[gnso-rds-pdp-wg] WSGR Final Memorandum
John Bambenek
jcb at bambenekconsulting.com
Fri Sep 29 15:51:48 UTC 2017
This is intentionally inflammatory. If that were true, we'd already have
hit squads roaming the planet. And likely, we'd have a whole lot less
spam and abuse. But it's not only not true, you KNOW its not true.
You're just dumping fuel on a fire. For what purpose, I have no idea.
On 9/29/2017 9:54 AM, Volker Greimann wrote:
>
> Hi Allison,
>
> it appears you belong to the school of thinking that any means is
> legitimate to catch or prevent crime, whereas I belong to the school
> of thinking that limits those means the means not infringing on the
> rights of third parties. That is ok, we agree to disagree and move on.
>
>
> Am 29.09.2017 um 16:12 schrieb allison nixon:
>> [Volker's mail]
>> >>the reason why phishing, spam, and malware never appeared in the
>> document is because they have nothing to do with the question of
>> privacy rights. Except that violating such rights exposes the data
>> subjects to those forms of abuse.
>>
>> False. What makes copyright violation(which was spoken about numerous
>> times in the doc) more relevant than spam/fraud/phishing/malware? Who
>> made that determination? It was stated numerous times that the rights
>> of the registrant have to be weighed against the rights of the people
>> exposed to these domains. Since spam, fraud, phishing, malware, are
>> all issues relevant to the general public, they are relevant issues
>> to weigh. This sounds like an attempt to throw out an issue because
>> no sane counter-argument exists for it. You are once again trolling
>> the group with irrelevant and illogical arguments while attempting to
>> throw out arguments that are relevant.
> Again, I expect a retraction and apology. Not accepting my argument
> does not entitle anyone to name-calling or questioning my motives,
> especially when the person making the allegations is doing the very
> same thing he/she is alleging me of doing to invalidate my arguments.
>
> Anyway, your comment has nothing to do with the point I was making. No
> one is making one form of abuse more relevant than another. Yet when
> weighing the prevention of abuse against the legal rights of
> uninvolved third parties, those third parties win, unless there is a
> legal justification that these rights may be infringed upon or set aside.
>
>
>>
>> [Volker's mail]
>> >>I agree that this group does not make policy for ccTLDs, but we do
>> not operate in a vacuum. ccTLDs - due to the variety of their
>> approaches - have been an ideal policy testing ground and I see no
>> reasons not to take what works from the various ccTLD policies. If
>> something works well for .eu, why should it not also work well for
>> .africa, for example? or .com?
>>
>> Quite a few ccTLDs require additional identifying information to
>> prove that the person is a resident of that country or that there is
>> a physical corporate presence within the country. We could follow
>> that model if you're so interested in that- quite a few ccTLDs have
>> very low rates of abuse due to the elaborate checks in place to
>> resolve the registrant to a known person or entity. Are you willing
>> to front the costs? You aren't, because you are trolling.
>
> I am aware of these models, we are specialized in serving next to all
> ccTLDs after all. In most cases such verification does not occur at
> the time of registration though, and when it does, it is usually not a
> European registry. And yes, there are even those where it is, and in
> those cases, that information, while collected, is for the exclusive
> use of the registry and not being published. And finally, where such
> publication does occur despite privacy regulations being in place as
> well, there always is a legal basis for it, not the whim of the registry.
>
>>
>> [Volker's mail]
>> >>it is interesting that despite studies showing there is no
>> correlation between domain abuse and use of domain privacy, the same
>> argument is being raised again and again.
>>
>> A convenient misinterpretation of the facts. It's not a reliable
>> indicator, it is one factor out of many, and it is a significant
>> factor. No single indicator is a reliable indicator. you are once
>> again trolling.
> It seems you are really running out of good arguments if this baseless
> and unwarranted accusation is all you have to bring to the table to
> counter my argument.
>
> Best,
> Volker
>>
>>
>>
>> On Fri, Sep 29, 2017 at 9:05 AM, John Bambenek via gnso-rds-pdp-wg
>> <gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>> wrote:
>>
>> I think you mistake his point. Domain whois data IS useful in
>> fighting abuse according to everyone who actually fights abuse.
