[CPWG] [registration-issues-wg] [GTLD-WG] ALAC Statement regarding EPDP
Alan Greenberg
alan.greenberg at mcgill.ca
Thu Aug 2 23:10:19 UTC 2018
Holly, the original statement ends with "All
within the constraints of GDPR of course."
I don't know how to make that clearer. We would
be absolutely FOOLISH to argue for anything else,
since it will not be implementable.
That being said, if through the EPDP or otherwise
we can help make the legal argument for why good
access for the folks we list at the end is within GDPR, more power to us.
GDPR (and eventually similar
legislation/regulation elsewhere) is the overall
constraint. It is equivalent to the laws of
physics which for the moment we need to consider inviolate.
So my statement that "other issues trump privacy"
is within that context. But just as
proportionality governs what GDPR will decree as
private in any given case, so it will govern what
is not private. It all depends on making the
legal argument and ultimately in needed
convincing the courts. They are the arbiters, not me or anyone else in ICANN.
In the US, there is the constitutional right to
freedom of speech, but it is not unconstrained
and there are limits to what you are allowed and
not allowed to say. And from time to time, the
courts and legislatures weigh in and decide where the line is.
Alan
At 02/08/2018 06:42 PM, Holly Raiche wrote:
>Hi Alan
>
>I have concerns with your statement - and since
>your reply below, with our statement of principles for the EPDP.
>
>As I suggested in my email of 1 August, we need
>to be VERY clear that we are NOT arguing against
>implementation a policy that is compliant with
>the GDPR. We are arguing for other issues that
>impact on users - WITHIN the umbrella of the
>GDPR. And if we do not make that very clear,
>then we look as if we are not prepared to
>operate within the bounds of the EPDP - which is
>all about developing a new policy to replace the
>RDS requirements that will allow
>registries/registrars to comply with their ICANN
>contracts and operate within the GDPR framework.
>
>So your statement below that ‘yes, other issues
>trump privacy’ - misstates that. What we are
>(or should be) arguing for is a balance of
>rights of access that - to the greatest extend
>possible - recognises the value of RDS to some
>constituencies with legitimate purposes - WITHIN
>the GDPR framework. That implicitly accepts that
>people/organisations that once had free and
>unrestricted access to the data will no longer have that open access.
>
>And for ALAC generally, I will repeat what I
>said in my 1 August email - our statement of
>principles must be VERY clear that we are NOT
>arguing for a new RDS policy that goes outside of the GDPR.
>
> Holly
>
>
>On 3 Aug 2018, at 1:29 am, Alan Greenberg
><<mailto:alan.greenberg at mcgill.ca>alan.greenberg at mcgill.ca> wrote:
>
>>At 02/08/2018 10:37 AM, Michele Neylon - Blacknight wrote:
>>>Jonathan / Alan
>>>
>>>Thanks for the clarifications.
>>>
>>>3 - I don't know how you can know what the
>>>interests of a user are. The assumption you
>>>seem to be making is that due process and
>>>privacy should take a backseat to access to data
>>
>>Privacy is not absolute but based on various
>>other issues. So yes, we are saying that in
>>some cases, the other issues trump privacy.
>>Perhaps we differ on where the dividing line is.
>>
>>
>>>4 - Same as 3. Plenty of ccTLDs never offered
>>>PII in their public whois and there weren't
>>>any issues with security or stability.
>>>
>>>Skipping due process for "ease of access" is a
>>>very slippery and dangerous slope.
>>
>>Both here and in reply to #3, the term "due
>>process" tends to be used in reference to legal
>>constraints associated with law enforcement
>>actions as sanctioned by laws and courts. That
>>is one path to unlocking otherwise private
>>information. A major aspect of the GDPR
>>implementation will be identifying other less
>>cumbersome and restricted processes for
>>accessing WHOIS data by a variety of partners.
>>It will not be unconstrained nor will it be as
>>cumbersome as going to court (hopefully).
>>
>>Alan
>>
>>
>>>Regards
>>>
>>>Michele
>>>
>>>
>>>--
>>>Mr Michele Neylon
>>>Blacknight Solutions
>>>Hosting, Colocation & Domains
>>><https://www.blacknight.com/>https://www.blacknight.com/
>>>https://blacknight.blog/
>>>Intl. +353 (0) 59 9183072
>>>Direct Dial: +353 (0)59 9183090
>>>Personal blog: https://michele.blog/
>>>Some thoughts: https://ceo.hosting/
>>>-------------------------------
>>>Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
>>>Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
>>>
>>>On 02/08/2018, 15:03, "Jonathan Zuck"
>>><JZuck at innovatorsnetwork.org> wrote:
>>>
>>> Thanks Michele!
>>> 3. Where there appears to be a conflict of
>>> interest between a registrant and
>>> non-registrant end user, we'll be endeavoring
>>> to represent the interests of the non-registrant end user.
