<div dir="ltr">Thanks for this reply too. It's educational.<div><br></div><div>While I have no involvement with the ICANN community before this group, and I know the WHOIS topic has always been this way, what you describe on the community's lack of response does sound like a kind of paralysis brought on due to lack of structure. Doesn't ICANN have a CEO and board who ultimately set forth the structure? What are they spending their time doing while all parties involved are fighting for their own survival?</div><div><br></div><div>Secondly, from all i have read about the data protection authorities, and what they want, it certainly does look like clearly outlining the existing legitimate use cases might help with the compliance issues. From all the reading I've done, it almost looks like the data protection authorities think registrars publish all this data for no reason at all. The GDPR laws require legitimate purposes to publish data, and plenty of evidence of these purposes have been put forth here, but have clearly not made it to any of the discussions that actually matter.</div><div><br></div><div>The community can debate on whether or not (for example) 3rd party due diligence is important, but it's not a matter of debate that 3rd party due diligence exists and is conducted by law firms, security companies, etc. It's simply a statement of fact. Why is none of this brought up in the discussions that matter?</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Dec 8, 2017 at 3:16 PM, theo geurts <span dir="ltr"><<a href="mailto:gtheo@xs4all.nl" target="_blank">gtheo@xs4all.nl</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<p>Good questions Allison, let me answer them from my perspective in
no logical order :) <br>
<br>
4 I cannot comment on the Enom/Tucows solution, but the contracted
parties are going above and beyond to get compliant here. And
believe me, we are not doing this to tick people off, let alone do
this for fun. <br>
<br>
We are trying to SURVIVE. <br>
<br>
I can comment on the fact that contracted parties have been very
engaged to get to a solution here with ICANN at an early stage,
but let me come back to that while I address 1 and 2. <br>
<br>
1 & 2<br>
People are under the impression that ICANN has failed. But ICANN
is US, US being the ICANN COMMUNITY. I doubt to have to explain
that the community has been divided since forever over this. This
RDS WG is the prime example here on how divided this community is.
<br>
ICANN ORG cannot move on without community support. So if we want
solutions here, we need to work together here or you get ugly
solutions like privacy services being used to stay compliant.<br>
<br>
3 This assumes ICANN had a mandate from the community to object,
but the community decided to ignore while it should have engaged.
<br>
As we can read from the WP29 letter, they reached out since 2003
and never gotten a response back from this community. I am amazed
they still hold the door open for this community who treated the
EU DPA's like DIRT. Well not all of the community of course...
some people within this community been warning us for years. <br>
</p>
<p>Thanks, <br>
<br>
Theo <br>
</p><div><div class="h5">
<br>
<div class="m_-1851004939460312160moz-cite-prefix">On 8-12-2017 20:33, allison nixon
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Thank you, this is very helpful</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Fri, Dec 8, 2017 at 2:09 PM, John
Horton <span dir="ltr"><<a href="mailto:john.horton@legitscript.com" target="_blank">john.horton@legitscript.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div class="gmail_default" style="font-family:arial,helvetica,sans-serif;color:#444444">While
I obviously can't answer most of that, and while I
obviously don't speak for Tucows/eNom, this <a href="https://www.enom.com/blog/wp-content/uploads/2017/11/whois_changes_overview_enom.pdf" target="_blank">PDF</a> might
help answer a bit on your fourth question. This <a href="https://www.enom.com/blog/will-gdpr-impact-whois/" target="_blank">blog</a> covers
that as well. </div>
</div>
<div class="gmail_extra"><br clear="all">
<div>
<div class="m_-1851004939460312160m_2300234402724738762gmail_signature" data-smartmail="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr"><font face="arial, helvetica,
sans-serif" color="#073763">John
Horton<br>