>> The report referenced making the statement it did shows there
>> remains a misunderstanding on that point.
>>
>> Sent from my iPad
>>
>> On Sep 29, 2017, at 3:20 AM, Volker Greimann
>> <vgreimann at key-systems.net <mailto:vgreimann at key-systems.net>> wrote:
>>
>>> Hi Theo,
>>>
>>> it is interesting that despite studies showing there is no
>>> correlation between domain abuse and use of domain privacy, the
>>> same argument is being raised again and again. from my own
>>> experience of looking at the abuse complaints we receive, I note
>>> that only a small fraction of abusive registrations use our
>>> privacy functions. In most cases, harvested real data is used
>>> instead.
>>>
>>> Best,
>>>
>>> Volker
>>>
>>>
>>>
>>>>
>>>> https://www.icann.org/en/system/files/files/sadag-final-09aug17-en.pdf
>>>> <https://www.icann.org/en/system/files/files/sadag-final-09aug17-en.pdf>
>>>>
>>>> This report mentions: The usage of Privacy or Proxy Services by
>>>> itself is not a reliable indicator of abuse.
>>>>
>>>> Thanks again,
>>>>
>>>> Theo
>>>>
>>>> Again it is clear now, thanks all.
>>>> On 28-9-2017 20:50, Dotzero wrote:
>>>>> To add to what Allison has indicated, websites do analysis of
>>>>> these sorts of datapoints for evaluating transactions for
>>>>> fraud and potential abuse. For example, signups form domains
>>>>> that have private registrations have a very high propensity to
>>>>> be related to abuse. Signups and visits to our websites from
>>>>> IP addresses belonging to hosting providers have an even
>>>>> higher correlation with abuse (how many endusers browse the
>>>>> web from severs in datacenters?).
>>>>>
>>>>> This is not police action, it is organizations protecting
>>>>> themselves, their other users and the internet at large from
>>>>> abusive activity.
>>>>>
>>>>> Michael Hammer
>>>>>
>>>>> On Thu, Sep 28, 2017 at 2:33 PM, allison nixon
>>>>> <elsakoo at gmail.com <mailto:elsakoo at gmail.com>> wrote:
>>>>>
>>>>> Reputation is based on a lot of different points not just
>>>>> contents of WHOIS data. If the .EU TLD can keep its
>>>>> customer base clean, there isn't much need for WHOIS data
>>>>> for the most part, however this group doesn't make policy
>>>>> for ccTLDs. For other TLDs that this group does recommend
>>>>> policy for, for example, .XYZ, which boasts a
>>>>> greater-than-90-percent rate of maliciousness, any
>>>>> legitimate domain in that space will need some other
>>>>> points of reputation to make up for that. WHOIS is part of
>>>>> that, including the age, and actual contact details.
>>>>>
>>>>> That said, WHOIS data is an important part of tracing
>>>>> ownership and it can have consequences for the registrant.
>>>>>
>>>>> Recently we had to deal with a ccTLD of .ir that was being
>>>>> used to control large botnets. The current and historical
>>>>> WHOIS data showed signs that a legitimate registrant's
>>>>> account was stolen to do this. Thus, when the complaint
>>>>> was sent to the registrar, the registrant was not accused
>>>>> of running botnets, but instead the registrar was alerted
>>>>> to an abuse of the service and they could take action
>>>>> accordingly. If the ownership of this domain could not be
>>>>> traced, and if there were not skilled investigators on the
>>>>> other end, would the registrant have been in danger of
>>>>> going to an Iranian prison?
>>>>>
>>>>> It turns out, the ccTLD of .ir was specifically chosen
>>>>> because the criminals thought the poor international
>>>>> relations would hamper law enforcement action. However
>>>>> WHOIS and the transparency it provides allowed people to
>>>>> discover the truth and prevent serious problems. By
>>>>> locking up WHOIS behind court orders, these cross-border
>>>>> issues will become worse.
