<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:"Lucida Grande";}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
span.apple-style-span
{mso-style-name:apple-style-span;}
span.apple-converted-space
{mso-style-name:apple-converted-space;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1841508800;
mso-list-template-ids:-1678622342;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body bgcolor="white" lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:windowtext">As I understand the legitimate interests prong, there is a balancing test that need to be performed to weigh the privacy interests of the individual registrant vs. the legitimate interests of the person/entity
wanting to access use/that information. Given that, I think it is incorrect to say point blank that individual registrant data that qualifies as personal information can’t be used for cybercrime investigation by non-law enforcement personnel. I understand
that protections may need to be implemented to address the balance, and I hope we can get to that discussion sooner rather than later.<o:p></o:p></span></p>
<p class="MsoNormal"><a name="_MailEndCompose"><span style="color:windowtext"><o:p> </o:p></span></a></p>
<span style="mso-bookmark:_MailEndCompose"></span>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="color:windowtext">From:</span></b><span style="color:windowtext"> gnso-rds-pdp-wg-bounces@icann.org [mailto:gnso-rds-pdp-wg-bounces@icann.org]
<b>On Behalf Of </b>Stephanie Perrin<br>
<b>Sent:</b> Thursday, October 19, 2017 12:15 PM<br>
<b>To:</b> gnso-rds-pdp-wg@icann.org<br>
<b>Subject:</b> Re: [gnso-rds-pdp-wg] Reputation systems are not just nice to have (was Re: What we want redux)<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p><span style="font-size:13.5pt;font-family:"Lucida Grande",serif">I apologize for being so late in catching up with all this email, but I did want to support what Maxim has said here, it is certainly my reading of the GDPR, the Directive on Policing, and
what Buttarelli said in Copenhagen. And to reiterate that those of us who say you cannot do something (eg. collect this data, display this data, retain this data) for the purposes of policing cybercrime are in no way dismissing the importance of policing
cybercrime. </span><o:p></o:p></p>
<p><span style="font-size:13.5pt;font-family:"Lucida Grande",serif">Stephanie</span><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">On 2017-10-04 10:06, Maxim Alzoba wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal">Hello Chuck, <o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Reading the memo I came to the conclusion that all cyber investigating companies, which do not have accreditation of sorts of at least one EU country <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">are pure third parties and police exemptions from personal data legislation will not work for them.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">(it was page 9)<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Following this logic, they play no special role according to GDPR and thus I am not sure we can make it a primary purpose (or at least I am not sure it will be accepted by EU DPAs).<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">P.s: I do understand importance of anti-abuse cyber investigations, but not sure how to fit their special role into purposes, compliant with GDPR.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">And which might be worse, local Law Enforcement do not fit either (if they are not from EU or there is no special treaty between EU and that country). <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<p class="MsoNormal"><span style="font-family:"Helvetica",sans-serif">Sincerely Yours,<br>
<br>
Maxim Alzoba<br>
Special projects manager,<br>
International Relations Department,<br>
FAITID<br>
<br>
m. +7 916 6761580(+whatsapp)<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Helvetica",sans-serif">skype oldfrogger<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Helvetica",sans-serif"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Helvetica",sans-serif">Current UTC offset: +3.00 (.Moscow)<o:p></o:p></span></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal">On Oct 4, 2017, at 16:08, Chuck <<a href="mailto:consult@cgomes.com">consult@cgomes.com</a>> wrote:<o:p></o:p></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal">Note that the WG has already reached rough consensus that anti-abuse is a legitimate purpose for at least the minimum public data set. (WG Agreement 11: “<span style="font-size:13.0pt;font-family:"Arial",sans-serif">Criminal Investigation
& DNS Abuse Mitigation is a legitimate purpose for “Minimum Public Data Set” collection.</span>”<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Chuck<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><b>From:</b><span class="apple-converted-space"> </span><a href="mailto:gnso-rds-pdp-wg-bounces@icann.org"><span style="color:purple">gnso-rds-pdp-wg-bounces@icann.org</span></a><span class="apple-converted-space"> </span>[<a href="mailto:gnso-rds-pdp-wg-bounces@icann.org"><span style="color:purple">mailto:gnso-rds-pdp-wg-bounces@icann.org</span></a>]<span class="apple-converted-space"> </span><b>On
Behalf Of<span class="apple-converted-space"> </span></b>allison nixon<br>
<b>Sent:</b><span class="apple-converted-space"> </span>Tuesday, October 03, 2017 2:57 PM<br>
<b>To:</b><span class="apple-converted-space"> </span>Jeremy Malcolm <<a href="mailto:jmalcolm@eff.org"><span style="color:purple">jmalcolm@eff.org</span></a>><br>
<b>Cc:</b><span class="apple-converted-space"> </span><a href="mailto:gnso-rds-pdp-wg@icann.org"><span style="color:purple">gnso-rds-pdp-wg@icann.org</span></a><span class="apple-converted-space"> </span>>><span class="apple-converted-space"> </span><a href="mailto:gnso-rds-pdp-wg@icann.org"><span style="color:purple">gnso-rds-pdp-wg@icann.org</span></a><span class="apple-converted-space"> </span><<a href="mailto:gnso-rds-pdp-wg@icann.org"><span style="color:purple">gnso-rds-pdp-wg@icann.org</span></a>><br>
