[CPWG] [registration-issues-wg] [GTLD-WG] [SPAM] Re: ALAC Statement regarding EPDP
Greg Shatan
greg at isoc-ny.org
Thu Aug 9 02:16:43 UTC 2018
Christopher,
A great deal of the work in both the EWG and the RDS PDP consisted of
identifying these parties and use cases. I invite you to peruse both for
answers. It's not hard to find -- no begging needed.
Best regards,
Greg
> On Wed, Aug 8, 2018 at 6:30 AM wilkinson christopher <
> cw at christopherwilkinson.eu> wrote:
>
>> > 3. WHOIS/RDS exists in order to be accessed by third parties (i.e.,
>> folks other than the registrant and the registrar). There are many, many
>> legitimate use cases for access.
>>
>> This argument begs the questions as to who are the 'third parties', what
>> are the 'use cases' and what happens to the data after it has been used.
>>
>> Regards
>>
>> CW
>>
>>
>> > El 7 de agosto de 2018 a las 22:17 Greg Shatan <greg at isoc-ny.org>
>> escribió:
>> >
>> >
>> > I’ve been watching this conversation unfold for awhile. A few
>> observations:
>> >
>> > 1. Nobody suggested that ALAC support an outcome that would violate
>> GDPR.
>> > Compliance with GDPR is a given. Thankfully, that misunderstanding
>> seems to
>> > have been cleared up.
>> >
>> > 2. No one is arguing in favor of putting the “private info of
>> registrants”
>> > into “the hands of bad actors.” Indeed, GDPR is not primarily aimed at
>> > preventing access by bad actors. Rather it is aimed at regulating the
>> use
>> > of personal data by any actor. I haven’t really thought about it, but
>> GDPR
>> > is probably not going to be a major deterrent against real bad actors.
>> >
>> > 3. WHOIS/RDS exists in order to be accessed by third parties (i.e.,
>> folks
>> > other than the registrant and the registrar). There are many, many
>> > legitimate use cases for access. Of course, there are “mis-use cases”
>> > involving bad actors, and one of the obvious challenges for the EPDP is
>> > dealing with those. From the point of view of the end-user, that needs
>> to
>> > be dealt with in a way that does not hinder timely, straight-forward
>> > legitimate access to Whois data.
>> >
>> > 4. I have seen no evidence that the European Data Protection people have
>> > thought about how WHOIS/RDS can function under GDPR. More broadly, GDPR
>> is
>> > a law about access, in very large part. GDPR provides a road map for
>> data
>> > controllers and processors to get and “process” (use, store, provide
>> access
>> > to, transfer, delete, etc.) data. Much of GDPR is concerned with how
>> data
>> > is used (I’d rather use that term than “processed” for these
>> discussions),
>> > the purposes for which it is used, how it is stored, how it is
>> transferred,
>> > who is responsible for any use, the circumstances when a data subject
>> does
>> > (and does not) have control over how their data is used. GDPR assumes
>> that
>> > data will be “processed” and creates a set of rules of the road for that
>> > processing.
>> >
>> > 5. It is true that end-users and registrants benefit from both privacy
>> and
>> > security. End-users benefit directly and indirectly from access to
>> > WHOIS/RDS data, for non-security related reasons as well as
>> > security-related reasons. Registrants also benefit from access to
>> > WHOIS/RDS, both by themselves and by third parties in a variety of ways.
>> > Registrants benefit from data privacy, at least with regard to their own
>> > data (though they may lose some of the benefits that come from third
>> party
>> > access to their data, such as receiving offers to purchase domain
>> names).
>> > However, I struggling to see how end-users (as end-users) benefit from
>> > barriers to accessing registrant WHOIS/RDS data.
>> >
>> > 6. How Cambridge Analytica got Facebook data is not particularly
>> relevant.
>> > But if it is going to be used as a “cautionary tale”, we need to be
>> > accurate, so that the right lessons can be learned. Cambridge Analytica
>> did
>> > NOT get the data by making a request to Facebook “to have access to
>> these
>> > data for research.” In fact, they didn’t get the data directly from
>> > Facebook at all. The data was gathered through a personality quiz app,
>> > which was (as Facebook was configured at that time and with the consent
>> of
>> > the participants) able to harvest data about friends and
>> friends-of-friends
>> > of the participants, as well as the participants. It may have been used
>> for
>> > legitimate research purposes. However, the data was then sold to
>> Cambridge
>> > Analytica, without Facebook’s knowledge and in violation of their terms
>> of
>> > service.
