[gnso-rds-pdp-wg] IMPORTANT: Notes from RDS PDP WG Meeting - 30 January

Carlton Samuels carlton.samuels at gmail.com
Wed Jan 31 00:57:52 UTC 2018 

...and while were at it, take a load of this....

https://www.icann.org/en/system/files/correspondence/avramopoulos-et-al-to-marby-29jan18-en.pdf

-Carlton


==============================
*Carlton A Samuels*

*Mobile: 876-818-1799Strategy, Planning, Governance, Assessment &
Turnaround*
=============================

On Tue, Jan 30, 2018 at 7:13 PM, Lisa Phifer <lisa at corecom.com> wrote:

> *Dear all,*
>
> *Below please find notes from today’s RDS PDP WG meeting.*
>
> *To recap Action Items from today’s call:
> https://community.icann.org/x/8ge8B <https://community.icann.org/x/8ge8B>*
>
> *Action:* Chair to confirm change of VC on mailing list.
>
> *Proposed WG agreement (subject to revision and confirmation via poll):* The
> WG will use the following non-exhaustive list of criterion to determine if
> any proposed purpose for processing registration data may be legitimate:
> (a) The purpose must not be inconsistent with ICANN's mission, (d) The
> purpose must be inherent to the functionality of the DNS, AND (x) The
> purpose must satisfy at least one legal basis for processing as defined by
> data protection laws.
>
> *Action:* Leadership team to refine above proposed agreement to develop
> poll about this point, along with repeat of Q3 from last week's poll, with
> additional granularity, based on agreed criteria. WG members encouraged to
> participate in poll no later than Saturday COB.
>
> *Best regards,*
> *Lisa*
>
>
>
> *Action Items and Notes from RDS PDP WG Call – 30 January 2018*
>
> *These high-level notes are designed to help PDP WG members navigate
> through the content of the call and are not meant as a substitute for the
> transcript and/or recording. The MP3, transcript, and chat are provided
> separately and are posted on the wiki.*
>
> 1. Roll Call/SOI Updates
>
>    - Please mute when not speaking and give your name when speaking for
>    the transcript
>    - SOI Updates:
>       - Andrew Sullivan will be a member of the IETF Administrative
>       Oversight Committee starting at the IETF meeting in March
>       - Chuck Gomes updated his SoI to reflect his support from Verisign
>       although he is no longer representing Verisign's interests or the RySG
>       - Mason Cole has left Donuts and joined Perkins Coie
>    - Confirm Alex Deacon as a member of the WG Leadership Team to replace
>    Susan.
>
> *Action:* Chair to confirm change of VC on mailing list.
>
> 2. Discuss list of criteria that make purposes legitimate for processing
>
> a. See GDPR definition of processing and Q2 poll results
> <https://community.icann.org/download/attachments/79431666/CommentSummary-24JanuaryPoll-v3.pdf?version=1&modificationDate=1517268227000&api=v2>
>
>    - Handout: https://community.icann.org/download/
>    attachments/79431666/Handout-30January-RDSWGCall.pdf
>    <https://community.icann.org/download/attachments/79431666/Handout-30January-RDSWGCall.pdf>
>    - Question 2 from last week's poll:
>    *Do you support the proposed WG Agreement from last week: Criteria to
>    be used to determine whether any proposed purpose is legitimate for
>    processing registration data are: a) In support of ICANN's mission; b) A
>    legitimate interest pursued by the data controller; c) Necessary for the
>    fulfillment of a contract; d) Inherent to functionality of the DNS; e) In
>    the public interest; or f) Necessary for compliance with a legal
>    obligation.*
>    - See GDPR definition on handout slide 3
>    <https://community.icann.org/download/attachments/79431666/Handout-30January-RDSWGCall.pdf>
>    - Comment Summary: https://community.icann.org/download/
>    attachments/79431666/CommentSummary-24JanuaryPoll-v3.pdf
>    <https://community.icann.org/download/attachments/79431666/CommentSummary-24JanuaryPoll-v3.pdf>
>    - Overall, 54% supported ALL listed criteria
>    - Comment Summary shows level of support for each listed criteria,
>    ranging from 74 - 57%
>    - Summary also shows level of explicit opposition to each listed
>    criteria
>    - General Comments Discussion:
>       - All are encouraged to review the AC recording or transcript of
>       the previous call to catch up before participating poll whenever possible -
>       this will improve efficiency of discussions
>       - Does anyone disagree with the statement that this list of
>       criteria must be non-exhaustive?
>       - Comments: Criteria should be fixed because ICANN's mission is
>       fixed, GDPR should apply to personal data collected in applicable
