<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>I imagine you would. Anyone who needs big data for their job
does. And that is not necessarily a bad thing as big data can be
used for wonderful things. <br>
</p>
<p>Unless it conflicts with the personal rights of those you are
collecting data on. Because they also do not like their data being
available for anyone to see, forever.<br>
</p>
<p>Volker<br>
</p>
<br>
<div class="moz-cite-prefix">Am 15.02.2018 um 16:47 schrieb Paul
Keating:<br>
</div>
<blockquote type="cite" cite="mid:D6AB69CA.C07F0%25Paul@law.es">
<div>Paraphrasing a person I know.</div>
<div><br>
</div>
<div>The more data input the better as long as it is carefully
considered.</div>
<div><br>
</div>
<div>I do NOT like the idea of relying on ICANN to receive input
provided via their interacting with a third party. I would
prefer to obtain the unfiltered data.</div>
<div><br>
</div>
<div>Paul</div>
<div><br>
</div>
<span id="OLK_SRC_BODY_SECTION">
<div style="font-family:Calibri; font-size:11pt;
text-align:left; color:black; BORDER-BOTTOM: medium none;
BORDER-LEFT: medium none; PADDING-BOTTOM: 0in; PADDING-LEFT:
0in; PADDING-RIGHT: 0in; BORDER-TOP: #b5c4df 1pt solid;
BORDER-RIGHT: medium none; PADDING-TOP: 3pt"><span
style="font-weight:bold">From: </span> Chuck <<a
href="mailto:consult@cgomes.com" moz-do-not-send="true">consult@cgomes.com</a>>
on behalf of Chuck <<a href="mailto:consult@cgomes.com"
moz-do-not-send="true">consult@cgomes.com</a>><br>
<span style="font-weight:bold">Date: </span> Thursday,
February 15, 2018 at 3:56 PM<br>
<span style="font-weight:bold">To: </span> Paul Keating <<a
href="mailto:paul@law.es" moz-do-not-send="true">paul@law.es</a>>,
'Volker Greimann' <<a
href="mailto:vgreimann@key-systems.net"
moz-do-not-send="true">vgreimann@key-systems.net</a>>,
<<a href="mailto:gnso-rds-pdp-wg@icann.org"
moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a>><br>
<span style="font-weight:bold">Subject: </span> RE:
[gnso-rds-pdp-wg] Using the GDPR as a basis for RDS Policy is
backwards<br>
</div>
<div><br>
</div>
<blockquote id="MAC_OUTLOOK_ATTRIBUTION_BLOCKQUOTE"
style="BORDER-LEFT: #b5c4df 5 solid; PADDING:0 0 0 5; MARGIN:0
0 0 5;">
<div xmlns:v="urn:schemas-microsoft-com:vml"
xmlns:o="urn:schemas-microsoft-com:office:office"
xmlns:w="urn:schemas-microsoft-com:office:word"
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml"
xmlns="http://www.w3.org/TR/REC-html40">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;
color:black;}
span.hoenzb
{mso-style-name:hoenzb;}
span.EmailStyle21
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div link="blue" vlink="purple" lang="EN-US">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:windowtext">Apparently,
ICANN org has been interacting with DPAs regarding a
possible interim solution, so maybe we will get some
helpful input from those efforts. Note Stephanie’s
suggestion that we could submit questions to the DP
experts that participated in our public meeting last
year.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">Chuck<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="color:windowtext">From:</span></b><span
style="color:windowtext"> Paul Keating [<a
href="mailto:Paul@law.es"
moz-do-not-send="true">mailto:Paul@law.es</a>]
<br>
<b>Sent:</b> Thursday, February 15, 2018 6:10 AM<br>
<b>To:</b> Chuck <<a
href="mailto:consult@cgomes.com"
moz-do-not-send="true">consult@cgomes.com</a>>;
'Volker Greimann' <<a
href="mailto:vgreimann@key-systems.net"
moz-do-not-send="true">vgreimann@key-systems.net</a>>;
<a href="mailto:gnso-rds-pdp-wg@icann.org"
moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a><br>
<b>Subject:</b> Re: [gnso-rds-pdp-wg] Using the
GDPR as a basis for RDS Policy is backwards<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal"><span style="font-size:10.5pt">Chuck,<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.5pt"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.5pt">That
said I really do like the idea of having
interaction and participation by the DPAs and even
someone from Article 29 or other GDPR official
groups. Otherwise we continue to work in a
vacuum.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.5pt"><o:p> </o:p></span></p>
</div>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From: </b>gnso-rds-pdp-wg
<<a
href="mailto:gnso-rds-pdp-wg-bounces@icann.org"
moz-do-not-send="true">gnso-rds-pdp-wg-bounces@icann.org</a>>
on behalf of Chuck <<a
href="mailto:consult@cgomes.com"
moz-do-not-send="true">consult@cgomes.com</a>><br>
<b>Date: </b>Thursday, February 15, 2018 at 2:57 PM<br>
<b>To: </b>'Volker Greimann' <<a
href="mailto:vgreimann@key-systems.net"
moz-do-not-send="true">vgreimann@key-systems.net</a>>,
<<a href="mailto:gnso-rds-pdp-wg@icann.org"
moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a>><br>
<b>Subject: </b>Re: [gnso-rds-pdp-wg] Using the
