<html><body><div style="font-family: Arial; font-size: 12pt; color: #000000"><div>Hi Chuck,<br></div><div><br data-mce-bogus="1"></div><div>Barcelona is ICANN 63 in October, in June its ICANN 62 in Panama City : https://www.google.co.uk/search?hl=en&q=icann+meetings+2018&meta=<br data-mce-bogus="1"></div><div><br></div><div><br></div><div data-marker="__SIG_PRE__">Kind regards,<br><br>Chris</div><div><br></div><hr id="zwchr" data-marker="__DIVIDER__"><div data-marker="__HEADERS__"><b>From: </b>"Chuck" <consult@cgomes.com><br><b>To: </b>"Stephanie Perrin" <stephanie.perrin@mail.utoronto.ca>, "gnso-rds-pdp-wg" <gnso-rds-pdp-wg@icann.org><br><b>Sent: </b>Thursday, 15 February, 2018 18:14:24<br><b>Subject: </b>Re: [gnso-rds-pdp-wg] Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc<br></div><div><br></div><div data-marker="__QUOTED_TEXT__"><style><!--
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:"Lucida Grande";
panose-1:0 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:-webkit-standard;
panose-1:0 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"GD Boing \;color\:\#02C54C";
panose-1:0 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"GD Boing \;color\:\#111111";
panose-1:0 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"GD Boing \;color\:black";
panose-1:0 0 0 0 0 0 0 0 0 0;}
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle21
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle22
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><div class="WordSection1"><p class="MsoNormal"><span style="color:windowtext">Because of the long lead time for scheduling workshops, it’s not too early to explore the value of one in Barcelona in June. It would be helpful if we could get to our charter question on Gated Access well before then if possible.</span></p><p class="MsoNormal"><span style="color:windowtext"> </span></p><p class="MsoNormal"><span style="color:windowtext">Chuck</span></p><p class="MsoNormal"><span style="color:windowtext"> </span></p><div><div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal"><b><span style="color:windowtext">From:</span></b><span style="color:windowtext"> gnso-rds-pdp-wg [mailto:gnso-rds-pdp-wg-bounces@icann.org] <b>On Behalf Of </b>Stephanie Perrin<br><b>Sent:</b> Thursday, February 15, 2018 9:45 AM<br><b>To:</b> gnso-rds-pdp-wg@icann.org<br><b>Subject:</b> Re: [gnso-rds-pdp-wg] Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc</span></p></div></div><p class="MsoNormal"> </p><p><span style="font-size:13.5pt;font-family:"Lucida Grande",serif">I agree with Sara wholeheartedly. I would like to propose a workshop at the Barcelona meeting to discuss accreditation requirements for cybersecurity an IP actors who want to retain access to personal data in a tiered access solution. Release of data in such a system will require standards, and I (as mentioned in Abu, on the public panel on GDPR, and in my own comments on the 3 models) I think we should get on with developing those standards, preferably ISO standards with possibility for independent audit.</span></p><p><span style="font-size:13.5pt;font-family:"Lucida Grande",serif">Stephanie Perrin</span></p><div><p class="MsoNormal">On 2018-02-15 11:34, Sara Bockey wrote:</p></div><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><p class="MsoNormal"><span style="font-size:13.5pt;font-family:"-webkit-standard",serif;background:white">Our job is now to cooperate in good faith to build a new universal system that still fits most needs but also takes data protection as its core principle.</span></p><p class="MsoNormal"> </p><p class="MsoNormal">EXACTLY! And what’s lacking from most of our conversations are SOLUTIONS. We understand that many of you have come to rely on various types of data from WHOIS. We get it. We’ve heard you. What we have NOT heard is “we understand the changing landscape, and while we are concerned about losing X data, perhaps if we do Y, we can improve RDS and still have access OR if we do Z, we can _________.” </p><p class="MsoNormal"> </p><p class="MsoNormal">Given the number of really smart people on this list, I am frustrated by the lack of innovative, forward thinking. Change doesn’t have to be scary. Change can be better - an improvement. We need to stop with the myopia. We need to stop looking backward. We need to stop demonizing. If you are not saying something NEW, something to move this PDP <span data-mce-style="text-decoration: underline;" style="text-decoration: underline;">forward</span>, you are part of the problem.