President and CEO,
LegitScript</font>
<div><img height="36" width="96"><br>
<div>
<p style="margin:0.0px 0.0px 0.0px 0.0px;font:12.0px Helvetica"><br>
</p>
<p style="margin:0px;font-style:normal;font-variant:normal;font-size:12px;line-height:normal;font-family:Helvetica"><b><font color="#444444">Follow</font><font color="#0b5394"> </font><font color="#000000">Legit</font><font color="#0b5394">Script</font></b>: <a href="http://www.linkedin.com/company/legitscript-com" style="color:rgb(17,85,204)" target="_blank"><font color="#cc0000">LinkedIn</font></a>
| <a href="https://www.facebook.com/LegitScript" style="color:rgb(17,85,204)" target="_blank"><font color="#6aa84f">Facebook</font></a>
| <a href="https://twitter.com/legitscript" style="color:rgb(17,85,204)" target="_blank"><font color="#674ea7">Twitter</font></a>
| <font color="#ff9900"><u><a href="http://blog.legitscript.com/" style="color:rgb(17,85,204)" target="_blank">Blog</a></u></font> |<font color="#ff9900"> <a href="http://go.legitscript.com/Subscription-Management.html" style="color:rgb(17,85,204)" target="_blank"><font color="#ff9900">Newsletter</font></a></font><br>
</p>
<p style="margin:0px;font-style:normal;font-variant:normal;font-size:12px;line-height:normal;font-family:Helvetica"><font color="#ff9900"><br>
</font></p>
<p style="text-align:left;margin:0px;font-style:normal;font-variant:normal;font-size:12px;line-height:normal;font-family:Helvetica"><font color="#ff9900"><img height="96" width="46"><img height="96" width="47"><br>
</font></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div>
<div class="m_-1851004939460312160h5">
<br>
<div class="gmail_quote">On Fri, Dec 8, 2017 at 11:04
AM, allison nixon <span dir="ltr"><<a href="mailto:elsakoo@gmail.com" target="_blank">elsakoo@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Chuck, a few questions:
<div><br>
</div>
<div>This letter was sent from the EU data
protection authorities to ICANN just
yesterday:</div>
<div><a href="https://www.internetnews.me/2017/12/07/european-data-protection-authorities-send-clear-message-icann/" target="_blank">https://www.internetnews.me/20<wbr>17/12/07/european-data-protect<wbr>ion-authorities-send-clear-mes<wbr>sage-icann/</a><br>
</div>
<div><br>
</div>
<div>It's clear that ICANN's stance on the
GDPR/WHOIS issue has so far been to ignore it,
despite mounting criticism and concern from
all involved parties.</div>
<div><br>
</div>
<div>I also want to highlight in particular that
the EU data protection authorities' letter
appears to be completely unaware of the
legitimate needs served by non-law enforcement
3rd parties that are impacted by the use of
the registered domain. For that matter, there
is no language at all that directly addresses
the rights of outsiders who are not part of
the commercial transaction yet are impacted by
a domain via spam, hacking, etc.</div>
<div><br>
</div>
<div>1. Why is ICANN continuing to be inactive
on this issue?</div>
<div>2. Why has ICANN failed to highlight the
legitimate purposes that unlimited publication
of WHOIS data serves?</div>
<div>3. Why has ICANN failed to protest the fact
that the EU authorities are on the verge of
issuing a blanket ruling, backed by harsh
penalties and fines, that will degrade the
reliability, safety, and usability of the
DNS? </div>
<div>4. Where are the actual large registrars in
this debate? Most of the registrars in this
working group are small outfits in terms of
market share. What does Godaddy, eNom, Tucows,
et all think about this or plan to do about
it? Do they plan to make any statements?</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">
<div>
<div class="m_-1851004939460312160m_2300234402724738762h5">On Fri,
Dec 8, 2017 at 11:40 AM, Chuck <span dir="ltr"><<a href="mailto:consult@cgomes.com" target="_blank">consult@cgomes.com</a>></span>
wrote:<br>
</div>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>
<div class="m_-1851004939460312160m_2300234402724738762h5">
<div link="#0563C1" vlink="#954F72" lang="EN-US">
<div class="m_-1851004939460312160m_2300234402724738762m_1220201988817204707m_7738072955957999601WordSection1">
<p class="MsoNormal">With this
message I am going to start a new
thread. To set the stage let me
say that I have read every message
on our WG list over the last 24
hours other than any that may have
been sent while I am writing this.
