<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252" />
</head><body text="#000000" bgcolor="#FFFFFF">So the non-expert and the expert agree!<br>
<br>
<br>
-- <br>
Sent from my mobile. Please excuse brevity and typos.<br><br><div class="gmail_quote">On September 26, 2017 8:34:53 AM EDT, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> wrote:<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<p><font size="+1"><font face="Lucida Grande">With all due modesty,
I am an expert in privacy legislation, having worked in this
field since 1984 in most capacities (and most particularly,
directing the drafting of the federal law here in Canada).
TBDF provisions appear in most data protection law, they are
also covered in many national constitutions and it is therefore
impossible to actually separate out TBDF from any privacy
impact assessment of ICANN policy and implementation. I don't
think an explicit mention in our Charter is at all necessary,
we cannot examine privacy without looking at TBDF.<br />
</font></font></p>
<p><font size="+1"><font face="Lucida Grande">Stephanie Perrin</font></font><br />
</p>
<br />
<div class="moz-cite-prefix">On 2017-09-25 09:24, Alan Greenberg
wrote:<br />
</div>
<blockquote type="cite" cite="mid:70a3524c-f3d3-49de-9e35-744d0add7712@EXHUB2010-2.campus.MCGILL.CA">
I am far from an expert on privacy legislation. GDPR is probably
as good
a base to look at as any, and perhaps better than some. I do not
think we
are in a position to survey all country's privacy legislation to
ensure
that we are in compliance, and even if we did, laws change over
time. So
we will need to put in place a framework that can adapt to local
requirements. <br />
<br />
One issue that I do not think has been discussed (and is not even
mentioned in our charter) is transborder data flow. ALthough that
may be
more associated with implementation, I suspect we will have to
think
about it, if only to say that implementation needs to address it.
In that
case, European legislation may not be the most stringent.<br />
<br />
Alan<br />
<br />
<br />
At 25/09/2017 08:57 AM, Ayden Férdeline wrote:<br />
<br />
<blockquote type="cite" class="cite" cite="">Hi Erica,<br />
<br />
That is a good question. <br />
<br />
My view is that GDPR is the best baseline that we have. I say
for this
for two reasons. Firstly, because the Council of the European
Union has
advised the European Commission that it cannot negotiate away
privacy
rights in trade agreements. And secondly, as I touched upon in
an email a
few days ago, over 100 countries now have data protection laws,
many of
which were modelled after the European Union’s 1995 Data
Protection
Directive. It seems possible to me that a desire to emulate best
practices could see these laws, based upon the earlier 1995
standard,
updated to reflect the standard now set by GDPR.<br />
<br />
I am happy, of course, to hear alternative perspectives on this
issue.<br />
<br />
Best wishes,<br />
<br />
Ayden Férdeline<br />
<a href="http://www.linkedin.com/in/ferdeline" moz-do-not-send="true">
linkedin.com/in/ferdeline</a><br />
<br />
<br />
<blockquote type="cite" class="cite" cite="">-------- Original
Message
--------<br />
Subject: Re: [gnso-rds-pdp-wg] ICANN Meetings/Conversations
with Data
Protection and Privacy Commissioners<br />
Local Time: 25 September 2017 1:46 PM<br />
UTC Time: 25 September 2017 12:46<br />
From: <a class="moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a><br />
To: <a class="moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a><br />
<br />
<dl>
<dd> It is clear that the PDP will have to be aware of and
plan for
GDPR-like protections (and not limited to Europe).<br />
<br />
</dd>
</dl>
<br />
Jumping back to Kris' comment, and the reference to other
privacy
regulations in various countries (i.e. South Africa), do we
know for
certain that GDPR is our best baseline? For example, perhaps
there is a