>> >
>> > 7. The California Consumer Privacy Act is already here, though it won’t
>> be
>> > enforced until 2020. While it bears a resemblance to GDPR, it has many
>> > differences as well, and some of its goals are quite different. Like
>> GDPR
>> > it is not primarily aimed at keeping data out of the hands of bad
>> actors. I
>> > have not yet considered the impact of the CCPA on WHOIS/RDS, and how it
>> is
>> > similar or different to the impact of GDPR. Its primary goals seem to
>> be to
>> > control data monetization, and to give consumers greater access to their
>> > data, with data subject rights similar to those in GDPR.
>> >
>> > 8. Overall, I agree with those who believe that appropriate and timely
>> > access to WHOIS/RDS data benefits end-users. Whether GDPR is good or bad
>> > for end-users is moot. GDPR exists, and how it is dealt with will show
>> how
>> > good or bad it is for end-users. Our goal should be to have GDPR
>> > implemented in the WHOIS/RDS context in a way that maximizes the benefit
>> > and minimizes the harm to end-users.
>> >
>> > Best regards,
>> >
>> > Greg Shatan
>> >
>> > On Tue, Aug 7, 2018 at 1:58 PM Evan Leibovitch <
>> evanleibovitch at gmail.com>
>> > wrote:
>> >
>> > > I don't know about the Europeans or the California government. I do
>> have
>> > > more than a decade's experience in ICANN, however, and have observed
>> that
>> > > its track record in both decent privacy and decent accessibility is
>> > > abysmal.
>> > >
>> > > ___________________
>> > > Evan Leibovitch, Toronto
>> > > @evanleibovitch/@el56
>> > >
>> > > On Tue, Aug 7, 2018, 1:30 PM Marita Moll, <mmoll at ca.inter.net> wrote:
>> > >
>> > > > With respect Evan, saying I am missing the point is not really
>> > > > respectful. No one is arguing for privacy without protections. I
>> don't
>> > > > have all the information I need to support this, but I have a
>> feeling
>> > > > the European Data Protection people might have thought about this.
>> They
>> > > > don't want to protect bad actors either. And I have heard that a
>> > > > similiar law to GDPR is under consideration in California. So I
>> don't
>> > > > see any need to think we are only ones concerned with keeping bad
>> actors
>> > > > out of the ring.
>> > > >
>> > > > Marita
>> > > >
>> > > >
>> > > > On 8/7/2018 7:08 PM, Evan Leibovitch wrote:
>> > > > > Hi Marita,
>> > > > >
>> > > > > I think you may be missing the point when you state that "keeping
>> the
>> > > > > private info of registrants out of the hands of bad actors
>> protects
>> > > > > both parties". The examples that exist in abundance come from
>> > > > > registrants who /ARE themselves/ the bad actors, that hide behind
>> > > > > either privacy regulations or inaccurate contact information to
>> avoid
>> > > > > being held to account for their harm.
>> > > > >
>> > > > > Just as the right to freedom of speech is not absolute -- even in
>> > > > > America -- neither is the right to privacy a way to hide
>> > > > > accountability for causing demonstrable harm. Augmenting privacy
>> with
>> > > > > tiered access is fine so long as it is accessible to victims and
>> > > > > effective in execution; that is exactly the balance of which I
>> speak.
>> > > > > This won't be easy -- being physically threatened demands a
>> different
>> > > > > response to merely being insulted -- but it is vital. Without such
>> > > > > checks and balances, absolute privacy is a sure source of far more
>> > > > > harm than good. For every whistleblower protected, a dozen others
>> will
>> > > > > be scammed out of their life savings, and thousands more will
>> live in
>> > > > > fear for their lives because of death threats from those with
>> > > > > unchecked anonymity. This is not theory, it is happening.
>> > > > >
>> > > > > In summary, it is both naive and against the global public
>> interest to
>> > > > > advocate for privacy without advocating just as strenuously for
>> > > > > appropriate protections against bad actors who seek to exploit
>> that
>> > > > > privacy to cause harm. At-Large seeks both.
>> > > > >
>> > > > > - Evan
>> > > > >
>> > > > >
>> > > > > PS: I absolutely reject the assertion that it is fear-mongering to
>> > > > > simply want to prevent abuse of privacy by some registrants that
>> is
>> > > > > both clearly evidenced and ongoing.
