[Accred-Model] Version 1.6 of the Accreditation and Access Model
Kathy Kleiman
kathy at kathykleiman.com
Tue Jun 19 16:12:35 UTC 2018
Hi John,
It's great when there is actually an easy solution. At least for the
many US companies, law firms, cybersecurity firms, and others (and this
a huge part of the group seeking access), they should "self-certify" to
the EU-US Privacy Shield, via procedures set up by the US Department of
Commerce and Federal Trade Commission.
This process assures that there is an avenue for no-cost complaints by
European citizens who feel their GDPR rights have been violated, and
action by the FTC should a company have falsely certified their
compliance and not be handling European data properly.
It's all there -- www.privacyshield.gov!
Best, Kathy
On 6/19/2018 12:00 PM, John R. Levine wrote:
>> My primary substantive concern is that this document solely focuses on
>> Penalties in the context of a User's 'future" blocked or restricted
>> access
>> (throttled). There is NO mechanism to compensate the Data Subject whose
>> rights have been violated. That just seems fundamentally flawed to me.
>
> Um, unless things have changed since the last time I looked there are
> no Network Police to collect damages, nor Network Courts to asssess
> them. This would be completely unworkable, beyond the obvious fact
> that nobody in their right minds would sign up for a scheme in which a
> mistake could cost arbitrarily large amounts of money.
>
> Regards,
> John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for
> Dummies",
> Please consider the environment before reading this e-mail. https://jl.ly
> _______________________________________________
> Accred-Model mailing list
> Accred-Model at icann.org
> https://mm.icann.org/mailman/listinfo/accred-model
More information about the Accred-Model
mailing list