[gnso-rds-pdp-wg] What we want redux (was Re: ICANN Meetings/Conversations with Data Protection and Privacy Commissioners)

Holly Raiche h.raiche at internode.on.net
Thu Sep 28 23:54:45 UTC 2017 

Allison

I agree with Andrew and you - up to a point.

Purpose is critical - which is why this group has to focus on it. As the legal opinion makes clear, while ‘anti-abuse’ or other issues of the safety and security of the DNS may not be considered as a primary purpose, the opinion does suggest that they could be considered as secondary purposes - and therefore, a legitimate reason/purpose for which information can be collected.  The test would then be what information is necessary to hold in order to achieve the purpose(s).

Who can have access to what information is a separate question - we aren’t there yet. But it will ask why the individual/organisation needs access to what specific information. And - using gated access mechanisms - access to such individuals/organisations for agreed purpose(s) would be permitted.  The opinion’s discussion of access by law enforcement agencies supports that.

A word of caution here.  Obtaining consent FOLLOWS collection.  That is, ONLY data necessary to achieve agreed purposes is collected in the first place.  Consent is about collection AFTER the determination of what information is collected.  Again, go back to the opinion on that.

I do not, however, agree with your final point.  It does not follow that a new RDS scheme will ‘create excessive risks’.  If  fighting spam, malware, etc is accepted as a legitimate purpose (which seems to be the case) AND individuals/organisations that are involved in dealing with those issues need access to information that is necessary to address the misuse/abuse issues, then the miscreants cannot expect  protection.  

So yes, let’s please focus on purpose - both primary and secondary.

Holly




On 29 Sep 2017, at 8:52 am, allison nixon <elsakoo at gmail.com> wrote:

> I agree with Andrew on this one, the discussion lately is putting the cart before the horse in many respects. The GNSO and most privacy laws will say that data can't be collected for no purpose, and this group has yet to seriously put forth purposes. So when we ask "can we legally collect data?", and provide no real reasons why, of course the answer is no. And when those of us who deal with anti-abuse state our purposes, it only gets sucked into the circular arguments, not actually recorded anywhere official as a group stance.
> 
> But according to GDPR and many other privacy laws, if we have clearly stated purposes, AND we have a clearly defined consent process, we actually can do all these things and don't have to throw the internet into chaos in the name of GDPR. We can even have a public WHOIS just as it is, probably with minor tweaks on the consent side.
> 
> So reasons why we should collect WHOIS data can start with like this:
> 
> A significant percentage of domains are malicious, and public trust in the entire domain name system is in question. People's increasing reliance on blacklists, whitelists, and filters, is a direct consequence of this lack of safety.
> WHOIS is a vital tool for members of the public to ensure safety and interoperability.
> The police are unable to deal with the sheer volume of malicious domains, so locking up information behind a slow-and-expensive-to-obtain court order will hobble network operators and network defenders. Criminals will actively exploit this.
> Fighting spam, malware, espionage, fraud, and other forms of abuse is a legitimate purpose that WHOIS serves, and restrictions on how WHOIS is displayed or collected cannot hinder any of these purposes. 
> We should not identify the person serving legitimate anti-abuse purposes before they can access WHOIS data, because in the case of high profile crime and espionage, it will endanger the person's life.
> All the currently collected information, even the falsified information, is vitally important for these purposes, and every currently collected field has played a pivotal role in numerous network incidents over the years.
> Collecting WHOIS data under a scheme that gives the users an expectation of privacy will create excessive risks as this data is highly likely to be targeted by hackers and stolen. Especially if it contains identities of people investigating espionage. The latter can be a life and death concern.
> etc
> Once we have defined purposes, then we should see what the legal opinions are about those purposes. Hard evidence can be supplied for each of these purposes, likely in excess of what is required.
> 
> 
> 
> 
> 
> 
> 
> On Thu, Sep 28, 2017 at 2:16 PM, Andrew Sullivan <ajs at anvilwalrusden.com> wrote:
> On Thu, Sep 28, 2017 at 08:06:55PM +0200, theo geurts wrote:
> > 1 I agree you need to be specific, but also you should ask, would a DPA
> > accept it? Regardless if that is a DPA in Europe or China or Jamaica.
> > Setting the baseline to the GDPR would be a mistake, these data protection
> > laws are always in motion. As such you need to implement data protection
> > principles when you define purpose. Did we really do that?
> 
> What I am trying to say is that we ought to work out what we need to
> solve.  I think we have only half-done that.  I would like for us to
> complete that, and in particular to look carefully at what data needs
> to be exposed to whom under what conditions in order to move something
> ahead.  I believe that it is not helpful for people to bang shoes on
> the table and say "whois privacy" or "DPA won't accept it".  We ought
> instead to figure out what our problem is and what we want to do to
> solve it, and then ask legal permission _after_ that.
> 
> I think Allison elsewhere just today pointed out that the legal
> analysis currently focusses too much on direct contractual
> relationships and misses the voluntary, no-contract nature of Internet
> operations.  We need to design an answer for that, and then figure out
> how to make the laws as we undertand them to work with that answer.
> 
> Best regards,
> 
> A
> 
> --
> Andrew Sullivan
> ajs at anvilwalrusden.com
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> 
> 
> 
> -- 
> _________________________________
> Note to self: Pillage BEFORE burning.
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170929/62e3b33d/attachment.html>

More information about the gnso-rds-pdp-wg mailing list