different regional set of regulations that are an even lower
common
denominator that would ensure compliance not only with GDPR,
but other
regions as well - and, hopefully, future laws. Possibly this
has been
spoken about before (I'm still rather new here), but I thought
it may be
worth confirming since so much of our information flow,
generally
speaking, tends to come from the US and the EU over other
regions.<br />
<br />
<dl>
<dd>Within the contect of ICANN, there is no other way to do
this but
through a GNSO PDP, and hopefully we can actually complete
this and move
forward. How timely we do it will depend on how willing we
are to work
together to reach consensus.<br />
<br />
</dd>
</dl>
<br />
Well said. <br />
<br />
Best,<br />
Erica <br />
<br />
Erica Varlese | .blog Shepherd @ KKWT<br />
Email: <a class="moz-txt-link-abbreviated" href="mailto:erica@my.blog">erica@my.blog</a><br />
Skype: evarlese<br />
<br />
<br />
On Mon, Sep 25, 2017 at 4:07 AM, Volker Greimann
<<a href="mailto:vgreimann@key-systems.net" moz-do-not-send="true">
vgreimann@key-systems.net</a>> wrote:<br />
<br /><dl>
<dd>With the new proposals for whois privacy provider
accreditation
currently in the works and the costs attached to that
program both in
aded requirements that have to be followed and the
accreditation cost,
this service will never be "free". <br />
<br />
</dd>
<dd>Volker<br />
<br />
</dd>
<dd>Am 23.09.2017 um 15:47 schrieb John Bambenek via
gnso-rds-pdp-wg:<br />
<blockquote type="cite" class="cite" cite="">
<dd>Is one of there ways of exploring how to resolve the
issue including
making whois privacy for free for individual
registrants?<br />
<br />
</dd>
<dd>-- <br />
</dd>
<dd>John Bambenek<br />
<br />
</dd>
<dd>On Sep 22, 2017, at 21:06, Chuck
<<a href="mailto:consult@cgomes.com" moz-do-not-send="true">consult@cgomes.com</a>>
wrote:<br />
<br />
<blockquote type="cite" class="cite" cite="">
<dd>Without in any way detracting from the concern
for ICANN transparency
and the need for keeping our PDP informed, I think
it is important for us
to recognize a few things:
</dd>
<dd>The GDPR is set to go into effect in May 2018.
</dd>
<dd>While I am cautiously hopeful that the RDS PDP
WG will improve
progress in our work, there is no way we will be
close to done by May
2018.
</dd>
<dd>In the meantime, contracted parties will be
faced with some serious
conflicts between the terms of their agreements
with ICANN and the GDPR
that could result in significant fines if they
continue to comply with
their ICANN agreements.
</dd>
<dd>Therefore, it does not seem unreasonable for
ICANN staff to be
exploring ways to resolve this dilemma until
policy work can be
completed.<br />
</dd>
<dd> <br />
<br />
</dd>
<dd>Chuck<br />
<br />
</dd>
<dd><a name="m_1911983207652239545__MailEndCompose" moz-do-not-send="true"></a> <br />
<br />
</dd>
<dd>From:
<a href="mailto:gnso-rds-pdp-wg-bounces@icann.org" moz-do-not-send="true">
gnso-rds-pdp-wg-bounces@icann.org</a>
[<a href="mailto:gnso-rds-pdp-wg-bounces@icann.org" eudora="autourl" moz-do-not-send="true">
mailto:gnso-rds-pdp-wg-bounces@icann.org</a>] On
Behalf Of Vayra,
Fabricio (Perkins Coie)<br />
</dd>
<dd>Sent: Friday, September 22, 2017 8:16 AM<br />
</dd>
<dd>To: Andrew Sullivan
<<a href="mailto:ajs@anvilwalrusden.com" moz-do-not-send="true">ajs@anvilwalrusden.com</a>
>;
<a href="mailto:gnso-rds-pdp-wg@icann.org" moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a>
<br />
</dd>
<dd>Subject: Re: [gnso-rds-pdp-wg] ICANN
Meetings/Conversations with
Data Protection and Privacy Commissioners<br />
<br />
</dd>
<dd> <br />
<br />
</dd>
<dd>Appreciate this feedback, Andrew. Simply put,
my concern is
that these independent and misinformed
conversations will result in bad
decision making that will run counter to our
efforts here in this
duly-constituted PDP WG that is following the
standard ICANN processes
for developing policy -- if not render them
useless altogether.
