[gnso-rds-pdp-wg] @EXT: RE: IMPORTANT: Invitation for Poll from 9 January Meeting
Paul Keating
Paul at law.es
Thu Jan 18 11:23:03 UTC 2018
Understood. However, my point is that it should be a part of the
recommendation.
From: Chuck <consult at cgomes.com> on behalf of Chuck <consult at cgomes.com>
Date: Thursday, January 18, 2018 at 3:18 AM
To: Paul Keating <paul at law.es>, Michele Blacknight
<michele at blacknight.com>, 'nathalie coupet' <nathaliecoupet at yahoo.com>,
<'Mounier>, Grégory' <gregory.mounier at europol.europa.eu>,
<gnso-rds-pdp-wg at icann.org>
Cc: 'RDS-Leaders-List' <gnso-next-gen-rds-lead at icann.org>
Subject: RE: [gnso-rds-pdp-wg] @EXT: RE: IMPORTANT: Invitation for Poll
from 9 January Meeting
> Paul,
>
> PDP WG do not have any responsibilities with regard to the registry and
> registrar agreements; they are between registries and ICANN and registrars and
> ICANN. The only way a PDP WG can impact these agreements is to recommend
> consensus policies, which, if approved by the GNSO Council and the ICANN Board
> would become part of those agreements.
>
> Chuck
>
>
> From: Paul Keating [mailto:Paul at law.es]
> Sent: Wednesday, January 17, 2018 8:26 AM
> To: Michele Neylon - Blacknight <michele at blacknight.com>; Chuck
> <consult at cgomes.com>; 'nathalie coupet' <nathaliecoupet at yahoo.com>; 'Mounier,
> Grégory' <gregory.mounier at europol.europa.eu>; gnso-rds-pdp-wg at icann.org
> Cc: RDS-Leaders-List <gnso-next-gen-rds-lead at icann.org>
> Subject: Re: [gnso-rds-pdp-wg] @EXT: RE: IMPORTANT: Invitation for Poll from 9
> January Meeting
>
>
> Chuck and Michele,
>
>
>
> In several of my emails I have suggested that ICANN revise the ARA and the RAA
> to require the data collection required for security. This would seem to be
> well within ICANN¹s ambit/purpose and having it in the agreement and passed
> down to the registrars to collect would remove the present issue which is
> the fact that the data necessary for security/certification/investigation is
> not required to perform the agreement between the registrant and registrar.
>
>
>
> Michele, have the registrars considered such a situation?
>
>
>
> Paul Keating
>
>
>
> From: gnso-rds-pdp-wg <gnso-rds-pdp-wg-bounces at icann.org> on behalf of Michele
> Blacknight <michele at blacknight.com>
> Date: Wednesday, January 17, 2018 at 11:14 AM
> To: Chuck <consult at cgomes.com>, 'nathalie coupet' <nathaliecoupet at yahoo.com>,
> <'Mounier>, Grégory' <gregory.mounier at europol.europa.eu>,
> "gnso-rds-pdp-wg at icann.org" <gnso-rds-pdp-wg at icann.org>
> Cc: RDS-Leaders-List <gnso-next-gen-rds-lead at icann.org>
> Subject: Re: [gnso-rds-pdp-wg] @EXT: RE: IMPORTANT: Invitation for Poll from 9
> January Meeting
>
>
>>
>> Chuck / Nathalie
>>
>> Chuck is correct. Every registrar has their own set of terms and conditions.
>> There is no standard agreement, as no two companies are identical.
>>
>>
>> Regards
>>
>> Michele
>>
>>
>> --
>> Mr Michele Neylon
>> Blacknight Solutions
>> Hosting, Colocation & Domains
>> https://www.blacknight.com/
>> http://blacknight.blog/
>> Intl. +353 (0) 59 9183072
>> Direct Dial: +353 (0)59 9183090
>> Personal blog: https://michele.blog/
>> Some thoughts: https://ceo.hosting/
>> -------------------------------
>> Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
>> Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
>>
>> From: gnso-rds-pdp-wg <gnso-rds-pdp-wg-bounces at icann.org> on behalf of Chuck
>> <consult at cgomes.com>
>> Date: Wednesday 17 January 2018 at 01:07
>> To: 'nathalie coupet' <nathaliecoupet at yahoo.com>, "'Mounier, Grégory'"
>> <gregory.mounier at europol.europa.eu>, "gnso-rds-pdp-wg at icann.org"
>> <gnso-rds-pdp-wg at icann.org>
>> Cc: RDS-Leaders-List <gnso-next-gen-rds-lead at icann.org>
>> Subject: Re: [gnso-rds-pdp-wg] @EXT: RE: IMPORTANT: Invitation for Poll from
>> 9 January Meeting
>>
>>
>> Nathalie,
>>
>> First of all, let me point out that contracts between registrars and
>> registrant¹s vary by registrar. There is not a standard registrant contract.
