<div dir="ltr"><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:large">+1</div><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:large"><br></div><div class="gmail_default" style="font-family:comic sans ms,sans-serif;font-size:large">-Carlton</div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><br>==============================<br><i><font face="comic sans ms, sans-serif">Carlton A Samuels</font></i><br><font face="comic sans ms, sans-serif"><i>Mobile: 876-818-1799<br><font color="#33CC00">Strategy, Planning, Governance, Assessment & Turnaround</font></i></font><br>=============================</div></div></div></div>
<br><div class="gmail_quote">On Thu, Feb 15, 2018 at 12:44 PM, Stephanie Perrin <span dir="ltr"><<a href="mailto:stephanie.perrin@mail.utoronto.ca" target="_blank">stephanie.perrin@mail.utoronto.ca</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<p><font size="+1"><font face="Lucida Grande">I agree with Sara
wholeheartedly. I would like to propose a workshop at the
Barcelona meeting to discuss accreditation requirements for
cybersecurity an IP actors who want to retain access to
personal data in a tiered access solution. Release of data in
such a system will require standards, and I (as mentioned in
Abu, on the public panel on GDPR, and in my own comments on
the 3 models) I think we should get on with developing those
standards, preferably ISO standards with possibility for
independent audit.</font></font></p><span class="HOEnZb"><font color="#888888">
<p><font size="+1"><font face="Lucida Grande">Stephanie Perrin</font></font><br>
</p></font></span><div><div class="h5">
<div class="m_6282662276421591414moz-cite-prefix">On 2018-02-15 11:34, Sara Bockey wrote:<br>
</div>
<blockquote type="cite">
<div class="m_6282662276421591414WordSection1">
<p class="MsoNormal"><span style="font-size:13.5pt;font-family:"-webkit-standard",serif;color:black;background:white">Our
job is now to cooperate in good faith to build a new
universal system that still fits most needs but also takes
data protection as its core principle.</span><u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">EXACTLY! And what’s lacking from most of
our conversations are SOLUTIONS. We understand that many of
you have come to rely on various types of data from WHOIS. We
get it. We’ve heard you. What we have NOT heard is “we
understand the changing landscape, and while we are concerned
about losing X data, perhaps if we do Y, we can improve RDS
and still have access OR if we do Z, we can _________.”
<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Given the number of really smart people on
this list, I am frustrated by the lack of innovative, forward
thinking. Change doesn’t have to be scary. Change can be
better - an improvement. We need to stop with the myopia. We
need to stop looking backward. We need to stop demonizing.
If you are not saying something NEW, something to move this
PDP
<u>forward</u>, you are part of the problem.<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Sara <u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal" style="margin-bottom:1.0pt"><b><span>sara bockey</span></b><span style="font-size:12.0pt;color:black"><u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:1.0pt"><b><span>sr. policy manager | </span></b><b><span>Go</span></b><b><span>Daddy<sup>™</sup></span></b><span style="font-size:12.0pt;color:black"><u></u><u></u></span></p>
<p class="MsoNormal" style="margin-bottom:1.0pt"><b><span><a href="mailto:sbockey@godaddy.com" target="_blank"><span style="color:#954f72">sbockey@godaddy.com</span></a>
<a href="tel:(480)%20366-3616" value="+14803663616" target="_blank">480-366-3616</a></span></b><span style="font-size:12.0pt;color:black"><u></u><u></u></span></p>
<p class="MsoNormal"><b><span>skype: sbockey</span></b><span style="font-size:12.0pt;color:black"><u></u><u></u></span></p>
<p class="MsoNormal"><i><span style="font-size:10.0pt;color:black;background:white"><u></u> <u></u></span></i></p>
<p class="MsoNormal"><i><span style="font-size:10.0pt;color:black;background:white">This
email message and any attachments hereto is intended for
use only by the addressee(s) named herein and may
contain confidential information. If you have received
this email in error, please immediately notify
the sender and permanently delete the original and any
copy of this message and its attachments.</span></i><span style="font-size:12.0pt;color:black"><u></u><u></u></span></p>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
<div style="border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:12.0pt;color:black">From: </span></b><span style="font-size:12.0pt;color:black">gnso-rds-pdp-wg
<a class="m_6282662276421591414moz-txt-link-rfc2396E" href="mailto:gnso-rds-pdp-wg-bounces@icann.org" target="_blank"><gnso-rds-pdp-wg-bounces@<wbr>icann.org></a> on behalf of
Volker Greimann <a class="m_6282662276421591414moz-txt-link-rfc2396E" href="mailto:vgreimann@key-systems.net" target="_blank"><vgreimann@key-systems.net></a><br>
<b>Date: </b>Thursday, February 15, 2018 at 4:30 AM<br>
<b>To: </b>Greg Shatan <a class="m_6282662276421591414moz-txt-link-rfc2396E" href="mailto:gregshatanipc@gmail.com" target="_blank"><gregshatanipc@gmail.com></a><br>
<b>Cc: </b><a class="m_6282662276421591414moz-txt-link-rfc2396E" href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">"gnso-rds-pdp-wg@icann.org"</a>
<a class="m_6282662276421591414moz-txt-link-rfc2396E" href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank"><gnso-rds-pdp-wg@icann.org></a><br>
<b>Subject: </b>Re: [gnso-rds-pdp-wg] Equifax hack worse
than previously thought: Biz kissed goodbye to card expiry
dates, tax IDs etc<u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<p><a name="m_6282662276421591414__MailOriginalBody">That would
be problematic, as you should know, since there is no clear
cut line of what would constitute over-enforcement or
under-enforcement. Well, the latter will resolve itself due
to the incoming DPA actions. <u></u><u></u></a></p>
<p><span>I also never
heard of fees to be paid into a fund by those simply trying
to remain compliant with their applicable laws.