>>>>>
>>>>> Also, to be clear since a lot of people can't seem to tell
>>>>> the difference, everything we did was well within the
>>>>> bounds of civil action, we weren't "pretending to be the
>>>>> police" or any of the other things people in this group
>>>>> accuse security companies of doing when they deal with
>>>>> malware. Any member of the public can file an abuse complaint.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Sep 28, 2017 at 2:10 PM, theo geurts
>>>>> <gtheo at xs4all.nl <mailto:gtheo at xs4all.nl>> wrote:
>>>>>
>>>>> Allison,
>>>>>
>>>>> Does this problem also exsist with TLDs like .EU, .NL,
>>>>> .DE, .FR just to name a few ccTLDs?
>>>>>
>>>>> Curious,
>>>>>
>>>>> Theo
>>>>>
>>>>>
>>>>> On 28-9-2017 19:42, allison nixon wrote:
>>>>>> >> So, I can see a day that if privacy advocates
>>>>>> and/or EU legislation fears prevent such a Best
>>>>>> Practice as proper WHOIS records, the service
>>>>>> providers will simply choose practices, such as 'you
>>>>>> cannot access our service unless you have public
>>>>>> whois information available'.
>>>>>>
>>>>>> It's already happening. Try sending an e-mail using a
>>>>>> domain behind WHOIS privacy. Some anti-spam systems
>>>>>> drop it straight in the garbage because WHOIS privacy
>>>>>> is already a negative reputation point. If WHOIS gets
>>>>>> shut down, I fully expect groups like Spamhaus,
>>>>>> M3AAWG, APWG, etc, to publish a set of guidelines
>>>>>> that registrants need to abide by in order to send
>>>>>> mail, or be accessible by people behind corporate
>>>>>> firewalls that block based on reputation. ICANN must
>>>>>> understand that they are at risk of losing relevancy
>>>>>> if they want to take this hardline approach, because
>>>>>> if a law breaks the continued functioning of a
>>>>>> network, the network will route around it.
>>>>>>
>>>>>> Look at the "cookies" EU law. Did that actually stop
>>>>>> any websites from using cookies? No, it just created
>>>>>> a popup that no one reads but everyone clicks through
>>>>>> to visit the website. Because breaking cookies breaks
>>>>>> websites.
>>>>>>
>>>>>>
>>>>>> >>Some of us have real jobs too..
>>>>>>
>>>>>> which is the main reason why i can't spend 8 hours
>>>>>> every day watching this group, unlike some people
>>>>>> here who have been active in this group for years now.
>>>>>>
>>>>>>
>>>>>>
>>>>>> My response to Chuck's email earlier, I bolded the
>>>>>> responses and tagged the start and end of my replies
>>>>>> for clarity:
>>>>>>
>>>>>> "independent answers to the same questions we
>>>>>> asked the European data protection experts
>>>>>> earlier in the year"
>>>>>> [Chuck Gomes] That was a request from WG members
>>>>>> who felt that the DP experts might be biased.
>>>>>> The questions were developed by the WG. There
>>>>>> were two primary reasons for using the same
>>>>>> questions: 1) both groups would be responding to
>>>>>> the same questions and therefore make it easy to
>>>>>> compare; 2) the questions were approved by the WG.