>> > > > >
>> > > > >
>> > > > > On Aug 7, 2018, at 11:55, Marita Moll <mmoll at ca.inter.net
>> > > > > <mailto:mmoll at ca.inter.net>> wrote:
>> > > > >
>> > > > > Hello Evan and Allan. I agree with a number of those here how
>> have
>> > > > > suggested that the interests of registrants and end-users are
>> not
>> > > > that
>> > > > > different. Keeping the private info of registrants out of the
>> hands
>> > > > of
>> > > > > bad actors protects both parties. If crimes are committed,
>> having
>> > > > tiered
>> > > > > access to the info would release that info to validated
>> > > authorities.
>> > > > As
>> > > > > a registrant, I don't want my private information out there
>> if it
>> > > > isn't
>> > > > > necessary. And I don't see how shielding my private info on
>> WhoIS
>> > > > will
>> > > > > endanger my neighbour once tiered access is agreed upon. This
>> is no
>> > > > > different from the way the law usually works -- we don't all
>> have
>> > > to
>> > > > > live in glass houses in order to be safe. We need well
>> thought out
>> > > > > procedures that protect all of us.
>> > > > >
>> > > > > It's just my opinion. I know others have good arguments. But I
>> > > don't
>> > > > buy
>> > > > > the scary scenarios being presented by some groups hoping to
>> > > scuttle
>> > > > > this whole thing. If the Europeans don't think the world will
>> come
>> > > > to an
>> > > > > end once GDPR is enforced, why is the boogey man being
>> unleashed in
>> > > > > North America?
>> > > > >
>> > > > >
>> http://www.insidesources.com/fake-news-fake-pharmacies-whats-next/
>> > > > >
>> > > > > Marita
>> > > > >
>> > > > >
>> > > > > On 8/7/2018 5:09 AM, Alan Greenberg wrote:
>> > > > >
>> > > > > Marita, you cannot take one phrase out of context. If you
>> go
>> > > > > back in the thread (which was not fully copied here) I
>> believe
>> > > > > that a major concern of Holly and Bastiaan was that my
>> > > > > statement sounded like it was trying to get around GDPR,
>> but
>> > > > > in fact compliance with GDPR is (to use a Startrek
>> expression)
>> > > > > "the prime directive". It is not a simple matter of
>> security
>> > > > > vs privacy. If, for instance, we were talking about USER
>> > > > > security vs USER privacy, we would have a real challenge
>> in
>> > > > > deciding which was more important and I am pretty sure we
>> > > > > would not even try in the general case. But that is not
>> what
>> > > > > we are taking about here. We are talking about gTLD
>> REGISTRANT
>> > > > > privacy vs USER security. And the ALAC's position has
>> > > > > previously been that although we care about registrants
>> (and
>> > > > > their privacy and their domains etc) and have put very
>> > > > > significant resources into supporting gTLD registrants,
>> the
>> > > > > shear number of users makes their security and ability to
>> use
>> > > > > the Internet with relative safety and trust takes
>> precedence
>> > > > > over the privacy of the relative handful of gTLD
>> registrants.
>> > > > > That is why ICANN has (and continues to) support the
>> existing
>> > > > > WHOIS system to the extent possible. That is the entire
>> gist
>> > > > > of the Temporary Spec. - /"Consistent with ICANN’s stated
>> > > > > objective to comply with the GDPR, while maintaining the
>> > > > > existing WHOIS system to the greatest extent possible, the
>> > > > > Temporary Specification maintains....." /And I note with
>> some
>> > > > > amusement that some filter along the way has flagged this
>> > > > > entire thread as SPAM. Alan At 06/08/2018 12:08 PM, Marita
>> > > > > Moll wrote:
>> > > > >
>> > > > > I am in agreement with Tijani, Holly, Bastian and
>> Michele.
>> > > > > Perhaps it is unintentional, but the language does
>> send
>> > > > > the message that we are looking more carefully at
>> security
>> > > > > than privacy. I am also not convinced that end-users
>> would
>> > > > > want us to do that. Marita On 8/3/2018 10:30 AM,
>> Tijani
>> > > > > BEN JEMAA wrote:
>> > > > >
>> > > > > Very interesting discussion. This issue has been
>> > > > > discussed several times and the positions didn’t
>> > > > > change. What bothers me is the presentation of the
>> > > > > registrants interest as opposite to the
>> remaining
>> > > > > users ones. they are not since the registrants are
>> > > > > also subject to the domain abuse. You are speaking
>> > > > > about 4 billion users; these include all:
>> contracted
>> > > > > parties, business, registrants, governments, etc.