</p><p class="MsoNormal"> </p><p class="MsoNormal">Sara </p><p class="MsoNormal"> </p><div><p class="MsoNormal" style="margin-bottom:1.0pt"><b><span style="font-size:9.0pt;font-family:"GD Boing ;color:#02C54C",serif">sara bockey</span></b></p><p class="MsoNormal" style="margin-bottom:1.0pt"><b><span style="font-size:9.0pt;font-family:"GD Boing ;color:#111111",serif">sr. policy manager | </span></b><b><span style="font-size:9.0pt;font-family:"GD Boing ;color:#02C54C",serif">Go</span></b><b><span style="font-size:9.0pt;font-family:"GD Boing ;color:black",serif">Daddy<sup>™</sup></span></b></p><p class="MsoNormal" style="margin-bottom:1.0pt"><b><span style="font-size:9.0pt;font-family:"GD Boing ;color:#111111",serif"><a href="mailto:sbockey@godaddy.com" target="_blank"><span style="color:#954F72">sbockey@godaddy.com</span></a> 480-366-3616</span></b></p><p class="MsoNormal"><b><span style="font-size:9.0pt;font-family:"GD Boing ;color:#111111",serif">skype: sbockey</span></b></p><p class="MsoNormal"><i><span style="font-size:10.0pt;background:white"> </span></i></p><p class="MsoNormal"><i><span style="font-size:10.0pt;background:white">This email message and any attachments hereto is intended for use only by the addressee(s) named herein and may contain confidential information. If you have received this email in error, please immediately notify the sender and permanently delete the original and any copy of this message and its attachments.</span></i></p><p class="MsoNormal"> </p></div><p class="MsoNormal"> </p><div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal"><b><span style="font-size:12.0pt">From: </span></b><span style="font-size:12.0pt">gnso-rds-pdp-wg <a href="mailto:gnso-rds-pdp-wg-bounces@icann.org" target="_blank"><gnso-rds-pdp-wg-bounces@icann.org></a> on behalf of Volker Greimann <a href="mailto:vgreimann@key-systems.net" target="_blank"><vgreimann@key-systems.net></a><br><b>Date: </b>Thursday, February 15, 2018 at 4:30 AM<br><b>To: </b>Greg Shatan <a href="mailto:gregshatanipc@gmail.com" target="_blank"><gregshatanipc@gmail.com></a><br><b>Cc: </b><a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">"gnso-rds-pdp-wg@icann.org"</a> <a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank"><gnso-rds-pdp-wg@icann.org></a><br><b>Subject: </b>Re: [gnso-rds-pdp-wg] Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc</span></p></div><div><p class="MsoNormal"> </p></div><p><a name="_MailOriginalBody">That would be problematic, as you should know, since there is no clear cut line of what would constitute over-enforcement or under-enforcement. Well, the latter will resolve itself due to the incoming DPA actions. </a><br data-mce-bogus="1"></p><p><span style="mso-bookmark:_MailOriginalBody">I also never heard of fees to be paid into a fund by those simply trying to remain compliant with their applicable laws. </span></p><p><span style="mso-bookmark:_MailOriginalBody">Contracted parties have been stating for years, if not over a decade that publication whois details in the current form and shape is problematic from a data protection perspective. We have repeatedly tried to drive home the point that the current system is not sustainable. We were ignored or ridiculed, or asked to get sued to prove our point. Now that we are forced to take action, everybody is protesting as if this were something new. It is not. Now we have to do a short-term fix, that will hurt more than it would have needed to if everyone had cooperated in good faith to reform whois years ago. The status quo will change.</span></p><p><span style="mso-bookmark:_MailOriginalBody">Our job is now to cooperate in good faith to build a new universal system that still fits most needs but also takes data protection as its core principle.</span></p><p><span style="mso-bookmark:_MailOriginalBody">Volker out!</span></p><p><span style="mso-bookmark:_MailOriginalBody"> </span></p><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody">Am 15.02.2018 um 05:14 schrieb Greg Shatan:</span></p></div><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody">In a similar vein, ICANN could establish an “Over-enforce the GDPR Fund,” in which everyone who thinks the GDPR’s data blackout should be extended to the data of non-EU and legal persons would pay in, and it would be used to defray the expenses incurred by those who should have access to information and instead must expend additional time, money and effort, and often incur additional harm, due GDPR over-enforcement.</span></p></div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p><div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody">On Wed, Feb 14, 2018 at 5:03 AM Volker Greimann <</span><a href="mailto:vgreimann@key-systems.net" target="_blank"><span style="mso-bookmark:_MailOriginalBody">vgreimann@key-systems.net</span><span style="mso-bookmark:_MailOriginalBody"></span></a><span style="mso-bookmark:_MailOriginalBody">> wrote:</span></p></div><blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt"><div><p><span style="mso-bookmark:_MailOriginalBody">Maybe you are hitting on something here. </span></p><p><span style="mso-bookmark:_MailOriginalBody">ICANN could just establish a "Leave-Whois-as-it-is" legal defense fund. Everyone who argues that whois should remain as it is has to pay into that fund and everyone who is fined by data protection violations can take the fines and their legal costs out of that fund. Of course, that would necessitate huge investments to set up the fund from mainly volunteer organizations that do not actually have the means to support it.