<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto">I would argue that their views are uninformed on other points of view or other changes that could be made that would satisfy their objectives which is similar but has important differences. So I disagree we are at the point we are violating EU law. <div><br></div><div>EU DPAs may never change their mind. I’ll just get US law changed so that US entities offering domains have to list ownership information which means most if not all of the gTLDs I care about if not ICANN also. We aren’t there yet because the DPAs are only starting to hear from us. Until now these discussions were populated by ICANN and registrars/registries who want whois to go away anyway. </div><div><br></div><div>This solitary focus on EU law presupposes that people believe that of the laws of the ~200 countries in the world, it is EU law that should be the controlling force of internet governance. Is that what you are saying?<br><br><div id="AppleMailSignature">--<div>John Bambenek</div></div><div><br>On Oct 22, 2017, at 01:13, David Cake <<a href="mailto:dave@davecake.net">dave@davecake.net</a>> wrote:<br><br></div><blockquote type="cite"><div><meta http-equiv="Content-Type" content="text/html charset=utf-8">John, if that is you acknowledging that the current advice from DPAs (and legal advice) does not concur with the position the abuse and security community (or at least, the part of it that you represent) that is at least a step forward. <div class=""><br class=""></div><div class="">You may be significantly more optimistic about the chances of the DPAs changing their position in response to hearing your concerns than others are. If you could, perhaps, set out some future circumstances under which you might might acknowledge that this effort had failed and we could proceed to move discussion forward under the basis of current EU law rather than a possible future in which you are able to change it to suit your preferences, that would be helpful. </div><div class=""><br class=""></div><div class="">Davud</div><div class=""><br class=""><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On 21 Oct 2017, at 8:41 am, John Bambenek via gnso-rds-pdp-wg <<a href="mailto:gnso-rds-pdp-wg@icann.org" class="">gnso-rds-pdp-wg@icann.org</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><meta http-equiv="content-type" content="text/html; charset=utf-8" class=""><div dir="auto" class="">Not the last few items discussed, no. That said I have been traveling from the past few weeks and need to read them side by side for a definitive synthesis. That aside, my primary concern is that said officials are not hearing enough from the anti-abuse and security community on these tools to have a more fully informed discussion. We are working to rectify that. <br class=""><br class=""><div class="">Sent from my iPad</div><div class=""><br class="">On Oct 21, 2017, at 2:35 AM, Ayden Férdeline <<a href="mailto:icann@ferdeline.com" class="">icann@ferdeline.com</a>> wrote:<br class=""><br class=""></div><blockquote type="cite" class=""><div class=""><div class="">My apologies, John. It was not clear to me that you had read the memo. I am glad to hear that you have. Particularly in relation to consent, I thought the advice that the memo contained (along with the Hamilton memo) was consistent with the advice that we received from the European Data Protection Commissioners earlier this year. Would you agree?<br class=""></div><div class=""><br class=""></div><div class="">—Ayden<br class=""></div><div class="protonmail_signature_block"><div class="protonmail_signature_block-proton protonmail_signature_block-empty"><br class=""></div></div><div class=""><br class=""></div><blockquote class="protonmail_quote" type="cite"><div class="">-------- Original Message --------<br class=""></div><div class="">Subject: Re: [gnso-rds-pdp-wg] another document that might be of interest<br class=""></div><div class="">Local Time: 21 October 2017 1:27 AM<br class=""></div><div class="">UTC Time: 21 October 2017 00:27<br class=""></div><div class="">From: <a href="mailto:jcb@bambenekconsulting.com" class="">jcb@bambenekconsulting.com</a><br class=""></div><div class="">To: Ayden Férdeline <<a href="mailto:icann@ferdeline.com" class="">icann@ferdeline.com</a>><br class=""></div><div class="">Victoria Sheckler <<a href="mailto:vsheckler@riaa.com" class="">vsheckler@riaa.com</a>>, GNSO RDS PDP <<a href="mailto:gnso-rds-pdp-wg@icann.org" class="">gnso-rds-pdp-wg@icann.org</a>><br class=""></div><div class=""><br class=""></div><div class="">Yes, I believe I pointed out on this very list that among other things, the notion the EU law should reign supreme globally even when it conflicts with local laws as patently offensive, among other things. <br class=""></div><div class=""><br class=""></div><div class="">Is there a particular outcome that you are trying to achieve by insinuating that I am ignorant and not reading the mounds of paperwork generated by this group? I mean besides the continual, consistent, and vigorous disrespect shown to those who work in anti-abuse or security?<br class=""></div><div class=""><br class=""></div><div class="">And if you’d like an analysis of the legal memo it is this: it is always better to take the word of the regulators over merely that of some lawfirm. Which is what I thought we were actually talking about in the first place. <br class=""></div><div class=""><br class=""></div><div class=""><div class=""><br class=""></div><div class=""><div class=""><br class=""></div><div class=""><div class="">--<br class=""></div><div class="">John Bambenek<br class=""></div></div><div class=""><div class=""><br class=""></div><div class="">On Oct 20, 2017, at 19:10, Ayden Férdeline <<a href="mailto:icann@ferdeline.com" class="">icann@ferdeline.com</a>> wrote:<br class=""></div></div><blockquote type="cite" class=""><div class=""><div class=""><div class="">John,<br class=""></div><div class=""><br class=""></div><div class="">Have you read the legal memo that we received from Wilson Sonsini Goodrich & Rosati? <br class=""></div><div class=""><br class=""></div><div class="">It states on page 14, "asking for consent would not be simple, would not solve all data protection issues, and would pose a number of organizational challenges."