[gnso-rds-pdp-wg] @EXT: RE: IMPORTANT: Invitation for Poll from 9 January Meeting
Dotzero
dotzero at gmail.com
Tue Jan 16 12:31:18 UTC 2018
+1 to what Greg wrote. This is about the DNS ecosystem.
Michael Hammer
On Mon, Jan 15, 2018 at 11:38 PM, Greg Shatan <gregshatanipc at gmail.com>
wrote:
> I apologize for not voting in the recent poll. If I had, I would have
> voted the same way as Gregory Mounier did, with essentially the same
> underlying thoughts. I note Nathalie's suggestion, but I agree with John
> that we haven't even reached that point yet -- we first need to decide
> whether the purpose is legitimate or not , and then (if it is legitimate)
> whether it is primary or secondary.
>
> There is a fundamental concept that I think is getting lost here --
> RDS/Whois does not exist to serve the registrar/registrant relationship, it
> (they?) exists to serve the needs of the DNS ecosystem, which by definition
> includes law enforcement, anti-abuse, and anti-IP-infringement activity, as
> well as actual and potential transferees. The RDS should be viewed as a
> fundamental part of the system and processes that keep the DNS working (not
> just technically, but in terms of security, trust, and the free movement of
> domain names).
>
> Greg
>
> On Mon, Jan 15, 2018 at 6:02 PM, John Bambenek via gnso-rds-pdp-wg <
> gnso-rds-pdp-wg at icann.org> wrote:
>
>> If its not a legitimate purpose, then its not a secondary purpose either.
>> The language of the purposed agreement makes no accommodation for such a
>> compromise even IF it were acceptable and its not.
>>
>> --
>> John Bambenek
>>
>> On Jan 15, 2018, at 15:38, nathalie coupet via gnso-rds-pdp-wg <
>> gnso-rds-pdp-wg at icann.org> wrote:
>>
>> Hi Gregory,
>>
>> I was expecting this objection be raised by law enforcement. But, in a
>> spirit of compromise, let's remember a resolution a member made earlier
>> about the implementation of GDPR: we were going to distinguish between
>> primary purpose and secondary purpose (those not directly based on the
>> contract between the registrant and the registrar) and beef up 'secondary
>> purposes'. While this might seem unnatural, it allows us to apply the
>> GDPR's distinction while preserving the use of WHOIS for law enforcement
>> and abuse mitigation people.
>> This is important when submitting the WG's and ultimately ICANN's
>> rationale to the DPA's review: let's not increase the attack surface. We
>> can make sure that despite this use not being granted full legitimate
>> status for collection, there will be enough data available for this use by
>> allowing additional collection, if need be.
>> The fact that a purpose is direct or indirect based on the contract
>> between the reigstrant and the registrar - the initial consent of the
>> registrant being the cirteria for determining which purpose is primary
>> (a.k.a 'legitimate') and which one is not (i.e 'secondary') - could really
>> alleviate our quest for a compromise and still protect ICANN and
>> registrars.
>> I fear we'll still be here discussing this until we all turn blue and
>> still not get anywhere. I'm sure no one in the group believes your work is
>> less important, and we'll protect your access to information as much as we
>> can.
>> We just need to create this little artifice to protect registrars and
>> ICANN, so DPA's wont breathe down our necks.
>>
>> Why not give it a try?
>>
>> Nathalie
>>
>>
>> On Monday, January 15, 2018 8:30 AM, "Mounier, Grégory" <
>> gregory.mounier at europol.europa.eu> wrote:
>>
>>
>> Dear all,
>>
>> I will not be able to join the call tomorrow so I thought that I should
>> drop an email to the list to explain why I voted against the proposed
>> possible WG Agreement according to which “*Criminal Activity/DNS Abuse –
>> Investigation is NOT a legitimate purpose for requiring collection of
>> registration data, but maybe a legitimate purpose of using some data
>> collected for other purposes*.”
>> I think that there are a number of rationales/grounds - including in
>> ICANN’s Bylaws - to argue that in fact, investigating criminal activity and
>> DNS Abuse *IS* a legitimate purpose for requiring the collection of
>> registration data.
>> Some of these rationales have been mentioned during the discussion on the
>> mailing list and during the call on 9th January. Unfortunately, I think
>> that the proposed possible WG agreement does not take into consideration
>> these rationales. I specifically disagree with the assumption that we
>> should make a distinction between 1) the purpose of collecting the data and
>> 2) the purpose for using the data collected for other purposes (manage
>> domain registrations).
>> The reason why I disagree with making this distinction is that it leads
>> to artificially reduce the importance of a valid and legitimate purpose of
>> the WHOIS system, acknowledged by ICANN Bylaws: addressing malicious abuse
>> of the DNS and providing a framework to address appropriate law enforcement
>> needs. (ICANN’s mandate is to “ensure the stable and secure operation of
>> the internet’s unique identifier systems”[1]
>> <https://mail.yahoo.com/?soc_src=mail&soc_trk=ma#_ftn1> + WHOIS data is
>> essential for “the legitimate needs of law enforcement” and for “promoting
>> consumer trust.”[2]
>> <https://mail.yahoo.com/?soc_src=mail&soc_trk=ma#_ftn2> ). In its
>> document on the three compliance models issued last Friday[3]
>> <https://mail.yahoo.com/?soc_src=mail&soc_trk=ma#_ftn3>, ICANN has
>> explicitly included: addressing the needs of law enforcement, investigation
>> of cybercrime and DNS abuse as legitimate purposes of the WHOIS system.