</span></p><p><span style="mso-bookmark:_MailOriginalBody">Best,</span></p><p><span style="mso-bookmark:_MailOriginalBody">Volker</span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody">Am 14.02.2018 um 02:21 schrieb Rubens Kuhl:</span></p></div><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"><br><br><br></span></p><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody">On 13 Feb 2018, at 20:32, John Horton <</span><a href="mailto:john.horton@legitscript.com" target="_blank"><span style="mso-bookmark:_MailOriginalBody">john.horton@legitscript.com</span><span style="mso-bookmark:_MailOriginalBody"></span></a><span style="mso-bookmark:_MailOriginalBody">> wrote:</span></p></div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p><div><div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"><span style="font-family:"Arial",sans-serif;color:#444444">Thanks, Rubens -- I don't agree with that interpretation. (I think you mean the Q&A memo Section 2, right?) See memo </span></span><a href="https://www.icann.org/en/system/files/files/gdpr-memorandum-part2-18dec17-en.pdf" target="_blank"><span style="mso-bookmark:_MailOriginalBody"><span style="font-family:"Arial",sans-serif">here</span></span><span style="mso-bookmark:_MailOriginalBody"></span></a><span style="mso-bookmark:_MailOriginalBody"><span style="font-family:"Arial",sans-serif;color:#444444">. Let me know if you meant the first or a different one. </span></span></p></div></div></div></blockquote></div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody">It's exactly that memo. </span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody">Since you don't agree, does that mean that your organisation is willing to pay every GDPR fine contracted parties get from following your interpretation ? Because if you are unwilling to do that, then your belief in that interpretation is not rock solid.</span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody">What I can tell you is that this risk has been flagged by that paper, by the eco model and by internal analysis of some registries, all independently of each other; which means you will likely see a good number of contracted parties following exactly the path I outlined in order to mitigate this risk. </span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody">If you see things differently, get Europeans DPAs to put that in writing, and we are all good to go. </span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody">Rubens</span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p></div><div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p></div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"><br><br><br></span></p><pre><span style="mso-bookmark:_MailOriginalBody">_______________________________________________</span></pre><pre><span style="mso-bookmark:_MailOriginalBody">gnso-rds-pdp-wg mailing list</span></pre><pre><span style="mso-bookmark:_MailOriginalBody"></span><a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank"><span style="mso-bookmark:_MailOriginalBody">gnso-rds-pdp-wg@icann.org</span><span style="mso-bookmark:_MailOriginalBody"></span></a><span style="mso-bookmark:_MailOriginalBody"></span></pre><pre><span style="mso-bookmark:_MailOriginalBody"></span><a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank"><span style="mso-bookmark:_MailOriginalBody">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</span><span style="mso-bookmark:_MailOriginalBody"></span></a><span style="mso-bookmark:_MailOriginalBody"></span></pre></blockquote><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"> </span></p></div><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody">_______________________________________________<br>gnso-rds-pdp-wg mailing list<br></span><a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank"><span style="mso-bookmark:_MailOriginalBody">gnso-rds-pdp-wg@icann.org</span><span style="mso-bookmark:_MailOriginalBody"></span></a><span style="mso-bookmark:_MailOriginalBody"><br></span><a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank"><span style="mso-bookmark:_MailOriginalBody">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</span><span style="mso-bookmark:_MailOriginalBody"></span></a><span style="mso-bookmark:_MailOriginalBody"></span></p></blockquote></div></div></blockquote><p class="MsoNormal"><span style="mso-bookmark:_MailOriginalBody"><br><br><br></span></p><p class="MsoNormal"><br><br></p><pre>_______________________________________________</pre><pre>gnso-rds-pdp-wg mailing list</pre><pre><a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a><br data-mce-bogus="1"></pre><pre><a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a><br data-mce-bogus="1"></pre></blockquote></div><br>_______________________________________________<br>gnso-rds-pdp-wg mailing list<br>gnso-rds-pdp-wg@icann.org<br>https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg<br></div></div></body></html>