GDPR as a basis for RDS Policy is backwards<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.5pt"><o:p> </o:p></span></p>
</div>
<blockquote style="border:none;border-left:solid #B5C4DF
4.5pt;padding:0in 0in 0in
4.0pt;margin-left:3.75pt;margin-right:0in"
id="MAC_OUTLOOK_ATTRIBUTION_BLOCKQUOTE">
<div>
<div>
<p class="MsoNormal"><span
style="color:windowtext">I’d like to think
that the ICANN community effort going on
outside this WG will take note of the
cybersecurity concerns that Allison raises as
they try to finalize an interim solution to
deal with the GDPR in the near term. Note
this quote from Goren’s latest blog that ICANN
org is trying to find a balanced approach: “</span><span
style="font-size:12.0pt;font-family:"Helvetica",sans-serif;color:#333333;background:white">This
single, common interim model that is informed
by input from across the </span>ICANN<span
style="font-size:12.0pt;font-family:"Helvetica",sans-serif;color:#333333;background:white"> community
would seek to obtain compliance with both the
GDPR and </span>ICANN<span
style="font-size:12.0pt;font-family:"Helvetica",sans-serif;color:#333333;background:white">'s
contractual requirements related to
registration directory services.</span><span
style="color:windowtext">” Here’s the blog: <a
href="https://www.icann.org/news/blog/data-protection-privacy-update-latest-developments"
moz-do-not-send="true">https://www.icann.org/news/blog/data-protection-privacy-update-latest-developments</a>
</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="color:windowtext"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="color:windowtext">Chuck</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="color:windowtext"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="color:windowtext">From:</span></b><span
style="color:windowtext"> gnso-rds-pdp-wg
[<a
href="mailto:gnso-rds-pdp-wg-bounces@icann.org"
moz-do-not-send="true">mailto:gnso-rds-pdp-wg-bounces@icann.org</a>]
<b>On Behalf Of </b>Volker Greimann<br>
<b>Sent:</b> Thursday, February 15, 2018
1:02 AM<br>
<b>To:</b> <a
href="mailto:gnso-rds-pdp-wg@icann.org"
moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a><br>
<b>Subject:</b> Re: [gnso-rds-pdp-wg]
Using the GDPR as a basis for RDS Policy
is backwards</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<p><span style="font-size:10.5pt;color:black">DPAs
are law enforcement and will enforce the law
of the land. They do not have the option to
pick and choose after May 25.<o:p></o:p></span></p>
<p><span style="font-size:10.5pt;color:black">Maybe
it is time for you and your colleagues to
start looking at other sources of information
to ensure you can continue operation
efficiently once your currently chosen method
becomes illegal. Remember, you are a data
processor too and what you do with that data
could very well paint a target on your backs
that DPS may have to deal with.<o:p></o:p></span></p>
<p><span style="font-size:10.5pt;color:black">Best,<o:p></o:p></span></p>
<p><span style="font-size:10.5pt;color:black">Volker<o:p></o:p></span></p>
<p><span style="font-size:10.5pt;color:black"> <o:p></o:p></span></p>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<p class="MsoNormal">Am 15.02.2018 um 02:36
schrieb allison nixon:<o:p></o:p></p>
</div>
<blockquote
style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal">Hi everyone, <o:p></o:p></p>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">I have already begun to
hear unrest from my colleagues who work in
infosec and network operations about the
degradation of WHOIS, as registrars have
already begun to act on their own,
stripping everything and blocking bulk
queriers on domains frequently used for
attacks. Every day of additional
uncertainty equals an additional day of
victimization. <o:p></o:p></p>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Why has no one
approached the DPAs with the evidence of
security purposes for WHOIS? How much
network degradation will we tolerate
before someone bothers to give them a
little hint? How many more judgments
from the DPAs are we going to read that
display clear ignorance of all
legitimate cybersecurity purposes? Did
no one see this coming?<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Since we are talking
about cost benefit analysis, here is a
quick one I just did that I would like
to share with the group. I did a quick
look for the value of the domain
registration industry as a whole. Seems
to be ~$4 billion. The losses incurred
by the WanaCry malware are estimated to
be at ~$8 billion. A single security
incident destroying value equal to
double your entire industry. <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">In May 2017, the FBI
stated that over three years the
"business email compromise" scams have
topped ~$5 billion in losses, which
would be slightly more than one
domain-industry unit of value, and WHOIS