>>>>>>
>>>>>>
>>>>>> *<allison>I don't think anyone accused the DP experts
>>>>>> of being biased. The objection was that the questions
>>>>>> themselves were biased. The words "phishing" and
>>>>>> "spam" and "malware" never once appeared in this
>>>>>> entire document, despite being major core issues. The
>>>>>> only abuse issues that were focused on were in
>>>>>> relation to intellectual property violation and
>>>>>> harassment of women, both of which are not the major
>>>>>> issues most of us deal with on a daily basis(not to
>>>>>> belittle them but they are generally not the reason
>>>>>> why we are here today). The word "fraud" was
>>>>>> mentioned once in a question and then never directly
>>>>>> addressed in the response.*
>>>>>> *
>>>>>> *
>>>>>> *Additionally, my entire industry was grossly
>>>>>> misrepresented in question #6. None of us operate
>>>>>> with police powers, and none of us pretend to have
>>>>>> any. When we submit a complaint to a registrar about
>>>>>> one of their customers breaking the law, the
>>>>>> illegality of the act provides necessary
>>>>>> justification for the registrar to drop the customer
>>>>>> without a refund. This is not prosecution of a crime,
>>>>>> and claiming it is such is a lie. Evidence of
>>>>>> breaking the law is necessary because registrars
>>>>>> aren't just going to take down any customer we say we
>>>>>> don't like. I wholly object to the entire line they
>>>>>> continued on about cybersecurity companies and
>>>>>> "quasi-police powers", because the question never
>>>>>> differentiated between civil and criminal actions and
>>>>>> it was therefore misleading. *
>>>>>> *
>>>>>> *
>>>>>> *None of the questions addressed the issues that
>>>>>> registrants have where their WHOIS and other
>>>>>> reputation points affect the de-facto functionality
>>>>>> of a domain, for example a domain's functionality is
>>>>>> hampered when it is on blocklists. Or if someone
>>>>>> sends a complaint against the domain and has no tools
>>>>>> to differentiate the registrant from the criminal (as
>>>>>> registrar accounts are often hacked), then the
>>>>>> incorrect accusation can also affect the operability
>>>>>> of the domain as it is mistakenly taken down in
>>>>>> confusion. None of the questions ask about conflicts
>>>>>> between GDPR and basic network-level-functionality of
>>>>>> domains.*
>>>>>> *
>>>>>> *
>>>>>> *Also, none of the questions ask if a free
>>>>>> no-obligation alternative (whois privacy protect)
>>>>>> enhances the validity of consent given for making
>>>>>> WHOIS records public. </allison>*
>>>>>>
>>>>>>
>>>>>> So we weren't allowed to ask questions of these
>>>>>> legal experts? You know, they can't magically
>>>>>> divine all legitimate use cases. The session with
>>>>>> the EU data protection experts earlier this year
>>>>>> is the exact same one we objected to because anti
>>>>>> abuse use cases got exactly zero representation.
>>>>>> So why choose that exact set of questions again
>>>>>> especially since an entire group of people have
>>>>>> joined the group afterwards(actually, due to this
>>>>>> specific problem of lack of representation)? And
>>>>>> then label it "final", really.
>>>>>> [Chuck Gomes] We didn’t ask them to consider use
>>>>>> cases except as they were relevant to the
>>>>>> questions we asked; that is our job and we
>>>>>> prepared a list of those a long time ago. We
>>>>>> asked them to focus on their understanding of
>>>>>> European Data Protection law. Our WG has a good
>>>>>> mix of people that use RDS data for different uses.
>>>>>>
>>>>>>
>>>>>> *<allison>And his answers are borderline useless. The
>>>>>> scenarios presented were extremely poor, and not
>>>>>> reflecting today's Internet and the problems network
>>>>>> operators face. For example, when he writes "This
>>>>>> means that the term 'vital interest' is to be
>>>>>> interpreted as referring to an individual’s life,
>>>>>> health, safety, or other such interest that is
>>>>>> essential to their physical wellbeing", he goes on to
>>>>>> talk about IP violations, the rights of a child, the
>>>>>> economic interests of a search engine, finally
>>>>>> concluding "we believe that the **conditions for
>>>>>> using the 'legitimate interests' legal basis would
>>>>>> not be satisfied".*
>>>>>> *
>>>>>> *
>>>>>> *That's a complete misrepresentation of the interests
>>>>>> at stake here. The issue at hand is not the economic
>>>>>> interests of one company nor about mere copyright
>>>>>> infringement. The WHOIS data resource is used to
>>>>>> combat all types of fraud, international espionage,
>>>>>> rigging of elections, and so many hostile attacks.
>>>>>> Some of these attacks, especially DDOS, frequently
>>>>>> threaten basic functionality of the Internet. It has
>>>>>> an international strategic value and promotes lawful
>>>>>> behavior far more than it hurts. It's used to create
>>>>>> cleaner, safer networks. There are countless
>>>>>> documented instances where WHOIS played a key role
>>>>>> and where the replacement system would have allowed
>>>>>> the malicious behavior to continue. All of these
>>>>>> facts have been conveniently left out of the
>>>>>> question, and since the lawyer can't be expected to
>>>>>> know all this, he has no choice but to conclude that
>>>>>> the legitimate interests provided are too weak.
