[RDS-WHOIS2-RT] Privacy issue

Erika Mann erika at erikamann.com
Tue Aug 15 17:29:17 UTC 2017 

Good point Alan!
Indeed the GDPR will have been implemented in all European Member States by
then. And we will know by then as well if the first evaluation (starting
September 18, 2017) of the Privacy Shield agreement (exchange of personal
data from the EU to the US) between the European Union and the US will be
successful. The GDPR and the Privacy Shield agreement are relevant for all
companies that deal with personal data from the EU.


On Tue, Aug 15, 2017 at 5:31 PM, Alan Greenberg <alan.greenberg at mcgill.ca>
wrote:

> Thanks Erika,
>
> On reading your note, I realized that there is an implication that I
> missed. As I mentioned, by the time we issue our report, the GDPR deadline
> will likely have passed. But that means we will know to a large extent if
> ICANN has been successful in addressing the issue or not, and out of that
> there may well come some recommendations.
>
> Alan
>
>
> At 15/08/2017 10:41 AM, Erika Mann wrote:
>
>> Alan -
>>
>> I agree with your approach.
>>
>> Few things to consider in addition to what you recommend. GDPR is such
>> a drastic law with immense extra territorial law implications that we
>> might not be able to avoid it completely because of the way ICANN
>> responded to it and the implication it may have on ICANN and its
>> ecosystem.. I would agree with you that we should develop
>> recommendations that are high level and should work in all (most)
>> legal environments.
>>
>> Nonetheless I wouldn't rule out to touch, when appropriate, on the way
>> the GDRP was handled to allow future processes to evolve. There will
>> always be a new GDRP-alike legislation showing up on the horizon. And,
>> a proper response to such a future challenge should become ingrained
>> in ICANN's DNR.
>>
>> Thanks,
>> Erika
>>
>>
>>
>> Sent from my iPhone
>>
>> > On Aug 15, 2017, at 7:12 AM, Alan Greenberg <alan.greenberg at mcgill.ca>
>> wrote:
>> >
>> > At our meeting two weeks ago, we discussed privacy and the place it
>> holds in our review process. I have thought about it a lot since then, and
>> would like to summarize my feelings.
>> >
>> > It is clear in my mind that:
>> >
>> > - the current WHOIS implementation ignores privacy issues, and this has
>> been a known issue for a long time;
>> > - for whatever reasons, ICANN has chosen to largely ignore the issue,
>> even though it has become of increasing importance to many parties and in
>> multiple jurisdictions;
>> > - the GDPR deadline has raised the importance and priority of the issue;
>> > - ICANN is working on a GDPR response, and while opinions differ on
>> whether their plans are reasonable or appropriate, the deadline of 25 May
>> 2018 will almost surely have passed by the time we deliver our final report;
>> > - as important as GDPR (and its penalties for non-compliance) are it is
>> not the only privacy issue that ICANN is facing or will face and we need to
>> address the generic issue in any recommendations we make; and finally
>> > - our recommendations need to be high level and not attempt to provide
>> detailed policy or implementation which is the domain of the GNSO PDP and
>> its follow-on activities.
>> >
>> > Although this message is being sent on my own behalf as a RT Member, it
>> has been reviewed by both Vice-Chairs and they are in general agreement.
>> >
>> > I welcome thoughts on this.
>> >
>> > Alan
>> >
>> > _______________________________________________
>> > RDS-WHOIS2-RT mailing list
>> > RDS-WHOIS2-RT at icann.org
>> > https://mm.icann.org/mailman/listinfo/rds-whois2-rt
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/rds-whois2-rt/attachments/20170815/f2393fbb/attachment-0001.html>

More information about the RDS-WHOIS2-RT mailing list