<u></u><u></u></span></p>
<p><span>Contracted
parties have been stating for years, if not over a decade
that publication whois details in the current form and shape
is problematic from a data protection perspective. We have
repeatedly tried to drive home the point that the current
system is not sustainable. We were ignored or ridiculed, or
asked to get sued to prove our point. Now that we are forced
to take action, everybody is protesting as if this were
something new. It is not. Now we have to do a short-term
fix, that will hurt more than it would have needed to if
everyone had cooperated in good faith to reform whois years
ago. The status quo will change.<u></u><u></u></span></p>
<p><span>Our job is now
to cooperate in good faith to build a new universal system
that still fits most needs but also takes data protection as
its core principle.<u></u><u></u></span></p>
<p><span>Volker out!<u></u><u></u></span></p>
<p><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<div>
<p class="MsoNormal"><span>Am 15.02.2018 um
05:14 schrieb Greg Shatan:<u></u><u></u></span></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal"><span>In a similar
vein, ICANN could establish an “Over-enforce the GDPR
Fund,” in which everyone who thinks the GDPR’s data
blackout should be extended to the data of non-EU and
legal persons would pay in, and it would be used to
defray the expenses incurred by those who should have
access to information and instead must expend
additional time, money and effort, and often incur
additional harm, due GDPR over-enforcement.<u></u><u></u></span></p>
</div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<div>
<div>
<p class="MsoNormal"><span>On Wed, Feb
14, 2018 at 5:03 AM Volker Greimann <</span><a href="mailto:vgreimann@key-systems.net" target="_blank"><span>vgreimann@key-systems.net</span><span></span></a><span>> wrote:<u></u><u></u></span></p>
</div>
<blockquote style="border:none;border-left:solid #cccccc 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-right:0in">
<div>
<p><span>Maybe
you are hitting on something here.
<u></u><u></u></span></p>
<p><span>ICANN
could just establish a "Leave-Whois-as-it-is"
legal defense fund. Everyone who argues that whois
should remain as it is has to pay into that fund
and everyone who is fined by data protection
violations can take the fines and their legal
costs out of that fund. Of course, that would
necessitate huge investments to set up the fund
from mainly volunteer organizations that do not
actually have the means to support it.<u></u><u></u></span></p>
<p><span>Best,<u></u><u></u></span></p>
<p><span>Volker<u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<div>
<p class="MsoNormal"><span>Am
14.02.2018 um 02:21 schrieb Rubens Kuhl:<u></u><u></u></span></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<div>
<p class="MsoNormal"><span><br>
<br>
<u></u><u></u></span></p>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal"><span>On
13 Feb 2018, at 20:32, John Horton <</span><a href="mailto:john.horton@legitscript.com" target="_blank"><span>john.horton@legitscript.com</span><span></span></a><span>>
wrote:<u></u><u></u></span></p>
</div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<div>
<div>
<div>
<p class="MsoNormal"><span><span style="font-family:"Arial",sans-serif;color:#444444">Thanks,
Rubens -- I don't agree with that
interpretation. (I think you mean
the Q&A memo Section 2, right?)
See memo
</span></span><a href="https://www.icann.org/en/system/files/files/gdpr-memorandum-part2-18dec17-en.pdf" target="_blank"><span><span style="font-family:"Arial",sans-serif">here</span></span><span></span></a><span><span style="font-family:"Arial",sans-serif;color:#444444">. Let me
know if you meant the first or a
different one. <u></u><u></u></span></span></p>
</div>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span>It's
exactly that memo. <u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span>Since
you don't agree, does that mean that your
organisation is willing to pay every GDPR fine
contracted parties get from following your
interpretation ? Because if you are unwilling
to do that, then your belief in that
interpretation is not rock solid.<u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span>What I
can tell you is that this risk has been
flagged by that paper, by the eco model and by
internal analysis of some registries, all
independently of each other; which means you
will likely see a good number of contracted
parties following exactly the path I outlined
in order to mitigate this risk. <u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span>If you
see things differently, get Europeans DPAs to
put that in writing, and we are all good to
go. <u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span>Rubens<u></u><u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
</div>
<div>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
</div>
<p class="MsoNormal"><span><br>
<br>
<u></u><u></u></span></p>
<pre><span>______________________________<wbr>_________________<u></u><u></u></span></pre>
<pre><span>gnso-rds-pdp-wg mailing list<u></u><u></u></span></pre>
<pre><span></span><a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank"><span>gnso-rds-pdp-wg@icann.org</span><span></span></a><span><u></u><u></u></span></pre>
<pre><span></span><a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank"><span>https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</span><span></span></a><span><u></u><u></u></span></pre>
</blockquote>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
</div>
<p class="MsoNormal"><span>______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
</span><a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank"><span>gnso-rds-pdp-wg@icann.org</span><span></span></a><span><br>
</span><a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank"><span>https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</span><span></span></a><span><u></u><u></u></span></p>
</blockquote>
</div>
</div>
</blockquote>
<p class="MsoNormal"><span><br>
<br>
</span><u></u><u></u></p>
</div>
<br>
<fieldset class="m_6282662276421591414mimeAttachmentHeader"></fieldset>
<pre class="m_6282662276421591414moz-quote-pre">______________________________<wbr>_________________
gnso-rds-pdp-wg mailing list
<a class="m_6282662276421591414moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a>
<a class="m_6282662276421591414moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a></pre>
</blockquote>
</div></div></div>
<br>______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a><br></blockquote></div><br></div>