>> If one of the purpose of the WHOIS system is to support a framework to
>> address issues involving domain name registrations, including investigation
>> of cybercrime and DNS abuse, it can be argued that investigating criminal
>> activity and DNS abuse IS a legitimate purpose for requiring the collection
>> of registration data. Likewise, I think that requiring collection of
>> registration data to prevent crime is NOT beyond ICANN's mandate because
>> this data is essential for ICANN to fulfil its mandate.
>> I have attached a list of relevant references supporting this point of
>> view taken from ICANN’s Bylaws and the GDPR.
>>
>> I hope that you’ll find this contribution helpful and I’m looking forward
>> to reading the transcript of the next call J.
>>
>> Best,
>> Greg
>>
>> Gregory Mounier
>> Europol
>> European Cybercrime Centre
>> +31 6 55782743 <+31%206%2055782743>
>>
>> *From:* gnso-rds-pdp-wg [mailto:gnso-rds-pdp-wg-bounces at icann.org
>> <gnso-rds-pdp-wg-bounces at icann.org>] *On Behalf Of *Chuck
>> *Sent:* 12 January 2018 15:21
>> *To:* gnso-rds-pdp-wg at icann.org
>> *Subject:* [gnso-rds-pdp-wg] FW: IMPORTANT: Invitation for Poll from 9
>> January Meeting
>> *Importance:* High
>>
>> The response to this week’s poll is particularly low so I strongly
>> encourage more members to respond so that we have enough data to help us in
>> our meeting next week. Thanks to those who have already responded.
>>
>> Chuck
>>
>> *From:* gnso-rds-pdp-wg [mailto:gnso-rds-pdp-wg-bounces at icann.org
>> <gnso-rds-pdp-wg-bounces at icann.org>] *On Behalf Of *Marika Konings
>> *Sent:* Wednesday, January 10, 2018 7:27 AM
>> *To:* gnso-rds-pdp-wg at icann.org
>> *Subject:* [gnso-rds-pdp-wg] IMPORTANT: Invitation for Poll from 9
>> January Meeting
>>
>> Dear all,
>>
>> In follow-up to this week’s WG meeting, *all RDS PDP WG Members* are
>> encouraged to participate in the following poll:
>>
>> https://www.surveymonkey.com/r/VM6S8YK
>>
>> Responses should be submitted through the above URL. For offline
>> reference, a PDF of poll questions can also be found at:
>>
>> https://community.icann.org/download/attachmen
>> ts/74580034/Poll-from-9January-Call.pdf?version=1&
>> modificationDate=1515544361000&api=v2
>>
>> *This poll will close at COB Saturday 13 January. *
>>
>> Please note that you *must be a WG Member* to participate in polls. If
>> you are a WG Observer wishing to participate in polls, you must first
>> contact gnso-secs at icann.org to upgrade to WG Member.
>>
>> Best regards,
>>
>> Marika
>>
>> *Marika Konings*
>> *Vice President, Policy Development Support – GNSO, Internet Corporation
>> for Assigned Names and Numbers (ICANN) *
>> *Email: **marika.konings at icann.org* <marika.konings at icann.org>
>>
>> *Follow the GNSO via Twitter @ICANN_GNSO*
>> *Find out more about the GNSO by taking our **interactive courses*
>> <http://learn.icann.org/courses/gnso>* and visiting the **GNSO Newcomer
>> pages*
>> <http://gnso.icann.org/sites/gnso.icann.org/files/gnso/presentations/policy-efforts.htm#newcomers>
>> *. *
>>
>>
>> ------------------------------
>> [1] <https://mail.yahoo.com/?soc_src=mail&soc_trk=ma#_ftnref1> ICANN
>> Bylaws Article One, Section 1.1, Mission.
>> [2] <https://mail.yahoo.com/?soc_src=mail&soc_trk=ma#_ftnref2> ICANN
>> Bylaws, Registration Directory Services Review, §4.6(e).
>> [3] <https://mail.yahoo.com/?soc_src=mail&soc_trk=ma#_ftnref3>
>> https://www.icann.org/en/system/files/files/interim-models-
>> gdpr-compliance-12jan18-en.pdf
>> *******************
>>
>> DISCLAIMER : This message is sent in confidence and is only intended for
>> the named recipient. If you receive this message by mistake, you may not
>> use, copy, distribute or forward this message, or any part of its contents
>> or rely upon the information contained in it.
>> Please notify the sender immediately by e-mail and delete the relevant
>> e-mails from any computer. This message does not constitute a commitment by
>> Europol unless otherwise indicated.
>>
>> *******************
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>
>>
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20180116/e377c578/attachment-0001.html>
More information about the gnso-rds-pdp-wg
mailing list