Which in turn highlights my earlier comment that
this side-show effort
from ICANN runs counter to the bottom up /
standard ICANN processes for
developing policy.<br />
<br />
</dd>
<dd> <br />
<br />
</dd>
<dd>Maybe it's just me making a mountain out of a
molehill, but Stephanie
echoing these concerns on the last call encouraged
me to reach out to my
fellow WG members to see if others share the
concern and wanted to act on
it.<br />
<br />
</dd>
<dd> <br />
<br />
</dd>
<dd>Others? <br />
<br />
</dd>
<dd> <br />
<br />
</dd>
<dd>-----Original Message-----<br />
</dd>
<dd>From:
<a href="mailto:gnso-rds-pdp-wg-bounces@icann.org" moz-do-not-send="true">
gnso-rds-pdp-wg-bounces@icann.org</a>
[<a href="mailto:gnso-rds-pdp-wg-bounces@icann.org" eudora="autourl" moz-do-not-send="true">
mailto:gnso-rds-pdp-wg-bounces@icann.org</a>] On
Behalf Of Andrew
Sullivan<br />
</dd>
<dd>Sent: Friday, September 22, 2017 11:09 AM<br />
</dd>
<dd>To:
<a href="mailto:gnso-rds-pdp-wg@icann.org" moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a>
<br />
</dd>
<dd>Subject: Re: [gnso-rds-pdp-wg] ICANN
Meetings/Conversations with Data
Protection and Privacy Commissioners<br />
<br />
</dd>
<dd> <br />
<br />
</dd>
<dd>Hi,<br />
<br />
</dd>
<dd> <br />
<br />
</dd>
<dd>On Fri, Sep 22, 2017 at 02:51:44PM +0000, Vayra,
Fabricio (Perkins
Coie) wrote:<br />
<br />
</dd>
<dd>> <br />
<br />
</dd>
<dd>> I couldn’t agree more with Stephanie and
find it incredible
that ICANN, despite our ongoing efforts and the
plethora of published
community concerns, are continuing with the
approach of rushing to
discussions with Data Protection and Privacy
Commissioners
“half-cocked.” Putting aside the apparent
widely shared view
that this approach is misinformed and dangerous,
it’s simply redundant
of and does not take advantage of our work within
this PDP process
-- one could even say that it runs counter to the
bottom up and community
led initiative on RDS/WHOIS.<br />
<br />
</dd>
<dd>> <br />
<br />
</dd>
<dd> <br />
<br />
</dd>
<dd>I don't understand what the problem is supposed
to be. We are
a<br />
<br />
</dd>
<dd>duly-constituted PDP WG that is following the
standard ICANN
processes<br />
<br />
</dd>
<dd>for developing policy. If other parts of ICANN
want to talk to
data<br />
<br />
</dd>
<dd>protection and privacy commissioners, or
activists in favour
of<br />
<br />
</dd>
<dd>publishing all personal data available in the
universe, or
privacy<br />
<br />
</dd>
<dd>activists who think the DNS should be closed in
favour of
onion<br />
<br />
</dd>
<dd>routing, or the committee of the Present King of
France and the
Easter<br />
<br />
</dd>
<dd>Bunny, why should we care? In the event (for
which I have
diminshing<br />
<br />
</dd>
<dd>hope) that we publish a report that is
actionable by the GNSO,
the<br />
<br />
</dd>
<dd>ordinary ICANN policy mechanisms will grind
forward no matter
what<br />
<br />
</dd>
<dd>meetings people have had.<br />
<br />
</dd>
<dd> <br />
<br />
</dd>
<dd>We can best contribute to that end, in my
opinion, by focussing
on<br />
<br />
</dd>
<dd>getting done the work that we are supposed to be
doing, rather
than<br />
<br />
</dd>
<dd>worrying about all the other things other people
might be
doing. By<br />
<br />
</dd>
<dd>concentrating on this and making some progress,
we might even
reduce<br />
<br />
</dd>
<dd>the temptation of others to second guess this
process. At the
rate we<br />
<br />
</dd>
<dd>are currently moving, we appear to be destined
to deliver
something<br />
<br />
</dd>
<dd>right after heat death of the universe, and I
suggest that that
pace<br />
<br />
</dd>
<dd>is partly because there is no issue on which
people are willing
to<br />
<br />
</dd>
<dd>focus, come to a clear conclusion, and then let
that conclusion
stand.<br />
<br />
</dd>
<dd> <br />
<br />
</dd>
<dd>I therefore urge that we focus on our task and
not make our job
harder<br />
<br />
</dd>
<dd>than it already is by attending to outside
distractions.<br />
<br />
</dd>
<dd> <br />
<br />
</dd>
<dd>Best regards,<br />
<br />
</dd>
<dd> <br />
<br />
</dd>
<dd>A<br />
