[gnso-rds-pdp-wg] Facebook loses Belgian court case over consent and tracking
Stephanie Perrin
stephanie.perrin at mail.utoronto.ca
Wed Feb 21 04:02:39 UTC 2018
Actually no, Steve, we sorted this out a few months ago....Andrew
Sullivan explained all of this patiently and in great detail, as I
recall. I tried to explain the difference between data elements
constituting PI, because of their association with an individual, and
the requirements to protect. I think I failed dismally in that effort,
because I see we are re-arguing those issues.
cheers Stephanie
On 2018-02-20 11:50, Steve Crocker wrote:
> I'm puzzled by the reference to name servers and A records. These are
> necessarily public else the domain name system won't function. Is
> there confusion or misunderstanding about the role of these records?
>
> Steve
>
>
> On Tue, Feb 20, 2018 at 11:47 AM, allison nixon <elsakoo at gmail.com
> <mailto:elsakoo at gmail.com>> wrote:
>
> 1,000,000% agreed. Registrars cannot eliminate all their risk by
> masking WHOIS into oblivion. The DPAs can still ask why they are
> exposing A records, nameservers, etc, to anyone who asks for them,
> without valid reasons or authentication. Why do they expose zone
> files, etc. The DPAs can ask why customer support can sometimes so
> easily be social engineered into handing over accounts to account
> takeover scammers.
>
> Since most registrars are also hosting providers/mail providers,
> would criminals storing stolen PII on your servers be a GDPR
> issue? After all, the ultimate owner of the server is also
> considered a "processor", which has interesting implications if
> one's customers include phishers, or sell stolen credit cards, and
> one's already been notified. I have even seen miscreants putting
> doxes in TXT records.
>
> I already know of quite a few incidents where people would have
> had standing to file a GDPR complaint against registrars/hosters,
> unrelated to WHOIS.
>
> Eventually the issue is going to impact the core business model of
> registrars. This isn't going to stop at WHOIS. An open dialog with
> the DPAs at an early stage is of utmost importance for all parties
> involved here.
>
>
> On Mon, Feb 19, 2018 at 10:16 AM, Sam Lanfranco <sam at lanfranco.net
> <mailto:sam at lanfranco.net>> wrote:
>
> Benny,
>
> This is why I support multi-venue multi-stakholder dialogue
> with the DPA's so that they are appraised of the issues on all
> sides of the data protection issue. They are then more likely
> to act in a judicious manner, and less like an attack dog.
> Watch the new movie "*/The Post/*" where when /Washington
> Post/ owner Katharine Graham decided to publish the Vietnam
> War Pentagon Papers, with the downside risk that she could be
> jailed for treason. The court ruled in favor of freedom of the
> press. It is not what the DPA can do, but what they are likely
> to do, and dialogue goes a long way to mitigating risk and
> shaping appropriate positions and behavior (with integrity) on
> all sides.
>
> Sam L.
>
>
> On 2/19/2018 10:02 AM, benny at nordreg.se
> <mailto:benny at nordreg.se> wrote:
>> <ironi on> Now I am relieved, we as registrars will not be
>> subject for anything… </ironi off>
>>
>> None of us know where and what they will
>> prioritise,*/remember that it only take 1 complaint to a DPA
>> to get the snowball moving./* [emphasis added] I am sure your
>> statement have noe value then.
>>
>> --
>> Med vänliga hälsningar / Kind Regards / Med vennlig hilsen
>>
>> Benny Samuelsen
>> Registry Manager - Domainexpert
>>
>> Nordreg AB - ICANN accredited registrar
>> IANA-ID: 638
>> Phone: +46.42197000 <tel:+46%2042%2019%2070%2000>
>> Direct: +47.32260201 <tel:+47%2032%2026%2002%2001>
>> Mobile: +47.40410200 <tel:+47%20404%2010%20200>
>>
>>> On 19 Feb 2018, at 15:29, Sam Lanfranco <sam at lanfranco.net
>>> <mailto:sam at lanfranco.net>> wrote:
>>>
>>> Hi Tim,
>>>
>>> No, completely to the contrary. My point with that dollars
>>> reference was that in some cases litigation is the preferred
>>> business response, rather than compliance and paying fines.
>>> Also, the big revenues in mining big data are outside the
>>> DNS sphere, and outside the abuses and "bad things" that
>>> websites do to people. The big EU fines are more likely to
>>> hit social media than Registrars, although they are risks
>>> there as well. The revenues, and privacy violations, will
>>> come from profiling users by mining big data for scraps of
>>> personal date to individualize target marketing.
>>>
>>> */As a brief aside:/* This goes well beyond the remit of
>>> ICANN and is actually worse than just being inundated by
>>> adverts base on personal online behavior. Artificial
>>> Intelligence mining apps are increasingly customizing the
>>> "news" one gets from news feeds, to help "glue the eyeballs"
>>> to the adverts, creating a news silo of one. (That is
>>> amusing for me since I virtually live in two towns in two
>>> countries). Even more worrisome is the growing practice for
>>> A.I. companies where A.I. "writes" the news releases, now
>>> mainly in sports and finance, for thousands of print and
>>> online news outlets. I know all of this is outside the ICANN
>>> remit so I will stop there.
>>>
>>> Sam L.
>>>
>>>
>>> On 2/18/2018 5:43 PM, Chen, Tim wrote:
>>>> Hi Sam,
>>>>
>>>> When you say these are hundred million dollar issues for
>>>> "the companies",which companies are you talking about?
>>>> Large Registrars?
>>>>
>>>> I hope you are not comparing cybersecurity professionals
>>>> and the good work they are trying to enable, to a
>>>> completely separate privacy issue around data used for ad
>>>> tracking or behavior tracking across websites. If I spent
>>>> my days trying to protect people on the internet from bad
>>>> things, I would certainly not appreciate any allusion that
>>>> I was engaged on the whois data issue 'for the money'.
>>>>
>>>> Tim
>>>>
>>>
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>
>
> --
> ------------------------------------------------
> "It is a disgrace to be rich and honoured
> in an unjust state" -Confucius
> 邦有道,贫且贱焉,耻也。邦无道,富且贵焉,耻也
> ------------------------------------------------
> Visiting Prof, Xi'an Jaiotong-Liverpool Univ, Suzhou, China
> Dr Sam Lanfranco (Prof Emeritus & Senior Scholar)
> Econ, York U., Toronto, Ontario, CANADA - M3J 1P3
> email:sam at lanfranco.net <mailto:sam at lanfranco.net> Skype: slanfranco
> blog:https://samlanfranco.blogspot.com <https://samlanfranco.blogspot.com>
> Phone:+1 613-476-0429 <tel:(613)%20476-0429> cell:+1 416-816-2852 <tel:(416)%20816-2852>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>
>
>
>
> --
> _________________________________
> Note to self: Pillage BEFORE burning.
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20180220/2ba0675b/attachment-0001.html>
More information about the gnso-rds-pdp-wg
mailing list