>> We
>> > > > > are about defending the interest of all of them as
>> > > > > individual end users, not as registry, registrar,
>> > > > > businessman, minister, etc…. You included theÂ
>> > > > > cybersecurity researchers; you know how Cambridge
>> > > > > Analytica got the American data from Facebook?
>> They
>> > > > > requested to have access to these data for
>> research,
>> > > > > and the result was the American election result
>> > > > > impacted. So, I agree with Bastiaan that we need
>> to be
>> > > > > careful and care about the protection of personal
>> data
>> > > > > as well as the prevention of any harmful use of
>> the
>> > > > > domain names, both together.
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > > *Tijani BEN JEMAA* Executive Director
>> Mediterranean
>> > > > > Federation of Internet Associations (*FMAI*)
>> Phone:
>> > > > > +216 98 330 114 +216 52 385 114
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > >
>> > > > > Le 3 août 2018 à 07:22, Bastiaan Goslings
>> > > > > <bastiaan.goslings at ams-ix.net
>> > > > > <mailto:bastiaan.goslings at ams-ix.net
>> > > > > <mailto:bastiaan.goslings at ams-ix.net>>> a
>> écrit :
>> > > > > Thanks for clarifying, Alan. As a matter of
>> > > > > principle I agree with Holly - and Michele.
>> While
>> > > > > I think I understand the good intent of what
>> you
>> > > > > are saying, your earlier responses almost
>> sound to
>> > > > > me like a false ‘security versus privacy’
>> > > > > dichotomy. Like, the number of people (users)
>> that
>> > > > > care about security as opposed to those
>> > > > > (registrants) that want their privacy
>> protected to
>> > > > > the max is larger. Etc. Apologies if I am
>> > > > > oversimplifying things here, I do not mean
>> to. In
>> > > > > this particular EPDP case though I am
>> convinced
>> > > > > that we can find a common ground on what the
>> ALAC
>> > > > > members and alternates should bring to the
>> table.
>> > > > > In terms of perceived registrants’ and
>> general
>> > > > > Internet end-users’ interests. As you
>> rightly
>> > > > > state, it is about being GDPR compliant. So
>> we do
>> > > > > not have to be philosophical about a rather
>> broad
>> > > > > term like ‘privacy’ and argue about
>> whether it
>> > > > > is in conflict with e.g. the interest of LEAs.
>> > > > > Indeed, ‘Privacy is not absolute’.
>> However,
>> > > > > ‘due process’ is a(nother) no brainer, not
>> > > > > just because it might be a legal requirement.
>> From
>> > > > > what I understand the work being done on
>> defining
>> > > > > Access and Accreditation criteria is keeping
>> that
>> > > > > principle in mind, and within in the MS
>> context of
>> > > > > the EPDP we can together see to it that it
>> does
>> > > > > end up properly enshrined in policy and
>> contracts.
>> > > > > -Bastiaan
>> > > > >
>> > > > > On 3 Aug 2018, at 01:10, Alan Greenberg
>> > > > > <alan.greenberg at mcgill.ca
>> > > > > <mailto:alan.greenberg at mcgill.ca
>> > > > > <mailto:alan.greenberg at mcgill.ca>>>
>> wrote:
>> > > > > Holly, the original statement ends with
>> "All
>> > > > > within the constraints of GDPR of
>> course." I
>> > > > > don't know how to make that clearer. We
>> would
>> > > > > be absolutely FOOLISH to argue for
>> anything
>> > > > > else, since it will not be implementable.
>> That
>> > > > > being said, if through the EPDP or
>> otherwise
>> > > > > we can help make the legal argument for
>> why
>> > > > > good access for the folks we list at the
>> end
>> > > > > is within GDPR, more power to us. GDPR
>> (and
>> > > > > eventually similar legislation/regulation
>> > > > > elsewhere) is the overall constraint. It
>> is
>> > > > > equivalent to the laws of physics which
>> for
>> > > > > the moment we need to consider inviolate.
>> So
>> > > > > my statement that "other issues trump
>> privacy"
>> > > > > is within that context. But just as
>> > > > > proportionality governs what GDPR will
>> decree
>> > > > > as private in any given case, so it will
>> > > > > govern what is not private. It all
>> depends on
>> > > > > making the legal argument and ultimately
>> in
>> > > > > needed convincing the courts. They are the
>> > > > > arbiters, not me or anyone else in ICANN.