>> The RAA contains certain requirements that registrar must include in the
>> registrant contract, but I am not aware that it requires a Œdo no harm¹
>> clause. I have cc¹d the leadership team and hope Michele will answer your
>> question.
>>
>> Chuck
>>
>>
>> From: nathalie coupet [mailto:nathaliecoupet at yahoo.com
>> <mailto:nathaliecoupet at yahoo.com> ]
>> Sent: Tuesday, January 16, 2018 2:59 PM
>> To: Chuck <consult at cgomes.com <mailto:consult at cgomes.com> >; 'Mounier,
>> Grégory' <gregory.mounier at europol.europa.eu
>> <mailto:gregory.mounier at europol.europa.eu> >; gnso-rds-pdp-wg at icann.org
>> <mailto:gnso-rds-pdp-wg at icann.org>
>> Subject: Re: [gnso-rds-pdp-wg] @EXT: RE: IMPORTANT: Invitation for Poll from
>> 9 January Meeting
>>
>>
>> Chuck and All,
>>
>>
>>
>> Is there a 'do no harm' clause in the contract between the registrar and the
>> registrant? This could ease the way for including collection of data for LEA
>> and IP protection as uses for uses compatible with domain management...
>>
>>
>>
>> Nathalie
>>
>>
>>
>> On Tuesday, January 16, 2018 11:52 AM, Chuck <consult at cgomes.com
>> <mailto:consult at cgomes.com> > wrote:
>>
>>
>> I don¹t think this WG is a negotiation table or a debate forum. PDPs are a
>> clearly defined process that is neither of these.
>>
>>
>>
>> Chuck
>>
>>
>>
>> From: nathalie coupet [mailto:nathaliecoupet at yahoo.com
>> <mailto:nathaliecoupet at yahoo.com> ]
>> Sent: Tuesday, January 16, 2018 6:50 AM
>> To: Chuck <consult at cgomes.com <mailto:consult at cgomes.com> >; 'Mounier,
>> Grégory' <gregory.mounier at europol.europa.eu
>> <mailto:gregory.mounier at europol.europa.eu> >; gnso-rds-pdp-wg at icann.org
>> <mailto:gnso-rds-pdp-wg at icann.org>
>> Subject: Re: [gnso-rds-pdp-wg] @EXT: RE: IMPORTANT: Invitation for Poll from
>> 9 January Meeting
>>
>>
>>
>> Yes. As long as each seconday purpose is formulated in such a way as to
>> protect vital interests on a case by case basis (law enforcement, research,
>> IP, etc.) with additional authorization for collection, if some data is
>> missing, etc.
>>
>> I would need to research this subject much more in details, or as a
>> collective endeavour (much better).
>>
>>
>>
>> Is this WG a negotiation table or just a debate forum for competing
>> interests?
>>
>>
>>
>>
>>
>>
>>
>> Nathalie
>>
>>
>>
>> On Tuesday, January 16, 2018 9:35 AM, Chuck <consult at cgomes.com
>> <mailto:consult at cgomes.com> > wrote:
>>
>>
>>
>> Nathalie,
>>
>>
>>
>> Do I understand you correctly that you are suggesting that a primary purpose
>> is one that a registrant gives consent for access and secondary purposes
>> would be all other purposes recommended by the WG for which no registrant
>> consent for access is given?
>>
>>
>>
>> I am asking this for clarification with the understanding that we will get to
>> access later.
>>
>>
>>
>> Chuck
>>
>>
>>
>> From: nathalie coupet [mailto:nathaliecoupet at yahoo.com
>> <mailto:nathaliecoupet at yahoo.com> ]
>> Sent: Monday, January 15, 2018 1:38 PM
>> To: Mounier, Grégory <gregory.mounier at europol.europa.eu
>> <mailto:gregory.mounier at europol.europa.eu> >; 'Chuck' <consult at cgomes.com
>> <mailto:consult at cgomes.com> >; 'gnso-rds-pdp-wg at icann.org
>> <mailto:'gnso-rds-pdp-wg at icann.org> ' <gnso-rds-pdp-wg at icann.org
>> <mailto:gnso-rds-pdp-wg at icann.org> >
>> Subject: Re: [gnso-rds-pdp-wg] @EXT: RE: IMPORTANT: Invitation for Poll from
>> 9 January Meeting
>>
>>
>>
>> Hi Gregory,
>>
>>
>>
>> I was expecting this objection be raised by law enforcement. But, in a spirit
>> of compromise, let's remember a resolution a member made earlier about the
>> implementation of GDPR: we were going to distinguish between primary purpose
>> and secondary purpose (those not directly based on the contract between the
>> registrant and the registrar) and beef up 'secondary purposes'. While this
>> might seem unnatural, it allows us to apply the GDPR's distinction while
>> preserving the use of WHOIS for law enforcement and abuse mitigation people.