<br />
</dd>
<dd> <br />
<br />
</dd>
<dd>-- <br />
<br />
</dd>
<dd>Andrew Sullivan<br />
<br />
</dd>
<dd><a href="mailto:ajs@anvilwalrusden.com" moz-do-not-send="true">ajs@anvilwalrusden.com</a><br />
<br />
</dd>
<dd>_______________________________________________<br />
<br />
</dd>
<dd>gnso-rds-pdp-wg mailing list<br />
<br />
</dd>
<dd><a href="mailto:gnso-rds-pdp-wg@icann.org" moz-do-not-send="true">
gnso-rds-pdp-wg@icann.org</a><br />
<br />
</dd>
<dd>
<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_mailman_listinfo_gnso-2Drds-2Dpdp-2Dwg&d=DwIGaQ&c=XRWvQHnpdBDRh-yzrHjqLpXuHNC_9nanQc6pPG_SpT0&r=6lUxzkhJPN5qts-Nve5TYqxoGjP81z1kCvXgsmw-MiQ&m=9eU57wIVscyGuvbIbm2BAi8LELlVrSQBl5k9N2YJxfQ&s=EWf3FrLMoZXzDzHkrW30uyrwfH-GkQk1TGt5Jc2ndKs&e" eudora="autourl" moz-do-not-send="true">
https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_mailman_listinfo_gnso-2Drds-2Dpdp-2Dwg&d=DwIGaQ&c=XRWvQHnpdBDRh-yzrHjqLpXuHNC_9nanQc6pPG_SpT0&r=6lUxzkhJPN5qts-Nve5TYqxoGjP81z1kCvXgsmw-MiQ&m=9eU57wIVscyGuvbIbm2BAi8LELlVrSQBl5k9N2YJxfQ&s=EWf3FrLMoZXzDzHkrW30uyrwfH-GkQk1TGt5Jc2ndKs&e</a>
= <br />
<br />
</dd>
<dd> <br />
<hr />
<div align="center"><br />
</div>
<br />
</dd>
<dd>NOTICE: This communication may contain
privileged or other
confidential information. If you have received it
in error, please advise
the sender by reply email and immediately delete
the message and any
attachments without copying or disclosing the
contents. Thank you.<br />
</dd>
<dd>_______________________________________________<br />
</dd>
<dd>gnso-rds-pdp-wg mailing list<br />
</dd>
<dd><a href="mailto:gnso-rds-pdp-wg@icann.org" moz-do-not-send="true">
gnso-rds-pdp-wg@icann.org</a><br />
</dd>
<dd>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" eudora="autourl" moz-do-not-send="true">
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a></dd>
</blockquote>
<br />
<br />
<br />
</dd>
<dd>
<pre>_______________________________________________
<dd>gnso-rds-pdp-wg mailing list
</dd><dd><a href="mailto:gnso-rds-pdp-wg@icann.org" moz-do-not-send="true">
gnso-rds-pdp-wg@icann.org</a>
</dd><dd>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" eudora="autourl" moz-do-not-send="true">
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a>
</dd></pre>
</dd>
</blockquote>
<br />
<br />
</dd>
<dd>
<pre>--
<dd>Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
</dd><dd>Mit freundlichen Grüßen,
</dd><dd>Volker A. Greimann
</dd><dd>- Rechtsabteilung -
</dd><dd>Key-Systems GmbH
</dd><dd>Im Oberen Werk 1
</dd><dd>66386 St. Ingbert
</dd><dd>Tel.: <a href="tel:+49%206894%209396901" moz-do-not-send="true">+49 (0) 6894 - 9396 901</a>
</dd><dd>Fax.: <a href="tel:+49%206894%209396851" moz-do-not-send="true">+49 (0) 6894 - 9396 851</a>
</dd><dd>Email:
<a href="mailto:vgreimann@key-systems.net" moz-do-not-send="true">vgreimann@key-systems.net</a>
</dd><dd>Web: <a href="http://www.key-systems.net" moz-do-not-send="true">www.key-systems.net</a> /
<a href="http://www.rrpproxy.net/" eudora="autourl" moz-do-not-send="true">www.RRPproxy.net</a>
</dd><dd><a href="http://www.domaindiscount24.com" moz-do-not-send="true">www.domaindiscount24.com</a>
/
<a href="http://www.brandshelter.com/" eudora="autourl" moz-do-not-send="true">
www.BrandShelter.com</a>
</dd><dd>Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
</dd><dd><a href="http://www.facebook.com/KeySystems" moz-do-not-send="true">
www.facebook.com/KeySystems</a>
</dd><dd><a href="http://www.twitter.com/key_systems" eudora="autourl" moz-do-not-send="true">
www.twitter.com/key_systems</a>
</dd><dd>Geschäftsführer: Alexander Siffrin
</dd><dd>Handelsregister Nr.: HR B 18835 - Saarbruecken
</dd><dd>Umsatzsteuer ID.: DE211006534
</dd><dd>Member of the KEYDRIVE GROUP
</dd><dd><a href="http://www.keydrive.lu" moz-do-not-send="true">www.keydrive.lu</a>
</dd><dd>Der Inhalt dieser Nachricht ist vertraulich und nur für den
angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe,
Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist
unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so
bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu
setzen.