>> In
>> > > > > the US, there is the constitutional right
>> to
>> > > > > freedom of speech, but it is not
>> unconstrained
>> > > > > and there are limits to what you are
>> allowed
>> > > > > and not allowed to say. And from time to
>> time,
>> > > > > the courts and legislatures weigh in and
>> > > > > decide where the line is. Alan At
>> 02/08/2018
>> > > > > 06:42 PM, Holly Raiche wrote:
>> > > > >
>> > > > > Hi Alan I have concerns with your
>> > > > > statement - and since your reply
>> below,
>> > > > > with our statement of principles for
>> the
>> > > > > EPDP. As I suggested in my email of 1
>> > > > > August, we need to be VERY clear that
>> we
>> > > > > are NOT arguing against
>> implementation a
>> > > > > policy that is compliant with the
>> GDPR. Â
>> > > > > We are arguing for other issues that
>> > > > > impact on users - WITHIN the umbrella
>> of
>> > > > > the GDPR. Â And if we do not make that
>> > > > > very clear, then we look as if we are
>> not
>> > > > > prepared to operate within the bounds
>> of
>> > > > > the EPDP - which is all about
>> developing a
>> > > > > new policy to replace the RDS
>> requirements
>> > > > > that will allow registries/registrars
>> to
>> > > > > comply with their ICANN contracts and
>> > > > > operate within the GDPR framework. So
>> your
>> > > > > statement below that ‘yes, other
>> issues
>> > > > > trump privacyÂ’ - misstates that. Â
>> What
>> > > > > we are (or should be) arguing for is a
>> > > > > balance of rights of access that - to
>> the
>> > > > > greatest extend possible - recognises
>> the
>> > > > > value of RDS to some constituencies
>> with
>> > > > > legitimate purposes - WITHIN the GDPR
>> > > > > framework. That implicitly accepts
>> that
>> > > > > people/organisations that once had
>> free
>> > > > > and unrestricted access to the data
>> will
>> > > > > no longer have that open access. And
>> for
>> > > > > ALAC generally, I will repeat what I
>> said
>> > > > > in my 1 August email - our statement
>> of
>> > > > > principles must be VERY clear that we
>> are
>> > > > > NOT arguing for a new RDS policy that
>> goes
>> > > > > outside of the GDPR. Holly On 3 Aug
>> 2018,
>> > > > > at 1:29 am, Alan Greenberg
>> > > > > <alan.greenberg at mcgill.ca
>> > > > > <mailto:alan.greenberg at mcgill.ca
>> > > > > <mailto:alan.greenberg at mcgill.ca>> >
>> > > wrote:
>> > > > >
>> > > > > At 02/08/2018 10:37 AM, Michele
>> Neylon
>> > > > > - Blacknight wrote:
>> > > > >
>> > > > > Jonathan / Alan Thanks for the
>> > > > > clarifications. 3 - I don't
>> know
>> > > > > how you can know what the
>> > > > > interests of a user are. The
>> > > > > assumption you seem to be
>> making
>> > > > > is that due process and
>> privacy
>> > > > > should take a backseat to
>> access
>> > > > > to data
>> > > > >
>> > > > > Privacy is not absolute but based
>> on
>> > > > > various other issues. So yes, we
>> are
>> > > > > saying that in some cases, the
>> other
>> > > > > issues trump privacy. Perhaps we
>> > > > > differ on where the dividing line
>> is.
>> > > > >
>> > > > > 4 - Same as 3. Plenty of
>> ccTLDs
>> > > > > never offered PII in their
>> public
>> > > > > whois and there weren't any
>> issues
>> > > > > with security or stability.
>> > > > > Skipping due process for
>> "ease of
>> > > > > access" is a very slippery and
>> > > > > dangerous slope.
>> > > > >
>> > > > > Both here and in reply to #3, the
>> term
>> > > > > "due process" tends to be used in
>> > > > > reference to legal constraints
>> > > > > associated with law enforcement
>> > > > > actions as sanctioned by laws and
>> > > > > courts. That is one path to
>> unlocking
>> > > > > otherwise private information. A
>> major
>> > > > > aspect of the GDPR implementation
>> will
>> > > > > be identifying other less
>> cumbersome
>> > > > > and restricted processes for
>> accessing
>> > > > > WHOIS data by a variety of
>> partners.
>> > > > > It will not be unconstrained nor
>> will
>> > > > > it be as cumbersome as going to
>> court
>> > > > > (hopefully). Alan
>> > > > >
>> > > > > Regards Michele -- Mr Michele
>> > > > > Neylon Blacknight Solutions
>> > > > > Hosting, Colocation & Domains
>> > > > > https://www.blacknight.com/
>> > > > > <https://www.blacknight.com/>
>> > > > > https://blacknight.blog/
>> > > > > <https://blacknight.blog/>
>> Intl.