>>
>> This is important when submitting the WG's and ultimately ICANN's rationale
>> to the DPA's review: let's not increase the attack surface. We can make sure
>> that despite this use not being granted full legitimate status for
>> collection, there will be enough data available for this use by allowing
>> additional collection, if need be.
>>
>> The fact that a purpose is direct or indirect based on the contract between
>> the reigstrant and the registrar - the initial consent of the registrant
>> being the cirteria for determining which purpose is primary (a.k.a
>> 'legitimate') and which one is not (i.e 'secondary') - could really alleviate
>> our quest for a compromise and still protect ICANN and registrars.
>>
>> I fear we'll still be here discussing this until we all turn blue and still
>> not get anywhere. I'm sure no one in the group believes your work is less
>> important, and we'll protect your access to information as much as we can.
>>
>> We just need to create this little artifice to protect registrars and ICANN,
>> so DPA's wont breathe down our necks.
>>
>>
>>
>> Why not give it a try?
>>
>>
>>
>> Nathalie
>>
>>
>>
>> On Monday, January 15, 2018 8:30 AM, "Mounier, Grégory"
>> <gregory.mounier at europol.europa.eu <mailto:gregory.mounier at europol.europa.eu>
>> > wrote:
>>
>>
>>
>> Dear all,
>>
>>
>> I will not be able to join the call tomorrow so I thought that I should drop
>> an email to the list to explain why I voted against the proposed possible WG
>> Agreement according to which ³Criminal Activity/DNS Abuse Investigation is
>> NOT a legitimate purpose for requiring collection of registration data, but
>> maybe a legitimate purpose of using some data collected for other purposes.²
>>
>> I think that there are a number of rationales/grounds - including in ICANN¹s
>> Bylaws - to argue that in fact, investigating criminal activity and DNS Abuse
>> IS a legitimate purpose for requiring the collection of registration data.
>>
>> Some of these rationales have been mentioned during the discussion on the
>> mailing list and during the call on 9th January. Unfortunately, I think that
>> the proposed possible WG agreement does not take into consideration these
>> rationales. I specifically disagree with the assumption that we should make a
>> distinction between 1) the purpose of collecting the data and 2) the purpose
>> for using the data collected for other purposes (manage domain
>> registrations).
>>
>> The reason why I disagree with making this distinction is that it leads to
>> artificially reduce the importance of a valid and legitimate purpose of the
>> WHOIS system, acknowledged by ICANN Bylaws: addressing malicious abuse of the
>> DNS and providing a framework to address appropriate law enforcement needs.
>> (ICANN¹s mandate is to ³ensure the stable and secure operation of the
>> internet¹s unique identifier systems²[1]
>> <https://mail.yahoo.com/?soc_src=mail&soc_trk=ma#_ftn1> + WHOIS data is
>> essential for ³the legitimate needs of law enforcement² and for ³promoting
>> consumer trust.²[2] <https://mail.yahoo.com/?soc_src=mail&soc_trk=ma#_ftn2>
>> ). In its document on the three compliance models issued last Friday[3]
>> <https://mail.yahoo.com/?soc_src=mail&soc_trk=ma#_ftn3> , ICANN has
>> explicitly included: addressing the needs of law enforcement, investigation
>> of cybercrime and DNS abuse as legitimate purposes of the WHOIS system.
>>
>> If one of the purpose of the WHOIS system is to support a framework to
>> address issues involving domain name registrations, including investigation
>> of cybercrime and DNS abuse, it can be argued that investigating criminal
>> activity and DNS abuse IS a legitimate purpose for requiring the collection
>> of registration data. Likewise, I think that requiring collection of
>> registration data to prevent crime is NOT beyond ICANN's mandate because this
>> data is essential for ICANN to fulfil its mandate.
>>
>> I have attached a list of relevant references supporting this point of view
>> taken from ICANN¹s Bylaws and the GDPR.
>>
>>
>>
>> I hope that you¹ll find this contribution helpful and I¹m looking forward to
>> reading the transcript of the next call J.