>>>>>> </allison>*
>>>>>>
>>>>>>
>>>>>> Havent gone through it yet, will do so as i get
>>>>>> time. Expecting to see the same result one can
>>>>>> expect when one doesn't represent entire groups
>>>>>> of constituencies.
>>>>>> [Chuck Gomes] What do you mean by representing
>>>>>> ‘entire groups of constituencies’? Do you
>>>>>> represent an entire constituency? Are you aware
>>>>>> of any constituencies who are not represented in
>>>>>> the WG? If so, please encourage them to participate.
>>>>>>
>>>>>>
>>>>>> *<allison>Dozens of people joined this mailing list
>>>>>> after numerous events demonstrated that this working
>>>>>> group did not consider the overall well being of the
>>>>>> Internet, and had a completely skewed idea of the
>>>>>> problems the Internet faces today. People were
>>>>>> outraged that this group was going in the direction
>>>>>> it was going, ignoring how the Internet actually
>>>>>> works. The fact that these questions were chosen- and
>>>>>> the fact that the new membership(especially those
>>>>>> that joined after the questions were initially asked)
>>>>>> were not given any opportunity to provide input on
>>>>>> questions to the lawyer- does not reflect well on the
>>>>>> leadership of this working group. Even when the
>>>>>> original questions were created, as far as I can
>>>>>> tell, only people physically present at that meeting
>>>>>> had any chance to provide input. For those of us with
>>>>>> jobs in operations, being ever-present for this
>>>>>> working group is impossible, and none of us have the
>>>>>> stamina that some of the people here have, because we
>>>>>> are busy working. *
>>>>>> *
>>>>>> *
>>>>>> *At its most charitable interpretation, the choice of
>>>>>> these specific questions could be an innocent
>>>>>> oversight or miscommunication. At its least
>>>>>> charitable, it looks like ICANN's money was wasted on
>>>>>> a procedural trick to keep facts out of the
>>>>>> conversation and continue to push a narrow agenda.*
>>>>>> *
>>>>>> *
>>>>>> *People from numerous unrelated Internet companies
>>>>>> and law firms flooded this group earlier this year
>>>>>> once sunshine was shed on this group's activities.
>>>>>> Maybe that's important. Please take it seriously.
>>>>>> </allison>*
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Wed, Sep 27, 2017 at 6:22 PM, Michael Peddemors
>>>>>> <michael at linuxmagic.com
>>>>>> <mailto:michael at linuxmagic.com>> wrote:
>>>>>>
>>>>>> IMHO, If ICANN cannot figure out how to make a
>>>>>> proper functioning WHOIS policy, we have to
>>>>>> remember that the community at large will, and
>>>>>> then simply, ICANN will loose relevance on this
>>>>>> issue.
>>>>>>
>>>>>> No one passed a law that a mail server had to
>>>>>> have a functioning PTR record, (well yes, some
>>>>>> international spam legislations clearly spelled
>>>>>> out the need for clearly specifying the operator)
>>>>>> but if you want to send email today, functionally
>>>>>> you need a PTR record.
>>>>>>
>>>>>> Only problem is, that often it is the biggest
>>>>>> players that set those standards, and it is the
>>>>>> role of organizations like ICANN to level the
>>>>>> field, and make sure that directions aren't
>>>>>> dictated by the biggest players on the block, and
>>>>>> never more so in a world of consolidation and
>>>>>> cloud providers.
>>>>>>
>>>>>> I think it was Yahoo that was one of the first
>>>>>> big players to simply not accept connections from
>>>>>> IP(s) with no PTR, and I know we were one of the
>>>>>> early adopters to that strategy..
>>>>>>
>>>>>> So, I can see a day that if privacy advocates
>>>>>> and/or EU legislation fears prevent such a Best
>>>>>> Practice as proper WHOIS records, the service
>>>>>> providers will simply choose practices, such as
>>>>>> 'you cannot access our service unless you have
>>>>>> public whois information available'.
