[gnso-rds-pdp-wg] Working paper from the Berlin group

Andrew Sullivan ajs at anvilwalrusden.com
Fri Mar 9 23:48:16 UTC 2018 

Hi,

On Fri, Mar 09, 2018 at 08:48:17PM +0100, theo geurts wrote:
> 
> These recommendations go beyond WHOIS, but yet tie in directly with issues we
> will face as a WG.
> 
> Furthermore, this is not a few DPA's from Europe who made these
> recommendations; these are the recommendations from DPA's and experts all over
> the world, which makes it, in my opinion, a global recommendation.
> 
> And to kindly to remind everyone again, there are more than 120 countries with
> data protection laws. So this is not some little tea club gathering, these
> recommendations took a lot of time to get vetted by this group due to the many
> members. They started working in November last year on this, so they took their
> time.
> 
> We would be fools to ignore this.

That's nice.  But you said nothing relevant to the question I was
asking: is there even one single thing in this paper that is new and
that I need to read before thinking about the RDS issues any further?

I don't think there is left anyone here in any doubt that there are
serious privacy concerns about the RDS held by several people,
including several DPAs from all over the world (with the full force of
legislation behind them).  I don't think this WG (nor for that matter
the many various groups who have worked on this topic before) is
missing the perspective.

I am aware that there are people "dug in" about how the data protection
view is mistaken or incorrect in some way.  Indeed, there are most
definitely examples of things that I think _must_ be available on the
network in order to make the network continue to operate.  (At the
DNS-OARC meeting yesterday, here in San Juan, we had an example of
that from a large ISP that does DNSSEC validation.)  But I don't think
any of those people are "dug in" because they didn't understand that
there is relevant or applicable legislation, or that there are serious
and legitimate privacy concerns or anything of that sort.  They're not
uninformed.

So, I ask again: what is _new_ in this report that would bring some a
ray of light, however feeble, into the discussion such that we should
all read it.  Because in a quick scan of the numbered
recommendations just now, I saw literally nothing that has not been
brought up already more than once, and I see at least one
recommendation that is so breathtakingly ignorant of the architecutre
of the Internet as to make me roll my eyes.

We need to complete this work some day, or else just give up in
frustration.  For me, I will say, my patience for endless insistence
that we consider a new report recommending exactly the same thing that
30 other reports have already recommended is about gone.  Rather than
considering new restatements of all the evidence we already have, I
would like us to move to the part where we do the hard work of forging
a compromise people can live with for the identifier systems where
ICANN has a clear mandate to act, based on the clear needs to support
the identifier systems where ICANN has a remit.  If you think I have
missed something important in support of that goal, I would welcome
being so informed.  But until someone says something actually new, I
think we should work on the basis of the copious evidence we already
have before us.

Best regards,

A

-- 
Andrew Sullivan
ajs at anvilwalrusden.com

More information about the gnso-rds-pdp-wg mailing list