>>
>>
>>
>> Best,
>>
>> Greg
>>
>>
>>
>> Gregory Mounier
>>
>> Europol
>>
>> European Cybercrime Centre
>>
>> +31 6 55782743
>>
>>
>>
>> From: gnso-rds-pdp-wg [mailto:gnso-rds-pdp-wg-bounces at icann.org
>> <mailto:gnso-rds-pdp-wg-bounces at icann.org> ] On Behalf Of Chuck
>> Sent: 12 January 2018 15:21
>> To: gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>> Subject: [gnso-rds-pdp-wg] FW: IMPORTANT: Invitation for Poll from 9 January
>> Meeting
>> Importance: High
>>
>>
>>
>> The response to this week¹s poll is particularly low so I strongly encourage
>> more members to respond so that we have enough data to help us in our meeting
>> next week. Thanks to those who have already responded.
>>
>>
>>
>> Chuck
>>
>>
>>
>> From: gnso-rds-pdp-wg [mailto:gnso-rds-pdp-wg-bounces at icann.org
>> <mailto:gnso-rds-pdp-wg-bounces at icann.org> ] On Behalf Of Marika Konings
>> Sent: Wednesday, January 10, 2018 7:27 AM
>> To: gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>> Subject: [gnso-rds-pdp-wg] IMPORTANT: Invitation for Poll from 9 January
>> Meeting
>>
>>
>>
>> Dear all,
>>
>>
>>
>> In follow-up to this week¹s WG meeting, all RDS PDP WG Members are encouraged
>> to participate in the following poll:
>>
>>
>>
>> https://www.surveymonkey.com/r/VM6S8YK
>> <https://www.surveymonkey.com/r/VM6S8YK>
>>
>>
>>
>> Responses should be submitted through the above URL. For offline reference, a
>> PDF of poll questions can also be found at:
>>
>>
>>
>>
>> https://community.icann.org/download/attachments/74580034/Poll-from-9January-
>> Call.pdf?version=1&modificationDate=1515544361000&api=v2
>> <https://community.icann.org/download/attachments/74580034/Poll-from-9January
>> -Call.pdf?version=1&modificationDate=1515544361000&api=v2>
>>
>>
>>
>> This poll will close at COB Saturday 13 January.
>>
>>
>>
>> Please note that you must be a WG Member to participate in polls. If you are
>> a WG Observer wishing to participate in polls, you must first contact
>> gnso-secs at icann.org <mailto:gnso-secs at icann.org> to upgrade to WG Member.
>>
>>
>>
>> Best regards,
>>
>>
>>
>> Marika
>>
>>
>>
>> Marika Konings
>>
>> Vice President, Policy Development Support GNSO, Internet Corporation for
>> Assigned Names and Numbers (ICANN)
>>
>> Email: marika.konings at icann.org <mailto:marika.konings at icann.org>
>>
>>
>>
>> Follow the GNSO via Twitter @ICANN_GNSO
>>
>> Find out more about the GNSO by taking our interactive courses
>> <http://learn.icann.org/courses/gnso> and visiting the GNSO Newcomer pages
>> <http://gnso.icann.org/sites/gnso.icann.org/files/gnso/presentations/policy-e
>> fforts.htm#newcomers> .
>>
>>
>>
>>
>> [1] <https://mail.yahoo.com/?soc_src=mail&soc_trk=ma#_ftnref1> ICANN Bylaws
>> Article One, Section 1.1, Mission.
>>
>> [2] <https://mail.yahoo.com/?soc_src=mail&soc_trk=ma#_ftnref2> ICANN Bylaws,
>> Registration Directory Services Review, §4.6(e).
>>
>> [3] <https://mail.yahoo.com/?soc_src=mail&soc_trk=ma#_ftnref3>
>> https://www.icann.org/en/system/files/files/interim-models-gdpr-compliance-12
>> jan18-en.pdf
>> <https://www.icann.org/en/system/files/files/interim-models-gdpr-compliance-1
>> 2jan18-en.pdf>
>>
>> *******************
>>
>> DISCLAIMER : This message is sent in confidence and is only intended for the
>> named recipient. If you receive this message by mistake, you may not use,
>> copy, distribute or forward this message, or any part of its contents or rely
>> upon the information contained in it.
>> Please notify the sender immediately by e-mail and delete the relevant
>> e-mails from any computer. This message does not constitute a commitment by
>> Europol unless otherwise indicated.
>>
>> *******************
>>
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> <https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg>
>>
>>
>>
>> _______________________________________________ gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20180118/d21e1571/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 171 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20180118/d21e1571/image001-0001.png>
More information about the gnso-rds-pdp-wg
mailing list