>>>>>>
>>>>>> It would be far better if ICANN can understand
>>>>>> the importance of that need, and make a statement
>>>>>> that everyone can get behind and point to, that
>>>>>> levels that field, in 'spite' of possible
>>>>>> contradictory privacy information.
>>>>>>
>>>>>> Let's just simple keep these two conversations
>>>>>> separate, one should NOT affect the other, this
>>>>>> isn't a privacy vs information publishing
>>>>>> standards issue, we can have both.
>>>>>>
>>>>>> (And again, I assert that simply 'informed
>>>>>> consent' can always deal with any situations
>>>>>> where they conflict)
>>>>>>
>>>>>> -- Michael --
>>>>>>
>>>>>> PS, my concern is that this lengthy wrangling
>>>>>> prevents real work from getting done, and the
>>>>>> participants who are integral to this
>>>>>> conversation will fall by the way side, and the
>>>>>> lobbyist's will simply wear them down ..
>>>>>>
>>>>>> Some of us have real jobs too..
>>>>>>
>>>>>>
>>>>>> On 17-09-27 02:58 PM, John Bambenek via
>>>>>> gnso-rds-pdp-wg wrote:
>>>>>>
>>>>>> A simple policy proscription would be, for
>>>>>> instance, to say under US law if you get a
>>>>>> domain under the control of a US registrar,
>>>>>> we need you to consent to full disclosure.
>>>>>> Don't like it, pick a European ccTLD. I don't
>>>>>> advocate that, mind you, but that's the kind
>>>>>> of policy balkanization could produce.
>>>>>>
>>>>>> j
>>>>>>
>>>>>>
>>>>>> On 09/27/2017 04:31 PM, Paul Keating wrote:
>>>>>>
>>>>>> I am failing to understand how such a
>>>>>> walled-garden approach will solve anything.
>>>>>>
>>>>>> 1.EU <http://1.EU> registrars/registries
>>>>>> would still have to deal with GDPR.
>>>>>>
>>>>>> 2.Registrars are not aided by the
>>>>>> distinction since they would still end up
>>>>>> with EU customers and EU registrant data.
>>>>>>
>>>>>> PRK
>>>>>>
>>>>>> From: <gnso-rds-pdp-wg-bounces at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg-bounces at icann.org>
>>>>>> <mailto:gnso-rds-pdp-wg-bounces at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg-bounces at icann.org>>>
>>>>>> on behalf of jonathan matkowsky
>>>>>> <jonathan.matkowsky at riskiq.net
>>>>>> <mailto:jonathan.matkowsky at riskiq.net>
>>>>>> <mailto:jonathan.matkowsky at riskiq.net
>>>>>> <mailto:jonathan.matkowsky at riskiq.net>>>
>>>>>> Date: Wednesday, September 27, 2017 at
>>>>>> 11:03 PM
>>>>>> To: Rubens Kuhl <rubensk at nic.br
>>>>>> <mailto:rubensk at nic.br>
>>>>>> <mailto:rubensk at nic.br
>>>>>> <mailto:rubensk at nic.br>>>
>>>>>> Cc: RDS PDP WG <gnso-rds-pdp-wg at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>>>
>>>>>> Subject: Re: [gnso-rds-pdp-wg] WSGR Final
>>>>>> Memorandum
>>>>>>
>>>>>> Assuming for argument's sake that's
>>>>>> true without taking any
>>>>>> position as I'm still catching up
>>>>>> from a week ago, I'm not sure
>>>>>> this should be dismissed without
>>>>>> consideration as a possibility,
>>>>>> although obviously not by any stretch
>>>>>> of the imagination ideal -->
>>>>>> non-EU registrars block EU
>>>>>> registrants, and registries contract
>>>>>> with non-EU registrars.