is crucial to fighting it.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">source: <a
href="https://www.reuters.com/article/us-cyber-lloyds-report/global-cyber-attack-could-spur-53-billion-in-losses-lloyds-of-london-idUSKBN1A20AB"
moz-do-not-send="true">https://www.reuters.com/article/us-cyber-lloyds-report/global-cyber-attack-could-spur-53-billion-in-losses-lloyds-of-london-idUSKBN1A20AB</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">source: <a
href="https://cira.ca/factbook/domain-industry-data-and-canadian-Internet-trends/domain-name-industry"
moz-do-not-send="true">https://cira.ca/factbook/domain-industry-data-and-canadian-Internet-trends/domain-name-industry</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">source: <a
href="https://www.csoonline.com/article/3195010/security/bec-attacks-have-hit-thousands-top-5-billion-in-losses-globally.html"
moz-do-not-send="true">https://www.csoonline.com/article/3195010/security/bec-attacks-have-hit-thousands-top-5-billion-in-losses-globally.html</a><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Remember, the whole
point of GDPR is to force companies to
act with more social responsibility. <o:p></o:p></p>
</div>
</div>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<p class="MsoNormal">On Wed, Feb 14, 2018 at
6:08 PM, Rubens Kuhl <<a
href="mailto:rubensk@nic.br"
target="_blank" moz-do-not-send="true">rubensk@nic.br</a>>
wrote:<o:p></o:p></p>
<blockquote
style="border:none;border-left:solid
#CCCCCC 1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<p class="MsoNormal"><br>
<br>
<br>
<o:p></o:p></p>
<blockquote
style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal">On 14 Feb
2018, at 20:49, John Horton <<a
href="mailto:john.horton@legitscript.com" target="_blank"
moz-do-not-send="true">john.horton@legitscript.com</a>>
wrote:<o:p></o:p></p>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<div>
<div>
<p class="MsoNormal"><span
style="font-family:"Arial",sans-serif;color:#444444">Hmm,
well, perhaps it's because
I work for a company that
processes quite a bit of
data with a combination of
algorithms and some human
review, but I feel pretty
confident that there are
ways to simplify that with
magic algorithms and
forms. </span><o:p></o:p></p>
</div>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Magic algorithms
are fine in pattern detection
because there is always a human
review at some point or the cost of
error is low, like in raising an
abuse case that contains wording
like supposedly", "allegedly" etc.
In this case, every false negative
comes with a tremendous liability. <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Also, if
machine-learning technology and deep
pockets for lawsuits become a
requirement for being a registrar,
you can count on the number of
registrars dropping to single
digits. <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span
style="color:#888888"> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span
style="color:#888888"> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span
style="color:#888888"> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span
style="color:#888888">Rubens</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span
style="color:#888888"> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span
style="color:#888888"> </span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><br>
_______________________________________________<br>
gnso-rds-pdp-wg mailing list<br>
<a
href="mailto:gnso-rds-pdp-wg@icann.org"
moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a><br>
<a
href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg"
target="_blank" moz-do-not-send="true">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a><o:p></o:p></p>
</blockquote>
</div>
<p class="MsoNormal"><br>
<br clear="all">
<o:p></o:p></p>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<p class="MsoNormal">-- <o:p></o:p></p>
<div>
<p class="MsoNormal">_________________________________<br>
Note to self: Pillage BEFORE burning.<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><br>
<br>
<br>
<br>
<o:p></o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>gnso-rds-pdp-wg mailing list<o:p></o:p></pre>
<pre><a href="mailto:gnso-rds-pdp-wg@icann.org" moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a><o:p></o:p></pre>
<pre><a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" moz-do-not-send="true">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><span style="font-size:10.5pt">_______________________________________________
gnso-rds-pdp-wg mailing list <a
href="mailto:gnso-rds-pdp-wg@icann.org"
moz-do-not-send="true">gnso-rds-pdp-wg@icann.org</a>
<a
href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg"
moz-do-not-send="true">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a><o:p></o:p></span></p>
</blockquote>
</div>
</div>
</div>
</blockquote>
</span>
</blockquote>
<br>
</body>
</html>