<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin-top:0in;
margin-right:0in;
margin-bottom:10.0pt;
margin-left:0in;
line-height:115%;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor="white" lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D">Let me point out that for the sake of this discussion, ICANN is not some third party; we are ICANN. ICANN is all of the SOs and ACs and SGs and Cs; it is not just staff or the Board. It is our task as a WG
to try to develop answers to the questions that have been asked and develop policy if possible for an RDS system. The GNSO Council will then decide whether we have followed proper procedures and process and, if so, forward our policy recommendations to the
Board. Nothing can become policy unless the Board approves it and they have a responsibility to respect the multistakeholder process that we are all a part of in ICANN.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Chuck<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height:normal">
<b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext"> gnso-rds-pdp-wg-bounces@icann.org [mailto:gnso-rds-pdp-wg-bounces@icann.org]
<b>On Behalf Of </b>Sam Lanfranco<br>
<b>Sent:</b> Wednesday, June 22, 2016 10:37 AM<br>
<b>To:</b> gnso-rds-pdp-wg@icann.org<br>
<b>Subject:</b> Re: [gnso-rds-pdp-wg] The States are Getting into the Act<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt;line-height:normal"><span style="font-size:12.0pt;font-family:"Times New Roman","serif"">I have a brief comment to follow up on Volker’s comments, the spirit of which I completely support. I recognize that my
comments may be unpopular. I have kept a low profile in these discussions and I fear that despite heroic work and dedication on the part of all, there is a serious risk of this turning into a train wreck in practice.
<br>
<br>
Registries and registrars operate under the existing laws of the countries in which they reside. Increasingly they cannot conduct business in countries unless they have a business presence in that country. This gives countries power over registries and registrars,
including the power to override elements of contracts with ICANN. How can this reality be reconciled with extending the most extensive privacy protection level to customers in ways that are workable for all providers and their customers?<br>
<br>
ICANN can identify the absolute minimum data set required by ICANN. ICANN does not have the country by country experience or exposure of registrars and registries. It could participate in DNS industry led efforts to deal with registries and registrar data requirements,
but those efforts are probably best held outside ICANN and (horror of horrors) will likely involve multilateral efforts to reconcile inter-country differences where ICANN could/should engage both as a stakeholder and as an advocate for the common good in Internet
governance. <br>
<br>
In short, ICANN should (but probably won’t) focus on ICANN’s minimum needs, and then work elsewhere in partnership, as a stakeholder and offer wise counsel, within the larger multilateral and country by country struggle for customer privacy and security in
ways workable for all providers and their customers. Does this sound like a new ICANN? Yes. Is there a choice? I think not. Might I be wrong? Maybe. A train wreck? Hope not.
<br>
<br>
Sam L. <br>
<br>
<o:p></o:p></span></p>
<div>
<p class="MsoNormal" style="margin-bottom:0in;margin-bottom:.0001pt;line-height:normal">
<span style="font-size:12.0pt;font-family:"Times New Roman","serif";color:#990000">On 6/22/2016 7:06 AM, Volker Greimann wrote:</span><span style="font-size:12.0pt;font-family:"Times New Roman","serif""><o:p></o:p></span></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p><span style="color:#990000">Frankly, as a provider that is handing over private details of my customer I do not care about anything less than the maximum required protection in any jurisdiction that may be applicable. So what if the states have lower privacy
protection requirements than Europe and India has none? The only acceptable result in my eyes is an accomodation of the most extensive privacy protection level that may be required.
</span><o:p></o:p></p>
<p><span style="color:#990000">If we start looking at the countries which do not care about the privacy of their citizens, then we will get nowhere. Only be adhering to a maximum standard can we ensure that the result is workable for all providers and their
customers.</span><o:p></o:p></p>
<p><span style="color:#990000">Volker</span><o:p></o:p></p>
</blockquote>
<pre><o:p> </o:p></pre>
</div>
</body>
</html>