>       jurisdictions, as Internet evolves we may find that other data is needed so
>       cannot be static, "Valuable and useful to law enforcement" is not enough to
>       mandate collection - or another view: it is if that information is deemed
>       important for protecting the DNS. and confidence in it
>
> Option a) In support of ICANN's mission
>
>    - 74% support, 1 person explicitly opposed this criteria
>       - Comments about Option a:
>          - Are a) AND d) the only valid criteria? No, they are required
>          but other reasons are valid as well
>          - Do we need to examine all of the criteria before polling (as
>          we did on the last call)?
>          - Show of hands show more disagreement than agreement at this
>          stage of discussion
>          - Proposal: (a) would better be phrased as  "not inconsistent
>          with ICANN's mission"
>       - Conclusion: Reasonably strong support for a) as one criteria for
>       determining whether a purpose is legimate for processing registration data
>       in some way.
>
>  Option b) A legitimate interest pursued by data controller(s)
>
>    - 60% supported, 7 comments explicitly opposed this
>       - Comments about Option b:
>          - Not clear at this point precisely who the data controllers ARE
>          - This shouldn't exclude legitimate interests of third parties
>          or data processors as enumerated by GDPR
>          - This is a legal basis for processing not a criteria or a
>          purpose
>          - Why do we have criteria other than a) and d) or e)?
>          - Are  "third parties" = "operators on the Internet not involved
>          in the registration of the domain name"
>          - Is this a proxy discussion for how WG members view
>          availability of registration data?
>       - Conclusion: Possible approach to simplify list without
>       enumerating all of the legal bases from GDPR:
>          - The list of criteria could be [ a) plus d) ] plus a new
>          criteria that the purpose must satisfy at least one legal basis for
>          processing as defined by GDPR and other data protection laws (where a/d may
>          be reworded)
>          - Is a) a superset of d) - if so are both needed? They are not
>          exclusive.
>          - What is the implication of AND or OR in the proposed WG
>          agreement? Would a purpose have to satisfy all 3 (AND) or just one (OR)?
>
>  b. Determine next steps to reach agreement on criteria
>
> *Proposed WG agreement (subject to revision and confirmation via poll):* The
> WG will use the following non-exhaustive list of criterion to determine if
> any proposed purpose for processing registration data may be legitimate:
> (a) The purpose must not be inconsistent with ICANN's mission, (d) The
> purpose must be inherent to the functionality of the DNS, AND (x) The
> purpose must satisfy at least one legal basis for processing as defined by
> data protection laws.
>
> *Action:* Leadership team to refine above proposed agreement to develop
> poll about this point, along with repeat of Q3 from last week's poll, with
> additional granularity, based on agreed criteria. WG members encouraged to
> participate in poll no later than Saturday COB.
>
> 3. Discuss list of purposes to determine which are legitimate for
> processing based on criteria - DEFERRED TO NEXT WEEK
>
> 4. Confirm agreements for polling & next steps
>
> *Action:* Chair to confirm change of VC on mailing list.
>
> *Proposed WG agreement (subject to revision and confirmation via poll):* The
> WG will use the following non-exhaustive list of criterion to determine if
> any proposed purpose for processing registration data may be legitimate:
> (a) The purpose must not be inconsistent with ICANN's mission, (d) The
> purpose must be inherent to the functionality of the DNS, AND (x) The
> purpose must satisfy at least one legal basis for processing as defined by
> data protection laws.
>
> *Action:* Leadership team to refine above proposed agreement to develop
> poll about this point, along with repeat of Q3 from last week's poll, with
> additional granularity, based on agreed criteria. WG members encouraged to
> participate in poll no later than Saturday COB.
>
> 5. Confirm next meeting: Tuesday 6 February at 17:00 UTC
>
>    - February call schedule Tuesdays @ 17:00 except for Wednesday Feb 21
>    @ 06.00
>
> *Meeting Materials*: https://community.icann.org/x/8ge8B
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20180130/3100bce8/attachment-0001.html>

More information about the gnso-rds-pdp-wg mailing list