivan
>>>>>>
>>>>>> ajs at anvilwalrusden.com
>>>>>>
>>>>>> _______________________________________________
>>>>>>
>>>>>> gnso-rds-pdp-wg mailing list
>>>>>>
>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>>
>>>>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_mailman_listinfo_gnso-2Drds-2Dpdp-2Dwg&d=DwIGaQ&c=XRWvQHnpdBDRh-yzrHjqLpXuHNC_9nanQc6pPG_SpT0&r=6lUxzkhJPN5qts-Nve5TYqxoGjP81z1kCvXgsmw-MiQ&m=9eU57wIVscyGuvbIbm2BAi8LELlVrSQBl5k9N2YJxfQ&s=EWf3FrLMoZXzDzHkrW30uyrwfH-GkQk1TGt5Jc2ndKs&e =
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> NOTICE: This communication may contain privileged or other confidential information. If you have received it in error, please advise the sender by reply email and immediately delete the message and any attachments without copying or disclosing the contents. Thank you.
>>>>>> _______________________________________________
>>>>>> gnso-rds-pdp-wg mailing list
>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>>
>>>>> gnso-rds-pdp-wg mailing list
>>>>>
>>>>>
>>>>> gnso-rds-pdp-wg at icann.org
>>>>>
>>>>>
>>>>>
>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>
>>>>
>>>> --
>>>>
>>>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>>>>
>>>>
>>>> Mit freundlichen Grüßen,
>>>>
>>>>
>>>> Volker A. Greimann
>>>>
>>>> - Rechtsabteilung -
>>>>
>>>>
>>>> Key-Systems GmbH
>>>>
>>>> Im Oberen Werk 1
>>>>
>>>> 66386 St. Ingbert
>>>>
>>>> Tel.: +49 (0) 6894 - 9396 901
>>>>
>>>> Fax.: +49 (0) 6894 - 9396 851
>>>>
>>>> Email:
>>>> vgreimann at key-systems.net
>>>>
>>>>
>>>> Web: www.key-systems.net /
>>>> www.RRPproxy.net
>>>>
>>>> www.domaindiscount24.com
>>>> /
>>>>
>>>> www.BrandShelter.com
>>>>
>>>>
>>>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
>>>>
>>>>
>>>> www.facebook.com/KeySystems
>>>>
>>>>
>>>> www.twitter.com/key_systems
>>>>
>>>>
>>>> Geschäftsführer: Alexander Siffrin
>>>>
>>>> Handelsregister Nr.: HR B 18835 - Saarbruecken
>>>>
>>>> Umsatzsteuer ID.: DE211006534
>>>>
>>>>
>>>> Member of the KEYDRIVE GROUP
>>>>
>>>> www.keydrive.lu
>>>>
>>>>
>>>> Der Inhalt dieser Nachricht ist vertraulich und nur für den
>>>> angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe,
>>>> Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist
>>>> unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so
>>>> bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu
>>>> setzen.
>>>>
>>>>
>>>> --------------------------------------------
>>>>
>>>>
>>>> Should you have any further questions, please do not hesitate to
>>>> contact us.
>>>>
>>>>
>>>> Best regards,
>>>>
>>>>
>>>> Volker A. Greimann
>>>>
>>>> - legal department -
>>>>
>>>>
>>>> Key-Systems GmbH
>>>>
>>>> Im Oberen Werk 1
>>>>
>>>> 66386 St. Ingbert
>>>>
>>>> Tel.: +49 (0) 6894 - 9396 901
>>>>
>>>> Fax.: +49 (0) 6894 - 9396 851
>>>>
>>>> Email:
>>>> vgreimann at key-systems.net
>>>>
>>>>
>>>> Web: www.key-systems.net /
>>>> www.RRPproxy.net
>>>>
>>>> www.domaindiscount24.com
>>>> /
>>>>
>>>> www.BrandShelter.com
>>>>
>>>>
>>>> Follow us on Twitter or join our fan community on Facebook and stay
>>>> updated:
>>>>
>>>>
>>>> www.facebook.com/KeySystems
>>>>
>>>>
>>>> www.twitter.com/key_systems
>>>>
>>>>
>>>> CEO: Alexander Siffrin
>>>>
>>>> Registration No.: HR B 18835 - Saarbruecken
>>>>
>>>> V.A.T. ID.: DE211006534
>>>>
>>>>
>>>> Member of the KEYDRIVE GROUP
>>>>
>>>> www.keydrive.lu
>>>>
>>>>
>>>> This e-mail and its attachments is intended only for the person to
>>>> whom it is addressed. Furthermore it is not permitted to publish any
>>>> content of this email. You must not use, disclose, copy, print or rely on
>>>> this e-mail. If an addressing or transmission error has misdirected this
>>>> e-mail, kindly notify the author by replying to this e-mail or contacting
>>>> us by telephone.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> gnso-rds-pdp-wg mailing list
>>>> gnso-rds-pdp-wg at icann.org
>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>
>>> Content-Type: text/plain; charset="us-ascii"
>>> Content-Transfer-Encoding: 7bit
>>> Content-Disposition: inline
>>> X-Microsoft-Exchange-Diagnostics:
>>> 1;DM5PR03MB2714;27:hvd+12IHFEDC5zG2SFGJUI8wzX09iFX8918xshWCQo/rid5WRmWbOSDBecFyjNyKMeBpbcVirQ6f821KkUUeGsZynHEE1O0FFdMERWm0q/Vqwzdu+L9IxmvRP11LCIVh
>>> X-Microsoft-Antispam-Mailbox-Delivery:
>>> ex:0;auth:0;dest:I;ENG:(400001000128)(400125000095)(20160514016)(750103)(520002050)(400001001223)(400125100095)(61617095)(400001002128)(400125200095);
>>>
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>
>>
>> This body part will be downloaded on demand.
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170926/4cdf0b6d/attachment-0001.html>
More information about the gnso-rds-pdp-wg
mailing list