[CPWG] Fwd: A conceptual view of TempSpec/EPDP and the Unified Access Model

Jonathan Zuck JZuck at innovatorsnetwork.org
Sun Nov 4 21:47:35 UTC 2018 

DelBianco tried to incorporate the feedback. Feels like a useful tool to descalate so let's see if we can support.

Jonathan Zuck
Executive Director
Innovators Network Foundation
www.Innovatorsnetwork.org<http://www.Innovatorsnetwork.org>

________________________________
From: Steve DelBianco
Sent: Sunday, November 4, 2018 11:31:42 AM
To: Jonathan Zuck
Subject: Re: A conceptual view of TempSpec/EPDP and the Unified Access Model

Jonathan,

Attached is a v2, reflecting these changes:

Per suggestion from ALAC, added qualified under UAM "(if DPAs recognize ICANN as the responsible party)"

I changed the title to reflect the narrow focus on "Publication and Disclosure of Registrant Data, under the EPDP and UAM".

Per suggestion from BC and IPC, changed "TM protection" to IP protection" and changed "May disclose on request" to "Must disclose on request, if GDPR 6(1)(f) balance is met".  Registrars and registries use their discretion to determine if 61f balance is met, so that’s why I had “May disclose” in prior version.

--Steve

On 10/30/18, 5:46 PM, "Steve DelBianco" <sdelbianco at netchoice.org> wrote:

    Jonathan,

    Could you please think about sharing this with ALAC policy folks who are working on the EPDP?

    Attached please find a conceptual view of EPDP and the Unified Access Model.

    This started with a napkin sketch while Keith Drazek and I were talking at the Barcelona airport on Friday morning, as a follow-up to the very positive CSG-CPH meeting on Wednesday.

    We saw the need to help the ICANN community distinguish between Published data, Disclosure under “reasonable access”, and Unified Access operated by ICANN.  This diagram attempts to make those distinctions.

    Another purpose of the diagram is to focus the EPDP (at this stage) on collection, publication, and discretionary disclosure under (what the TempSpec calls “reasonable access”).  With that focus, the EPDP can move more smoothly to an initial report on its first charter task to develop policy to replace the TempSpec.

    We understand that phase 2 of EPDP can address policy for the UAM, including accreditation process, verifying credentials, logging, and disclosure.  But first, the community and Data Protection Authorities need to endorse the conceptual approach that a UAM operated by ICANN can position ICANN as the responsible party.  That's a "gating question".

    --Steve DelBianco








-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/cpwg/attachments/20181104/2a29bab3/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: GDPR - UAM v2.pdf
Type: application/pdf
Size: 189992 bytes
Desc: GDPR - UAM v2.pdf
URL: <http://mm.icann.org/pipermail/cpwg/attachments/20181104/2a29bab3/GDPR-UAMv2-0001.pdf>

More information about the CPWG mailing list