>> > > > > +353 (0) 59 Â 9183072 Direct
>> Dial:
>> > > > > +353 (0)59 9183090 Personal
>> blog:
>> > > > > https://michele.blog/ Some
>> > > > > thoughts:
>> https://ceo.hosting/
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > > Blacknight Internet Solutions
>> Ltd,
>> > > > > Unit 12A,Barrowside Business
>> > > > > Park,Sleaty
>> > > > > Road,Graiguecullen,Carlow,R93
>> > > > > X265,Ireland  Company No.:
>> 370845
>> > > > > On 02/08/2018, 15:03,
>> > > > > "Jonathan Zuck"
>> > > > > <JZuck at innovatorsnetwork.org>
>> > > > > wrote: Â Â Thanks Michele! Â
>> Â 3.
>> > > > > Where there appears to be a
>> > > > > conflict of interest between a
>> > > > > registrant and non-registrant
>> end
>> > > > > user, we'll be endeavoring to
>> > > > > represent the interests of the
>> > > > > non-registrant end user. Â Â
>> 4.
>> > > > > Related to 3. This is simply
>> an
>> > > > > affirmation of the interests
>> of
>> > > > > end users in a stable and
>> secure
>> > > > > internet and it is those
>> interests
>> > > > > we'll be representing. We've
>> > > > > included law enforcement
>> because
>> > > > > efficiencies regarding their
>> > > > > access may come up. Just
>> because
>> > > > > there's always a way for them
>> to
>> > > > > get to data doesn't mean it's
>> the
>> > > > > best way. Â Â Make sense? Â Â
>> > > > > Jonathan   -----Original
>> > > > > Message----- Â Â From: GTLD-WG
>> > > > > <
>> > > > gtld-wg-bounces at atlarge-lists.icann.org>
>> > > > > On Behalf Of Michele Neylon -
>> > > > > Blacknight   Sent:
>> Wednesday,
>> > > > > August 1, 2018 12:34 PM Â Â
>> To:
>> > > > > Alan Greenberg
>> > > > > <alan.greenberg at mcgill.ca>;
>> CPWG
>> > > > > <cpwg at icann.org> Â Â
>> Subject: Re:
>> > > > > [GTLD-WG] [CPWG]
>> > > > > [registration-issues-wg] ALAC
>> > > > > Statement regarding EPDP Â Â
>> Alan
>> > > > >   1 - good   2 - good  Â
>> 3 -
>> > > > > I don't understand what that
>> means
>> > > > > Â Â 4 - Why are you combining
>> law
>> > > > > enforcement and private
>> parties?
>> > > > > Law enforcement can always get
>> > > > > access to data when they
>> follow
>> > > > > due process.   Regards  Â
>> > > > > Michele   --   Mr Michele
>> > > > > Neylon   Blacknight
>> Solutions Â
>> > > > > Â Hosting, Colocation &
>> Domains Â
>> > > > > Â https://www.blacknight.com/
>> > > > > <https://www.blacknight.com/>
>> Â Â
>> > > > > https://blacknight.blog/
>> > > > > <https://blacknight.blog/> Â
>> Â
>> > > > > Intl. +353 (0) 59 Â 9183072 Â
>> Â
>> > > > > Direct Dial: +353 (0)59
>> 9183090 Â
>> > > > > Â Personal blog:
>> > > > > https://michele.blog/ Â Â
>> Some
>> > > > > thoughts:
>> https://ceo.hosting/ Â Â
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > > Â Â Blacknight Internet
>> Solutions
>> > > > > Ltd, Unit 12A,Barrowside
>> Business
>> > > > > Park,Sleaty  Â
>> > > > > Road,Graiguecullen,Carlow,R93
>> > > > > X265,Ireland  Company No.:
>> 370845
>> > > > > Â Â On 01/08/2018, 17:27,
>> > > > > "registration-issues-wg on
>> behalf
>> > > > > of Alan Greenberg"
>> > > > > <
>> > > > registration-issues-wg-bounces at atlarge-lists.icann.org
>> > > > > on behalf of
>> > > > > alan.greenberg at mcgill.ca>
>> wrote: Â
>> > > > > Â Â Â Â Â Yesterday, the EPDP
>> > > > > Members were asked to present
>> a
>> > > > > 1-3 minute      Â
>> summary of
>> > > > > their groups position in
>> regard to
>> > > > > the EPDP. The following   Â
>> Â Â
>> > > > > Â is the statement agreed to
>> by
>> > > > > me, Hadia, Holly and Seun. Â
>> Â Â Â
>> > > > > Â Â 1. Â Â The ALAC believes
>> that
>> > > > > the EPDP MUST succeed and
>> will be
>> > > > > working       toward
>> that
>> > > > > end. Â Â Â Â Â Â 2. Â Â We