</dd><dd>--------------------------------------------
</dd><dd>Should you have any further questions, please do not hesitate to
contact us.
</dd><dd>Best regards,
</dd><dd>Volker A. Greimann
</dd><dd>- legal department -
</dd><dd>Key-Systems GmbH
</dd><dd>Im Oberen Werk 1
</dd><dd>66386 St. Ingbert
</dd><dd>Tel.: <a href="tel:+49%206894%209396901" moz-do-not-send="true">+49 (0) 6894 - 9396 901</a>
</dd><dd>Fax.: <a href="tel:+49%206894%209396851" moz-do-not-send="true">+49 (0) 6894 - 9396 851</a>
</dd><dd>Email:
<a href="mailto:vgreimann@key-systems.net" moz-do-not-send="true">vgreimann@key-systems.net</a>
</dd><dd>Web: <a href="http://www.key-systems.net" moz-do-not-send="true">www.key-systems.net</a> /
<a href="http://www.rrpproxy.net/" eudora="autourl" moz-do-not-send="true">www.RRPproxy.net</a>
</dd><dd><a href="http://www.domaindiscount24.com" moz-do-not-send="true">www.domaindiscount24.com</a>
/
<a href="http://www.brandshelter.com/" eudora="autourl" moz-do-not-send="true">
www.BrandShelter.com</a>
</dd><dd>Follow us on Twitter or join our fan community on Facebook and stay
updated:
</dd><dd><a href="http://www.facebook.com/KeySystems" moz-do-not-send="true">
www.facebook.com/KeySystems</a>
</dd><dd><a href="http://www.twitter.com/key_systems" eudora="autourl" moz-do-not-send="true">
www.twitter.com/key_systems</a>
</dd><dd>CEO: Alexander Siffrin
</dd><dd>Registration No.: HR B 18835 - Saarbruecken
</dd><dd>V.A.T. ID.: DE211006534
</dd><dd>Member of the KEYDRIVE GROUP
</dd><dd><a href="http://www.keydrive.lu" moz-do-not-send="true">www.keydrive.lu</a>
</dd><dd>This e-mail and its attachments is intended only for the person to
whom it is addressed. Furthermore it is not permitted to publish any
content of this email. You must not use, disclose, copy, print or rely on
this e-mail. If an addressing or transmission error has misdirected this
e-mail, kindly notify the author by replying to this e-mail or contacting
us by telephone.
</dd></pre>
<br />
<br />
</dd>
<dd>_______________________________________________
</dd>
<dd>gnso-rds-pdp-wg mailing list<br />
</dd>
<dd><a href="mailto:gnso-rds-pdp-wg@icann.org" moz-do-not-send="true">
gnso-rds-pdp-wg@icann.org</a><br />
</dd>
<dd>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" eudora="autourl" moz-do-not-send="true">
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a><br />
</dd>
</dl>
</blockquote>
<br />
Content-Type: text/plain; charset="us-ascii"<br />
Content-Transfer-Encoding: 7bit<br />
Content-Disposition: inline<br />
X-Microsoft-Exchange-Diagnostics:<br />
<x-tab> </x-tab>
1;DM5PR03MB2714;27:hvd+12IHFEDC5zG2SFGJUI8wzX09iFX8918xshWCQo/rid5WRmWbOSDBecFyjNyKMeBpbcVirQ6f821KkUUeGsZynHEE1O0FFdMERWm0q/Vqwzdu+L9IxmvRP11LCIVh<br />
X-Microsoft-Antispam-Mailbox-Delivery:<br />
<x-tab> </x-tab>
ex:0;auth:0;dest:I;ENG:(400001000128)(400125000095)(20160514016)(750103)(520002050)(400001001223)(400125100095)(61617095)(400001002128)(400125200095);<br />
<br />
_______________________________________________<br />
gnso-rds-pdp-wg mailing list<br />
<a class="moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a><br />
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" eudora="autourl" moz-do-not-send="true">
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a></blockquote>
<br />
<fieldset class="mimeAttachmentHeader"></fieldset>
<br />
<pre wrap="">This body part will be downloaded on demand.</pre>
</blockquote>
<br />
</blockquote></div></body></html>