In doing that I have concluded
that we need to step back and
adjust our focus on the bigger
picture.</p>
<p class="MsoNormal">First let me
say that we are not dealing with a
choice of Whois as we know it
today versus no Whois at all, so
let’s discard that dichotomous
choice. Second, we have
sufficient evidence to say that
there are regulations in some
jurisdictions that forbid the
public display of personal
information belonging to natural
persons the way it happens with
currently implemented Whois policy
and contractual requirements.
Third, all of us as law-abiding
citizens, whether individuals or
organizations, must obey
applicable laws. Fourth, there
are many uses of RDS data that
provide essential benefits to the
Internet community so we as a WG
need to figure out ways to obey
laws and still achieve the
benefits of RDS data access.</p>
<p class="MsoNormal">I think it is
critical that we recognize that
the laws that are mandating change
to Whois policy and contractual
requirements only impact a subset
of any RDS system that is
developed. We are not talking
about all RDS users in all
geographical jurisdictions nor are
we talking about all RDS data
elements. In the case of the GDPR
we are talking about personal
information about natural persons
who reside in Europe. I
acknowledge that other
jurisdictions have similar legal
restrictions, but I think that the
GDRP provides a good starting
point. That means that the
problem we must solve primarily
involves a subset of all RDS users
and global jurisdictions.</p>
<p class="MsoNormal">Fortunately, we
now have a protocol that allows us
to customize any modification to
the existing Whois system or
development of a new RDS to
accommodate the varying legal
requirements by jurisdiction.
That will not be a trivial
exercise, but it is doable.</p>
<p class="MsoNormal">With all that
said, let’s remember that we have
a large subset of RDS data and RDS
users that are not impacted by the
various data privacy and data
protection regulations around the
world. That doesn’t make our job
any easier in dealing with the
data elements and users who are
impacted by such regulations but
let’s at least recognize that the
problems we must solve do not
involve the whole system. I
believe we still have the
possibility of recommending fairly
open access for large numbers of
users and data elements; I am not
saying whether we should do that
or not, but I strongly believe
that it will help us to realize
that we are not confronting an all
or nothing situation.</p>
<p class="MsoNormal">Finally, let me
finish by saying that none of what
I said makes our job easy. It
will be hard. But I ask every WG
member to commit to constructive
collaboration with one other to
achieve what no other Whois group
has ever done. Let’s disagree
respectfully, avoid personal
criticism, listen carefully to one
another and explore creative ways
to find solutions to the
challenges in front of us.</p>
<p class="MsoNormal">Thanks for
being a part of this WG. Thanks
for your patience and diligence in
sticking with us.<span class="m_-1851004939460312160m_2300234402724738762m_1220201988817204707HOEnZb"></span></p>
<span class="m_-1851004939460312160m_2300234402724738762m_1220201988817204707HOEnZb"><font color="#888888">
<p class="MsoNormal">Chuck </p>
<p class="MsoNormal"> </p>
</font></span></div>
</div>
<br>
</div>
</div>
______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/l<wbr>istinfo/gnso-rds-pdp-wg</a><span class="m_-1851004939460312160m_2300234402724738762HOEnZb"><font color="#888888"><br>
</font></span></blockquote>
</div>
<span class="m_-1851004939460312160m_2300234402724738762HOEnZb"><font color="#888888"><br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="m_-1851004939460312160m_2300234402724738762m_1220201988817204707gmail_signature" data-smartmail="gmail_signature">______________________________<wbr>___<br>
Note to self: Pillage BEFORE burning.</div>
</font></span></div>
<br>
______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/l<wbr>istinfo/gnso-rds-pdp-wg</a><br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="m_-1851004939460312160gmail_signature" data-smartmail="gmail_signature">______________________________<wbr>___<br>
Note to self: Pillage BEFORE burning.</div>
</div>
<br>
<fieldset class="m_-1851004939460312160mimeAttachmentHeader"></fieldset>
<br>
<pre>______________________________<wbr>_________________
gnso-rds-pdp-wg mailing list
<a class="m_-1851004939460312160moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a>
<a class="m_-1851004939460312160moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a></pre>
</blockquote>
<br>
</div></div></div>
</blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature">_________________________________<br>Note to self: Pillage BEFORE burning.</div>
</div>