[Accred-Model] Version 1.6 of the Accreditation and Access Model

Mark Svancarek marksv at microsoft.com
Tue Jun 19 20:09:15 UTC 2018 

There is no need to change UDRP or URS in pursuit of a foolish consistency.  The penalty imposed within the accreditation and access system should be disaccreditation and loss of access.

________________________________
From: Rubens Kuhl <rubensk at nic.br>
Sent: Tuesday, June 19, 2018 12:54:50 PM
To: Mark Svancarek
Cc: Cyntia King; John R. Levine; accred-model at icann.org
Subject: Re: [Accred-Model] Version 1.6 of the Accreditation and Access Model



Em 19 de jun de 2018, à(s) 16:45:000, Mark Svancarek <marksv at microsoft.com<mailto:marksv at microsoft.com>> escreveu:

I've always assumed that determination of a civil or criminal violation, assignment of a penalty, and enforcement of the penalty were the responsibility of appropriate agencies within the appropriate jurisdictions of EEA, and therefore outside of the scope of ICANN.  The same assumption would apply to any potential future privacy laws created and enforced elsewhere in the world.  The only role I could see for ICANN is possible removal of accreditation according to a TBD process after such a penalty is assigned. (per IV.F)

Mark,

If that was true, then UDRP and URS should also be terminated in favor of executive branch and judiciary proceedings. We are building a system, and that system can have its own penalties for non-compliance.



Rubens






________________________________
From: Accred-Model <accred-model-bounces at icann.org<mailto:accred-model-bounces at icann.org>> on behalf of Cyntia King <cking at modernip.com<mailto:cking at modernip.com>>
Sent: Tuesday, June 19, 2018 11:26:57 AM
To: 'Rubens Kuhl'
Cc: 'John R. Levine'; accred-model at icann.org<mailto:accred-model at icann.org>
Subject: Re: [Accred-Model] Version 1.6 of the Accreditation and Access Model

This would be an enforcement nightmare.



Multiple enforcement mechanisms for ICANN Whois accreditation policy including govt agencies - potentially many govts around the world.

  *   Could we implement standardized penalties?  Or would it vary govt-to-govt?
  *   Would there also be private, for-profit enforcement entities?
  *   Would each entity be able to charge whatever they want?
  *   What would happen if a govt wasn’t following the rules themselves - would they have provider contracts w/ ICANN?



Unfortunately, this proposition sounds like an unmanageable, expensive & fragmented mess to me.





Cyntia King
O:  +1 816.633.7647
C:  +1 818.209.6088
<image001.jpg>



From: Rubens Kuhl <rubensk at nic.br<mailto:rubensk at nic.br>>
Sent: Tuesday, June 19, 2018 1:03 PM
To: Cyntia King <cking at modernip.com<mailto:cking at modernip.com>>
Cc: John R. Levine <johnl at iecc.com<mailto:johnl at iecc.com>>; accred-model at icann.org<mailto:accred-model at icann.org>
Subject: Re: [Accred-Model] Version 1.6 of the Accreditation and Access Model



Cyntia,



Just to be clear, the initial suggestion by Michael Palage incorporated in itself a mechanism, instead of relying on Privacy Shield. Perhaps Privacy Shield certification could be use to achieve some of its requirements in order to save for organizations already subscribed for it, instead of being the only option.







Rubens




Em 19 de jun de 2018, à(s) 14:58:000, Cyntia King <cking at modernip.com<mailto:cking at modernip.com>> escreveu:



Easy for whom?
I'm a small business owner & this is daunting, to say the least.
And there are multiple fees involved.



Are we suggesting that this should be ICANN’s enforcement mechanism for accessing Whois data?  This would be on top of the accreditation & fees we’re already discussing, right?



What about ‘foreign’ companies - are we asking non-US companies to self-certify w/ the Us govt?



I don’t see how this solves much of anything, but it would certainly make accreditation more difficult & expensive.





Cyntia King
O:  +1 816.633.7647
C:  +1 818.209.6088
<image001.jpg>



-----Original Message-----
From: Accred-Model <accred-model-bounces at icann.org<mailto:accred-model-bounces at icann.org>> On Behalf Of Rubens Kuhl
Sent: Tuesday, June 19, 2018 12:48 PM
To: John R. Levine <johnl at iecc.com<mailto:johnl at iecc.com>>
Cc: accred-model at icann.org<mailto:accred-model at icann.org>
Subject: Re: [Accred-Model] Version 1.6 of the Accreditation and Access Model







> Em 19 de jun de 2018, à(s) 14:32:000, John R. Levine <johnl at iecc.com<mailto:johnl at iecc.com>> escreveu:
>
>> It's great when there is actually an easy solution.  At least for the many US companies, law firms, cybersecurity firms, and others (and this a huge part of the group seeking access), they should "self-certify" to the EU-US Privacy Shield, via procedures set up by the US Department of Commerce and Federal Trade Commission.
>
> Well, at least until the EU courts kill privacy shield like they did Safe Harbor.
>
> Banks and non-profits such as CAUCE are not eligible for Privacy Shield (they're not regulated by the FTC or DOT.)  For small organizations the PS rules are extremely conplex and there's a mandatory annual payment to cover potential arbitration costs.
>
> Can we back up and explain what problem this overcomplex "solution" is supposed to be solving here?





Having redress mechanisms for data subjects that have their data privacy rights violated. With great power, there must also come great responsibility.







Rubens

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/accred-model/attachments/20180619/602572cd/attachment.html>

More information about the Accred-Model mailing list