>> have a
>> > > > > support structure that we are
>> > > > > organizing to ensure    Â
>> Â Â
>> > > > > that what we present here is
>> > > > > understood by our community
>> and
>> > > > > has       their input
>> and
>> > > > > support. Â Â Â Â Â Â 3. Â Â
>> The
>> > > > > ALAC believes that individual
>> > > > > registrants are users and we
>> Â Â Â
>> > > > > Â Â Â have regularly worked on
>> > > > > their behalf (as in the PDP
>> that
>> > > > > we       initiated to
>> > > > > protect registrant rights when
>> > > > > their domains expire), if  Â
>> Â Â
>> > > > > Â Â registrant needs differ
>> from
>> > > > > those of the 4 billion
>> Internet
>> > > > > users       who are not
>> > > > > registrants, those latter
>> needs
>> > > > > take precedence. We     Â
>> Â
>> > > > > believe that GDPR and this
>> EPDP
>> > > > > are such a situation. Â Â Â Â
>> Â Â
>> > > > > 4. Â Â Although some Internet
>> > > > > users consult WHOIS and will
>> not
>> > > > > be able       to do so
>> in
>> > > > > some cases going forward, our
>> main
>> > > > > concern is access for    Â
>> Â Â
>> > > > > those third parties who work
>> to
>> > > > > ensure that the Internet is a
>> safe
>> > > > > Â Â Â Â Â Â and secure place
>> for
>> > > > > users and that means that law
>> > > > > enforcement, Â Â Â Â Â Â
>> > > > > cybersecurity researchers,
>> those
>> > > > > combatting fraud in domain
>> names,
>> > > > > Â Â Â Â Â Â and others who
>> help
>> > > > > protect users from phishing,
>> > > > > malware, spam, Â Â Â Â Â Â
>> fraud,
>> > > > > DDoS attacks and such can work
>> > > > > with minimal reduction in  Â
>> Â Â
>> > > > > Â Â access to WHOIS data. All
>> > > > > within the constraints of
>> GDPR of
>> > > > > course. Â Â Â Â Â Â
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > > Â Â Â Â Â Â CPWG mailing list
>> Â Â
>> > > > >     CPWG at icann.org   Â
>> Â Â Â
>> > > > >
>> > > > https://mm.icann.org/mailman/listinfo/cpwg
>> > > > > <
>> > > > https://mm.icann.org/mailman/listinfo/cpwg>
>> > > > > Â Â Â Â Â Â
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > > Â Â Â Â Â Â
>> registration-issues-wg
>> > > > > mailing list      Â
>> > > > >
>> > > > registration-issues-wg at atlarge-lists.icann.org
>> > > > > Â Â Â Â Â Â
>> > > > >
>> > > > https://mm.icann.org/mailman/listinfo/registration-issues-wg
>> > > > > Â Â
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > >   CPWG mailing list  Â
>> > > > > CPWG at icann.org  Â
>> > > > >
>> > > > https://mm.icann.org/mailman/listinfo/cpwg
>> > > > > <
>> > > > https://mm.icann.org/mailman/listinfo/cpwg>
>> > > > > Â Â
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > >   GTLD-WG mailing list  Â
>> > > > >
>> GTLD-WG at atlarge-lists.icann.org Â
>> > > > > Â
>> > > > >
>> > > > https://atlarge-lists.icann.org/mailman/listinfo/gtld-wg
>> > > > > Â Â Working Group direct URL:
>> > > > >
>> > > > https://community.icann.org/display/atlarge/New+GTLDs
>> > > > >
>> > > > >
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > > CPWG mailing list CPWG at icann.org
>> > > > > <mailto:CPWG at icann.org
>> > > > > <mailto:CPWG at icann.org>>
>> > > > >
>> > > > https://mm.icann.org/mailman/listinfo/cpwg
>> > > > > <
>> > > > https://mm.icann.org/mailman/listinfo/cpwg>
>> > > > >
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > > registration-issues-wg mailing
>> list
>> > > > >
>> > > > registration-issues-wg at atlarge-lists.icann.org
>> > > > >
>> > > > https://mm.icann.org/mailman/listinfo/registration-issues-wg
>> > > > >
>> > > > >
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > > CPWG mailing list CPWG at icann.org
>> > > > > <mailto:CPWG at icann.org
>> > > > > <mailto:CPWG at icann.org>>