<b>Subject:</b><span class="apple-converted-space"> </span>Re: [gnso-rds-pdp-wg] Reputation systems are not just nice to have (was Re: What we want redux)<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal">Thank you for the clarification. I still disagree with it but it makes more sense. <o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal">I would like to highlight the ICANN webpage on WHOIS:<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"><a href="https://whois.icann.org/en/what-whois-data-used"><span style="color:purple">https://whois.icann.org/en/what-whois-data-used</span></a><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<blockquote style="margin-left:30.0pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<div>
<div>
<p class="MsoNormal">What is WHOIS data used for?<o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<div>
<p class="MsoNormal">WHOIS is indispensable to the smooth operation of the DNS and is used for many legitimate purposes, including:<o:p></o:p></p>
</div>
</div>
</div>
</blockquote>
<div>
<div>
<ul style="margin-top:0in" type="disc">
<ul style="margin-top:0in" type="circle">
<li class="MsoNormal" style="margin-left:0in;mso-list:l0 level2 lfo1">To contact network administrators for resolution of technical matters related to networks associated with a domain name (e.g., DNS or routing matter, origin and path analysis of DoS and other
network-based attacks).<o:p></o:p></li><li class="MsoNormal" style="margin-left:0in;mso-list:l0 level2 lfo1">To obtain the real world identity, business location and contact information of an online merchant or business, or generally, any organization that has an online presence.<o:p></o:p></li><li class="MsoNormal" style="margin-left:0in;mso-list:l0 level2 lfo1">To establish or look into an identity in cyberspace, and as part of an incident response following an Internet or computer attack. (Security professionals and law enforcement agents use WHOIS
to identify points of contact for a domain name.)<o:p></o:p></li><li class="MsoNormal" style="margin-left:0in;mso-list:l0 level2 lfo1">To gather investigative leads (i.e., to identify parties from whom additional information might be obtained). Law enforcement agents use WHOIS to find email addresses and attempt to identify
the location of an alleged perpetrator of a crime involving fraud.<o:p></o:p></li><li class="MsoNormal" style="margin-left:0in;mso-list:l0 level2 lfo1">To investigate spam, law enforcement agents look to the WHOIS database to collect information on the website advertised in the spam.<o:p></o:p></li></ul>
</ul>
</div>
</div>
<div>
<div>
<p class="MsoNormal">Those and others are currently listed on ICANN's website as uses for WHOIS data. To reject anti-abuse as a purpose would be to shift away from the currently accepted purposes of WHOIS. <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal">On Tue, Oct 3, 2017 at 5:41 PM, Jeremy Malcolm <<a href="mailto:jmalcolm@eff.org" target="_blank"><span style="color:purple">jmalcolm@eff.org</span></a>> wrote:<o:p></o:p></p>
</div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<p class="MsoNormal">On 3/10/17 2:31 pm, John Bambenek via gnso-rds-pdp-wg wrote:<br>
><br>
> To confirm and clarify your meaning... you don't think there should be<br>
> a WHOIS/RDS and the only means to contact a domain owner should be on<br>
> their website. Is that correct?<br>
><br>
<br>
No, we are fine with registrants making some information available<br>
through WHOIS/RDS subject to data protection law (eg. informed consent,<br>
etc). But we don't think that a starting point for the design of the<br>
RDS has to take the requirements of anti-abuse specialists or reputation<br>
systems as an essential element.<o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
--<br>
Jeremy Malcolm<br>
Senior Global Policy Analyst<br>
Electronic Frontier Foundation<br>
<a href="https://eff.org/" target="_blank"><span style="color:purple">https://eff.org</span></a><br>
<a href="mailto:jmalcolm@eff.org"><span style="color:purple">jmalcolm@eff.org</span></a><br>
<br>
Tel:<span class="apple-converted-space"> </span><a href="tel:415.436.9333%20ext%20161"><span style="color:purple">415.436.9333 ext 161</span></a><br>
<br>
:: Defending Your Rights in the Digital World ::<br>
<br>
Public key:<span class="apple-converted-space"> </span><a href="https://www.eff.org/files/2016/11/27/key_jmalcolm.txt" target="_blank"><span style="color:purple">https://www.eff.org/files/2016/11/27/key_jmalcolm.txt</span></a><br>
PGP fingerprint: 75D2 4C0D 35EA EA2F 8CA8 8F79 4911 EC4A EDDF 1122<br>
<br>
<br>
<br>
<br>
<o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal"><br>
_______________________________________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org"><span style="color:purple">gnso-rds-pdp-wg@icann.org</span></a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank"><span style="color:purple">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</span></a><o:p></o:p></p>
</div>
</blockquote>
</div>
<div>
<p class="MsoNormal"><br>
<br clear="all">
<o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal">--<span class="apple-converted-space"> </span><o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal">_________________________________<br>
Note to self: Pillage BEFORE burning.<o:p></o:p></p>
</div>
</div>
</div>
<p class="MsoNormal"><span style="font-size:9.0pt;font-family:"Helvetica",sans-serif">_______________________________________________<br>
gnso-rds-pdp-wg mailing list<br>
</span><a href="mailto:gnso-rds-pdp-wg@icann.org"><span style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:purple">gnso-rds-pdp-wg@icann.org</span></a><span style="font-size:9.0pt;font-family:"Helvetica",sans-serif"><br>
</span><a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg"><span style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:purple">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</span></a><o:p></o:p></p>
</div>
</blockquote>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p class="MsoNormal"><br>
<br>
<br>
<o:p></o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>gnso-rds-pdp-wg mailing list<o:p></o:p></pre>
<pre><a href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a><o:p></o:p></pre>
<pre><a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>