<br class=""></div></div><div class=""><br class=""></div><div class="">The rationale behind this statement is contained within the memo.<br class=""></div><div class=""><br class=""></div><div class="">—Ayden<br class=""></div><div class="protonmail_signature_block"><div class="protonmail_signature_block-proton protonmail_signature_block-empty"><br class=""></div></div><div class=""><br class=""></div><blockquote type="cite" class="protonmail_quote"><div class="">-------- Original Message --------<br class=""></div><div class="">Subject: Re: [gnso-rds-pdp-wg] another document that might be of interest<br class=""></div><div class="">Local Time: 21 October 2017 1:06 AM<br class=""></div><div class="">UTC Time: 21 October 2017 00:06<br class=""></div><div class="">From: <a href="mailto:jcb@bambenekconsulting.com" class="">jcb@bambenekconsulting.com</a><br class=""></div><div class="">To: Ayden Férdeline <<a href="mailto:icann@ferdeline.com" class="">icann@ferdeline.com</a>><br class=""></div><div class="">Victoria Sheckler <<a href="mailto:vsheckler@riaa.com" class="">vsheckler@riaa.com</a>>, GNSO RDS PDP <<a href="mailto:gnso-rds-pdp-wg@icann.org" class="">gnso-rds-pdp-wg@icann.org</a>><br class=""></div><div class=""><br class=""></div><div class="">So, in short, if we create a consent system, we are fine. <br class=""></div><div class=""><br class=""></div><div class=""><div class="">Am I missing something?<br class=""></div><div class=""><br class=""></div><div class=""><div class="">--<br class=""></div><div class="">John Bambenek<br class=""></div></div><div class=""><div class=""><br class=""></div><div class="">On Oct 20, 2017, at 17:31, Ayden Férdeline <<a href="mailto:icann@ferdeline.com" class="">icann@ferdeline.com</a>> wrote:<br class=""></div></div><blockquote type="cite" class=""><div class=""><div class="">I would like to flag two extracts from this Regulation that may be relevant to our work:<br class=""></div><ul class=""><li class="">"The Registry should also comply with the relevant data protection rules, principles, guidelines and best practices, notably concerning the amount and type of data displayed in the WHOIS database." (page 3)<br class=""></li><li class="">"The WHOIS database shall contain information about the holder of a domain name that is relevant and not excessive in relation to the purpose of the database. In as far as the information is not strictly necessary in relation to the purpose of the database, and <b class="">if the domain name holder is a natural person, the information that is to be made publicly available shall be subject to the unambiguous consent of the domain name holder</b>." (page 10 - emphasis added)<br class=""></li></ul><div class="">Thank you, <br class=""></div><div class=""><br class=""></div><div class="">Ayden Férdeline<br class=""></div><div class=""><br class=""></div><div class="protonmail_signature_block"><div class="protonmail_signature_block-proton protonmail_signature_block-empty"><br class=""></div></div><div class=""><br class=""></div><blockquote class="protonmail_quote" type="cite"><div class="">-------- Original Message --------<br class=""></div><div class="">Subject: [gnso-rds-pdp-wg] another document that might be of interest<br class=""></div><div class="">Local Time: 20 October 2017 10:47 PM<br class=""></div><div class="">UTC Time: 20 October 2017 21:47<br class=""></div><div class="">From: <a href="mailto:vsheckler@riaa.com" class="">vsheckler@riaa.com</a><br class=""></div><div class="">To: GNSO RDS PDP <<a href="mailto:gnso-rds-pdp-wg@icann.org" class="">gnso-rds-pdp-wg@icann.org</a>><br class=""></div><div class=""><br class=""></div><div class=""><br class=""></div><div class="WordSection1"><p class="MsoNormal">I think we missed this document when we were reviewing documents for this WG back in the day, and thought some of you might find it of interest given our current discussions on GDPR<br class=""></p><p class="MsoNormal"> <br class=""></p><p class="MsoNormal">COMMISSION REGULATION (EC) No 874/2004 of 28 April 2004 laying down public policy rules concerning the implementation and functions of the .eu Top Level Domain and the principles governing registration, available at <a href="http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CONSLEG:2004R0874:20051011:EN:PDF" class=""> http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CONSLEG:2004R0874:20051011:EN:PDF</a><br class=""></p></div></blockquote><div class=""><br class=""></div></div></blockquote><blockquote type="cite" class=""><div class=""><div class=""><span class="">_______________________________________________</span><br class=""></div><div class=""><span class="">gnso-rds-pdp-wg mailing list</span><br class=""></div><div class=""><span class=""><a href="mailto:gnso-rds-pdp-wg@icann.org" class="">gnso-rds-pdp-wg@icann.org</a></span><br class=""></div><div class=""><span class=""><a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" class="">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a></span><br class=""></div></div></blockquote></div></blockquote><div class=""><br class=""></div></div></blockquote></div></div></blockquote><div class=""><br class=""></div></div></blockquote></div>_______________________________________________<br class="">gnso-rds-pdp-wg mailing list<br class=""><a href="mailto:gnso-rds-pdp-wg@icann.org" class="">gnso-rds-pdp-wg@icann.org</a><br class=""><a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a></div></blockquote></div><br class=""></div></div></div></blockquote></div></body></html>