>>>>>>
>>>>>> On Tue, Sep 26, 2017 at 8:25 PM,
>>>>>> Rubens Kuhl <rubensk at nic.br
>>>>>> <mailto:rubensk at nic.br>
>>>>>> <mailto:rubensk at nic.br
>>>>>> <mailto:rubensk at nic.br>>> wrote:
>>>>>>
>>>>>>
>>>>>> On Sep 26, 2017, at 7:17 PM,
>>>>>> John Horton
>>>>>> <john.horton at legitscript.com
>>>>>> <mailto:john.horton at legitscript.com>
>>>>>>
>>>>>> <mailto:john.horton at legitscript.com
>>>>>> <mailto:john.horton at legitscript.com>>>
>>>>>> wrote:
>>>>>>
>>>>>> Much of this problem goes
>>>>>> away if we all agree that EU-based
>>>>>> registrars should henceforth
>>>>>> only be allowed to accept
>>>>>> registrants in the EU. Aside
>>>>>> from the effect on EU
>>>>>> registrars' revenue, what's
>>>>>> the logical argument against that
>>>>>> from a policy perspective?
>>>>>>
>>>>>> After all, isn't the purpose
>>>>>> of the GDPR to protect _EU
>>>>>> residents_?
>>>>>>
>>>>>>
>>>>>> That's correct, but the
>>>>>> conclusion is not. Non-EU registrars
>>>>>> are also subject to GDPR if
>>>>>> targeting EU customers, which
>>>>>> could be as simple as providing
>>>>>> services in EU languages and
>>>>>> accepting registration
>>>>>> transactions from the EU.
>>>>>> So, for the problem to go away
>>>>>> non-EU registrars would need to
>>>>>> block EU registrants, and
>>>>>> registries would only be able to
>>>>>> enter contracts with non-EU
>>>>>> registrars.
>>>>>>
>>>>>> So EU users would either be happy
>>>>>> using numeric IP addresses,
>>>>>> or develop a naming system of
>>>>>> their own. Then we would have
>>>>>> balkanisation, this time actually
>>>>>> including the original balkans.
>>>>>>
>>>>>>
>>>>>> Rubens
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> gnso-rds-pdp-wg mailing list
>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>>
>>>>>>
>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>
>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> *******************************************************************
>>>>>> This message was sent from RiskIQ,
>>>>>> and is intended only for the
>>>>>> designated recipient(s). It may
>>>>>> contain confidential or
>>>>>> proprietary information and may be
>>>>>> subject to confidentiality
>>>>>> protections. If you are not a
>>>>>> designated recipient, you may not
>>>>>> review, copy or distribute this
>>>>>> message. If you receive this in
>>>>>> error, please notify the sender by
>>>>>> reply e-mail and delete this
>>>>>> message. Thank
>>>>>>
>>>>>> you.*******************************************************************_______________________________________________
>>>>>> gnso-rds-pdp-wg mailing list
>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>>
>>>>>>
>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> gnso-rds-pdp-wg mailing list
>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> gnso-rds-pdp-wg mailing list
>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> "Catch the Magic of Linux..."
>>>>>> ------------------------------------------------------------------------
>>>>>> Michael Peddemors, President/CEO LinuxMagic Inc.
>>>>>> Visit us at http://www.linuxmagic.com @linuxmagic
>>>>>> ------------------------------------------------------------------------
>>>>>> A Wizard IT Company - For More Info
>>>>>> http://www.wizard.ca
>>>>>> "LinuxMagic" a Registered TradeMark of Wizard
>>>>>> Tower TechnoServices Ltd.
>>>>>> ------------------------------------------------------------------------
>>>>>> 604-682-0300 <tel:604-682-0300> Beautiful British
>>>>>> Columbia, Canada
>>>>>>
>>>>>> This email and any electronic data contained are
>>>>>> confidential and intended
>>>>>> solely for the use of the individual or entity to
>>>>>> which they are addressed.
>>>>>> Please note that any views or opinions presented
>>>>>> in this email are solely
>>>>>> those of the author and are not intended to
>>>>>> represent those of the company.
>>>>>>
>>>>>> _______________________________________________
>>>>>> gnso-rds-pdp-wg mailing list
>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> _________________________________
>>>>>> Note to self: Pillage BEFORE burning.
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> gnso-rds-pdp-wg mailing list
>>>>>> gnso-rds-pdp-wg at icann.org
>>>>>> <mailto:gnso-rds-pdp-wg at icann.org>
>>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> _________________________________
>>>>> Note to self: Pillage BEFORE burning.