>> > > > >
>> https://mm.icann.org/mailman/listinfo/cpwg
>> > > > > <
>> https://mm.icann.org/mailman/listinfo/cpwg>
>> > > > >
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > > CPWG mailing list CPWG at icann.org
>> > > > > <mailto:CPWG at icann.org <mailto:CPWG at icann.org
>> >>
>> > > > > https://mm.icann.org/mailman/listinfo/cpwg
>> > > > > <https://mm.icann.org/mailman/listinfo/cpwg>
>> > > > >
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > > CPWG mailing list CPWG at icann.org
>> > > > > https://mm.icann.org/mailman/listinfo/cpwg
>> > > > > <https://mm.icann.org/mailman/listinfo/cpwg>
>> > > > >
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > > CPWG mailing list CPWG at icann.org
>> > > > > https://mm.icann.org/mailman/listinfo/cpwg
>> > > > > <https://mm.icann.org/mailman/listinfo/cpwg>
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > > GTLD-WG mailing list GTLD-WG at atlarge-lists.icann.org
>> > > > >
>> https://atlarge-lists.icann.org/mailman/listinfo/gtld-wg
>> > > > > <
>> https://atlarge-lists.icann.org/mailman/listinfo/gtld-wg>
>> > > > > Working Group direct URL:
>> > > > > https://community.icann.org/display/atlarge/New+GTLDs
>> > > > > <
>> https://community.icann.org/display/atlarge/New+GTLDs>
>> > > > >
>> > > > >
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > >
>> > > > > CPWG mailing list
>> > > > > CPWG at icann.org
>> > > > > https://mm.icann.org/mailman/listinfo/cpwg
>> > > > >
>> > > > >
>> > > >
>> ------------------------------------------------------------------------
>> > > > >
>> > > > > GTLD-WG mailing list
>> > > > > GTLD-WG at atlarge-lists.icann.org
>> > > > > https://atlarge-lists.icann.org/mailman/listinfo/gtld-wg
>> > > > >
>> > > > > Working Group direct URL:
>> > > > https://community.icann.org/display/atlarge/New+GTLDs
>> > > > >
>> > > >
>> > > > _______________________________________________
>> > > > CPWG mailing list
>> > > > CPWG at icann.org
>> > > > https://mm.icann.org/mailman/listinfo/cpwg
>> > > > _______________________________________________
>> > > > GTLD-WG mailing list
>> > > > GTLD-WG at atlarge-lists.icann.org
>> > > > https://atlarge-lists.icann.org/mailman/listinfo/gtld-wg
>> > > >
>> > > > Working Group direct URL:
>> > > > https://community.icann.org/display/atlarge/New+GTLDs
>> > > _______________________________________________
>> > > CPWG mailing list
>> > > CPWG at icann.org
>> > > https://mm.icann.org/mailman/listinfo/cpwg
>> > > _______________________________________________
>> > > GTLD-WG mailing list
>> > > GTLD-WG at atlarge-lists.icann.org
>> > > https://atlarge-lists.icann.org/mailman/listinfo/gtld-wg
>> > >
>> > > Working Group direct URL:
>> > > https://community.icann.org/display/atlarge/New+GTLDs
>> > _______________________________________________
>> > CPWG mailing list
>> > CPWG at icann.org
>> > https://mm.icann.org/mailman/listinfo/cpwg
>> > _______________________________________________
>> > registration-issues-wg mailing list
>> > registration-issues-wg at atlarge-lists.icann.org
>> > https://mm.icann.org/mailman/listinfo/registration-issues-wg
>> _______________________________________________
>> CPWG mailing list
>> CPWG at icann.org
>> https://mm.icann.org/mailman/listinfo/cpwg
>> _______________________________________________
>> registration-issues-wg mailing list
>> registration-issues-wg at atlarge-lists.icann.org
>> https://mm.icann.org/mailman/listinfo/registration-issues-wg
>>
>
--
Greg Shatan
greg at isoc-ny.org
"The Internet is for everyone"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/cpwg/attachments/20180808/936d8fa8/attachment-0001.html>
More information about the CPWG
mailing list