>>> 4. Related to 3. This is simply an
>>> affirmation of the interests of end users in
>>> a stable and secure internet and it is those
>>> interests we'll be representing. We've
>>> included law enforcement because efficiencies
>>> regarding their access may come up. Just
>>> because there's always a way for them to get
>>> to data doesn't mean it's the best way.
>>>
>>> Make sense?
>>> Jonathan
>>>
>>>
>>> -----Original Message-----
>>> From: GTLD-WG
>>> <gtld-wg-bounces at atlarge-lists.icann.org> On
>>> Behalf Of Michele Neylon - Blacknight
>>> Sent: Wednesday, August 1, 2018 12:34 PM
>>> To: Alan Greenberg <alan.greenberg at mcgill.ca>; CPWG <cpwg at icann.org>
>>> Subject: Re: [GTLD-WG] [CPWG]
>>> [registration-issues-wg] ALAC Statement regarding EPDP
>>>
>>> Alan
>>>
>>> 1 - good
>>> 2 - good
>>> 3 - I don't understand what that means
>>> 4 - Why are you combining law enforcement
>>> and private parties? Law enforcement can
>>> always get access to data when they follow due process.
>>>
>>> Regards
>>>
>>> Michele
>>>
>>>
>>> --
>>> Mr Michele Neylon
>>> Blacknight Solutions
>>> Hosting, Colocation & Domains
>>> https://www.blacknight.com/
>>> https://blacknight.blog/
>>> Intl. +353 (0) 59 9183072
>>> Direct Dial: +353 (0)59 9183090
>>> Personal blog: https://michele.blog/
>>> Some thoughts: https://ceo.hosting/
>>> -------------------------------
>>> Blacknight Internet Solutions Ltd, Unit
>>> 12A,Barrowside Business Park,Sleaty
>>> Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
>>>
>>> On 01/08/2018, 17:27,
>>> "registration-issues-wg on behalf of Alan
>>> Greenberg"
>>> <registration-issues-wg-bounces at atlarge-lists.icann.org
>>> on behalf of alan.greenberg at mcgill.ca> wrote:
>>>
>>> Yesterday, the EPDP Members were asked to present a 1-3 minute
>>> summary of their groups position in
>>> regard to the EPDP. The following
>>> is the statement agreed to by me, Hadia, Holly and Seun.
>>>
>>> 1. The ALAC believes that the EPDP
>>> MUST succeed and will be working
>>> toward that end.
>>>
>>> 2. We have a support structure that we are organizing to ensure
>>> that what we present here is understood by our community and has
>>> their input and support.
>>>
>>> 3. The ALAC believes that individual registrants are users and we
>>> have regularly worked on their behalf (as in the PDP that we
>>> initiated to protect registrant rights
>>> when their domains expire), if
>>> registrant needs differ from those of the 4 billion Internet users
>>> who are not registrants, those latter needs take precedence. We
>>> believe that GDPR and this EPDP are such a situation.
>>>
>>> 4. Although some Internet users consult WHOIS and will not be able
>>> to do so in some cases going forward, our main concern is access for
>>> those third parties who work to ensure that the Internet is a safe
>>> and secure place for users and that means that law enforcement,
>>> cybersecurity researchers, those combatting fraud in domain names,
>>> and others who help protect users from phishing, malware, spam,
>>> fraud, DDoS attacks and such can work with minimal reduction in
>>> access to WHOIS data. All within the constraints of GDPR of course.
>>>
>>> _______________________________________________
>>> CPWG mailing list
>>> CPWG at icann.org
>>> https://mm.icann.org/mailman/listinfo/cpwg
>>> _______________________________________________
>>> registration-issues-wg mailing list
>>> registration-issues-wg at atlarge-lists.icann.org
>>> https://mm.icann.org/mailman/listinfo/registration-issues-wg
>>>
>>>
>>> _______________________________________________
>>> CPWG mailing list
>>> CPWG at icann.org
>>> https://mm.icann.org/mailman/listinfo/cpwg
>>> _______________________________________________
>>> GTLD-WG mailing list
>>> GTLD-WG at atlarge-lists.icann.org
>>> https://atlarge-lists.icann.org/mailman/listinfo/gtld-wg
>>>
>>> Working Group direct URL:
>>> https://community.icann.org/display/atlarge/New+GTLDs
>>
>>_______________________________________________
>>CPWG mailing list
>><mailto:CPWG at icann.org>CPWG at icann.org
>>https://mm.icann.org/mailman/listinfo/cpwg
>>_______________________________________________
>>registration-issues-wg mailing list
>>registration-issues-wg at atlarge-lists.icann.org
>>https://mm.icann.org/mailman/listinfo/registration-issues-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/cpwg/attachments/20180802/cd3fafcc/attachment-0001.html>
More information about the CPWG
mailing list