[Accred-Model] Codes of conduct

trachtenbergm at gtlaw.com trachtenbergm at gtlaw.com
Wed Aug 1 20:29:57 UTC 2018 

Brian,

What about Denic’s process which uses a form and requires the requestor to confirm that “The applicant needs the data because the applicant owns an absolute right (for instance to a name or trademark) that the applicant believes may be violated by the domain.”

https://urldefense.proofpoint.com/v2/url?u=https-3A__www.denic.de_en_service_whois-2Dservice_third-2Dparty-2Drequests-2Dfor-2Dholder-2Ddata_&d=DwIGaQ&c=2s2mvbfY0UoSKkl6_Ol9wg&r=r5rx-kI5Cxza1vQgpUa9uXTHEPmarcD6Ch-F3m5O9fQ&m=68O71ceJHcYEYkHViFpknKNhHeL4HtIqtzWo6eBH8kc&s=cNa1UXcTBszJhktvxW7qds2PSv6TC2LSVz2jFUKBLpI&e=

https://urldefense.proofpoint.com/v2/url?u=https-3A__www.denic.de_fileadmin_public_downloads_Domaindatenanfrage_Antrag-5FDomaindaten-5FRechteinhaber-5FEN.pdf&d=DwIGaQ&c=2s2mvbfY0UoSKkl6_Ol9wg&r=r5rx-kI5Cxza1vQgpUa9uXTHEPmarcD6Ch-F3m5O9fQ&m=68O71ceJHcYEYkHViFpknKNhHeL4HtIqtzWo6eBH8kc&s=z38JGtw8FmnXO9dPTwuUoAo7UU8UXiB3HaCOu0JwTRg&e=

Denic is in the EU but has automated this process and is relying on representations of the requestor so seems like others could as well.

Best regards,

Marc H. Trachtenberg
Shareholder
Greenberg Traurig, LLP | 77 West Wacker Drive | Suite 3100 | Chicago, IL 60601
Tel 312.456.1020
Mobile 773.677.3305
trachtenbergm at gtlaw.com<mailto:trachtenbergm at gtlaw.com> | www.gtlaw.com<http://www.gtlaw.com/>

[Greenberg Traurig]


From: Accred-Model [mailto:accred-model-bounces at icann.org] On Behalf Of BECKHAM, Brian
Sent: Friday, July 27, 2018 5:01 AM
To: Rubens Kuhl; accred-model at icann.org; gdpr at icann.org
Subject: Re: [Accred-Model] Codes of conduct

Hi Rubens,

As far as standardized processes go, are you aware of any public examples that folks could look at?

I am aware e.g., of the Nominet Data Release Request<https://urldefense.proofpoint.com/v2/url?u=https-3A__s3-2Deu-2Dwest-2D1.amazonaws.com_nominet-2Dprod_wp-2Dcontent_uploads_2018_05_22101442_Data-2Drequest-2Dform.pdf&d=DwMGaQ&c=2s2mvbfY0UoSKkl6_Ol9wg&r=L7MB7eHT-UoCXD4iA3c7Sm3JrKXt7T1dG3NjBzCxm1c&m=g6FjzWC-u1vOU3pAGTTIGy0H4_5rnp7KImSmbP_ueiE&s=wb_FiM0yr8Xcc1_V8_4s2P_7539Mq0Sp6mmyNpsZ9Ug&e=> which asks requestors to “explain who you are and the reason that you are requesting the non-public data”.

Similarly, the EURid Personal Data Disclosure Form<https://urldefense.proofpoint.com/v2/url?u=https-3A__eurid.eu_d_1236566_request-5Fform-5Fdisclosure-5Fpersonal-5Fdata-5Fen.docx&d=DwMGaQ&c=2s2mvbfY0UoSKkl6_Ol9wg&r=L7MB7eHT-UoCXD4iA3c7Sm3JrKXt7T1dG3NjBzCxm1c&m=g6FjzWC-u1vOU3pAGTTIGy0H4_5rnp7KImSmbP_ueiE&s=tebTCHmvPltfCHPuLljtHblqNv4eQ7UkuoI4lKDMJmk&e=> requires requestors to describe “your legitimate interest regarding the disclosure of personal data; [and] how you intend to use the requested data”.