>>>>>
>>>>> _______________________________________________
>>>>> gnso-rds-pdp-wg mailing list
>>>>> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> gnso-rds-pdp-wg mailing list
>>>> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>>
>>> --
>>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>>>
>>> Mit freundlichen Grüßen,
>>>
>>> Volker A. Greimann
>>> - Rechtsabteilung -
>>>
>>> Key-Systems GmbH
>>> Im Oberen Werk 1
>>> 66386 St. Ingbert
>>> Tel.: +49 (0) 6894 - 9396 901 <tel:+49%206894%209396901>
>>> Fax.: +49 (0) 6894 - 9396 851 <tel:+49%206894%209396851>
>>> Email: vgreimann at key-systems.net <mailto:vgreimann at key-systems.net>
>>>
>>> Web: www.key-systems.net <http://www.key-systems.net> / www.RRPproxy.net <http://www.RRPproxy.net>
>>> www.domaindiscount24.com <http://www.domaindiscount24.com> / www.BrandShelter.com <http://www.BrandShelter.com>
>>>
>>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
>>> www.facebook.com/KeySystems <http://www.facebook.com/KeySystems>
>>> www.twitter.com/key_systems <http://www.twitter.com/key_systems>
>>>
>>> Geschäftsführer: Alexander Siffrin
>>> Handelsregister Nr.: HR B 18835 - Saarbruecken
>>> Umsatzsteuer ID.: DE211006534
>>>
>>> Member of the KEYDRIVE GROUP
>>> www.keydrive.lu <http://www.keydrive.lu>
>>>
>>> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>>>
>>> --------------------------------------------
>>>
>>> Should you have any further questions, please do not hesitate to contact us.
>>>
>>> Best regards,
>>>
>>> Volker A. Greimann
>>> - legal department -
>>>
>>> Key-Systems GmbH
>>> Im Oberen Werk 1
>>> 66386 St. Ingbert
>>> Tel.: +49 (0) 6894 - 9396 901 <tel:+49%206894%209396901>
>>> Fax.: +49 (0) 6894 - 9396 851 <tel:+49%206894%209396851>
>>> Email: vgreimann at key-systems.net <mailto:vgreimann at key-systems.net>
>>>
>>> Web: www.key-systems.net <http://www.key-systems.net> / www.RRPproxy.net <http://www.RRPproxy.net>
>>> www.domaindiscount24.com <http://www.domaindiscount24.com> / www.BrandShelter.com <http://www.BrandShelter.com>
>>>
>>> Follow us on Twitter or join our fan community on Facebook and stay updated:
>>> www.facebook.com/KeySystems <http://www.facebook.com/KeySystems>
>>> www.twitter.com/key_systems <http://www.twitter.com/key_systems>
>>>
>>> CEO: Alexander Siffrin
>>> Registration No.: HR B 18835 - Saarbruecken
>>> V.A.T. ID.: DE211006534
>>>
>>> Member of the KEYDRIVE GROUP
>>> www.keydrive.lu <http://www.keydrive.lu>
>>>
>>> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>>>
>>>
>>>
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>
>>
>>
>>
>> --
>> _________________________________
>> Note to self: Pillage BEFORE burning.
>
> --
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>
> Mit freundlichen Grüßen,
>
> Volker A. Greimann
> - Rechtsabteilung -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.net
> www.domaindiscount24.com / www.BrandShelter.com
>
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
> www.facebook.com/KeySystems
> www.twitter.com/key_systems
>
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken
> Umsatzsteuer ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu
>
> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>
> --------------------------------------------
>
> Should you have any further questions, please do not hesitate to contact us.
>
> Best regards,
>
> Volker A. Greimann
> - legal department -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.net
> www.domaindiscount24.com / www.BrandShelter.com
>
> Follow us on Twitter or join our fan community on Facebook and stay updated:
> www.facebook.com/KeySystems
> www.twitter.com/key_systems
>
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken
> V.A.T. ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu
>
> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>
>
>
--
--
John Bambenek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170929/6195e4fb/attachment-0001.html>
More information about the gnso-rds-pdp-wg
mailing list