These examples, as well as v1.7 of the model being discussed on this list, go beyond the “Trust me I'm a lawyer” mischaracterization.

Arguably going significantly beyond what these European ccTLDs require, version 1.7 of the A&A Model (at page 4) states inter alia that requestors should have “a specific and delineated purpose for their access to and use of non-public data” and moreover that they should certify “that access to and use of non-public data is for a legitimate and lawful purpose and limited to the purpose for which it is sought.”

If there are other standardized models you (or others) are aware of, it would be helpful if you could share those to see if a set of best practices/request elements could be pulled together.

Thanks, and best regards,

Brian

From: Accred-Model [mailto:accred-model-bounces at icann.org] On Behalf Of Rubens Kuhl
Sent: Wednesday, July 25, 2018 11:03 PM
To: accred-model at icann.org; gdpr at icann.org
Subject: Re: [Accred-Model] Codes of conduct



On 25 Jul 2018, at 17:50, Cyntia King <cking at modernip.com<mailto:cking at modernip.com>> wrote:

Agreed that the GDPR should empower Data Subjects to have more control over their PII.
However, this isn’t the only consideration:


  1.  The GDPR also states:  “The right to the protection of personal data is not an absolute right; it must be considered in relation to its function in society and be balanced against other fundamental rights, in accordance with the principle of proportionality.”  (Recital 4)
I think Rod’s suggestions are a good faith effort to achieve that proportionality.


  1.  In meetings w/ the European Commission (28-May-18), the commission said they shared the concerns of trademark rights advocates that there be standardized & predictable access to necessary WHOIS information.

I believe the Commission is aware that an ad hoc system of response is not only chaotic, but potentially unsafe.

A consistent & reliable system that balances the privacy rights of certain individuals against the threat of harm to (potentially countless) others, will be a difficult - but not impossible - balancing act.


A system that grants more access than a situation allows under GDPR is also problematic. So when going from ad hoc to standardised, the standard can't have less information than would be required in ad hoc mode, specially information specific to that request, like a power-of-attorney from an specific brand holder. Simply saying "Trust me I'm a lawyer" doesn't cut it.


Rubens



Rubens



[The image of the 2018 GII cover shows crashing waves captured within the outline of a battery cell, representing the raw power of innovation.]<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.wipo.int_gii_-3Futm-5Fsource-3Dwipomail-26utm-5Fmedium-3Dsignature-26utm-5Fcampaign-3Dgii2018&d=DwMGaQ&c=2s2mvbfY0UoSKkl6_Ol9wg&r=L7MB7eHT-UoCXD4iA3c7Sm3JrKXt7T1dG3NjBzCxm1c&m=g6FjzWC-u1vOU3pAGTTIGy0H4_5rnp7KImSmbP_ueiE&s=0gJxK6LCndBqmIZC6lKLzXnrlEKhliyG2NkWFyYA78M&e=>



GLOBAL
INNOVATION
INDEX 2018






Energizing the World with Innovation






Launch July 10

www.wipo.int/gii<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.wipo.int_gii_-3Futm-5Fsource-3Dwipomail-26utm-5Fmedium-3Dsignature-26utm-5Fcampaign-3Dgii2018&d=DwMGaQ&c=2s2mvbfY0UoSKkl6_Ol9wg&r=L7MB7eHT-UoCXD4iA3c7Sm3JrKXt7T1dG3NjBzCxm1c&m=g6FjzWC-u1vOU3pAGTTIGy0H4_5rnp7KImSmbP_ueiE&s=0gJxK6LCndBqmIZC6lKLzXnrlEKhliyG2NkWFyYA78M&e=>

#GII2018





World Intellectual Property Organization Disclaimer: This electronic message may contain privileged, confidential and copyright protected information. If you have received this e-mail by mistake, please immediately notify the sender and delete this e-mail and all its attachments. Please ensure all e-mail attachments are scanned for viruses prior to opening or using.

----------------------------------------------------------------------
If you are not an intended recipient of confidential and privileged information in this email, please delete it, notify us immediately at postmaster at gtlaw.com, and do not use or disseminate such information.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/accred-model/attachments/20180801/1cb36547/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 6399 bytes
Desc: image001.jpg
URL: <http://mm.icann.org/pipermail/accred-model/attachments/20180801/1cb36547/image001-0001.jpg>

More information about the Accred-Model mailing list