[CPWG] [GTLD-WG] EPDP: Geographic distinction

Sebastien Bachollet sebicann at bachollet.fr
Tue Oct 30 12:07:31 UTC 2018 

Hello,
I have questions:
If and when other GDPR like policies are developed in other part of the World do ICANN will need to enforce a policy for each « regime »?
Or as At-Large can’t we ask for a protection for all the (individual) (end) users?
And if we consider GDPR as a good step to protect (individual) (end) users privacy in Europe, why not for the others?

If we have to support distinction, it must be on the basis of the residence (the address in the Whois) and not the citizenship.

It must be also allow and possible if one want to publish their personal data to do so.

One world, one Internet, one privacy protection for all Internet individual end users ;)

All the best
SeB

> Le 30 oct. 2018 à 07:43, Bastiaan Goslings <bastiaan.goslings at ams-ix.net> a écrit :
> 
> Just a quick comment, also related to a comment Maureen made earlier ('with EU citizens working and living all over the world for various reasons and varying lengths of time, what is the actual definition for "resident of the EU”):
> 
> I’m not aware of the GDPR referring to either EU ‘citizens’ or ‘residents’. 
> 
> See art 3 of the GDPR https://gdpr-info.eu/art-3-gdpr/ <https://gdpr-info.eu/art-3-gdpr/> which sets the territorial scope.
> 
> So the GDPR is applicable to controllers and processors in the Union, regardless of whether the processing takes place in the Union (and regardless of whether the data subjects affected are in the Union), and to the processing of personal data of data subjects who are in the Union by controllers and processors not established in the Union.
> 
> (see also recitals 2 and 14 https://gdpr-info.eu/recitals/ <https://gdpr-info.eu/recitals/> )
> 
> Anyway, looking at the example mentioned below, any citizen living in the US, not just those from the EU, 'would get the benefit of GDPR when the Controller or Processor with their data is “established” in the EU'.
> 
> -Bastiaan
> 
> 
> 
> 
>> On 30 Oct 2018, at 05:52, Greg Shatan <greg at isoc-ny.org> wrote:
>> 
>> Alan,
>> 
>> One slight caveat: an EU Citizen living in the US would still get the benefit of GDPR when the Controller or Processor with their data is “established” in the EU. But they get that benefit only because the Controller or Processor’s covered by GDPR.
>> 
>> Greg
>> On Tue, Oct 30, 2018 at 12:40 AM Greg Shatan <greg at isoc-ny.org> wrote:
>> I also think it should be restricted to what GDPR requires. Anything beyond that essentially puts ICANN into the business of making privacy policy without a basis in law, which is beyond the remit of the EPDP. 
>> 
>> There may be an interesting discussion to be had about whether ICANN should change WHOIS for policy reasons, but the EPDP is not the place for that conversation. 
>> 
>> Greg 
>> On Mon, Oct 29, 2018 at 11:12 PM Jonathan Zuck <JZuck at innovatorsnetwork.org> wrote:
>> I'm inclined to say restricted if for no other reason than we'll eventually have a bunch of GDPRs that are slightly different.
>> 
>> On 10/29/18, 9:36 PM, "GTLD-WG on behalf of Alan Greenberg" <gtld-wg-bounces at atlarge-lists.icann.org on behalf of alan.greenberg at mcgill.ca> wrote:
>> 
>>    GDPR is applicable to residents of the EU by companies resident there 
>>    and worldwide.
>> 
>>    One of the issues is whether contracted parties should be allowed or 
>>    required to distinguish between those who are resident there and elsewhere.
>> 
>>    There is agreement that such distinction should be allowed, but EPDP 
>>    is divided on whether it should be required. The GAC/BC/IPC want to 
>>    see the distinction made, and at least one very large contracted 
>>    party does already make the distinction. Other contracted parties are 
>>    pushing back VERY strongly saying that there is virtually no way that 
>>    the can or are willing to make the distinction.
>> 
>>    The current (confusing) state of the working document is attached.
>> 
>>    Which side should ALAC come down on?
>> 
>>    - Restrict application to those to whom GDPR applies?
>>    - Apply universally ignoring residence?
>> 
>>    As usual, quick replies requested.
>> 
>>    Alan
>> 
>> _______________________________________________
>> CPWG mailing list
>> CPWG at icann.org
>> https://mm.icann.org/mailman/listinfo/cpwg
>> _______________________________________________
>> GTLD-WG mailing list
>> GTLD-WG at atlarge-lists.icann.org
>> https://atlarge-lists.icann.org/mailman/listinfo/gtld-wg
>> 
>> Working Group direct URL: https://community.icann.org/display/atlarge/New+GTLDs
>> _______________________________________________
>> CPWG mailing list
>> CPWG at icann.org
>> https://mm.icann.org/mailman/listinfo/cpwg
> 
> _______________________________________________
> CPWG mailing list
> CPWG at icann.org <mailto:CPWG at icann.org>
> https://mm.icann.org/mailman/listinfo/cpwg <https://mm.icann.org/mailman/listinfo/cpwg>
> _______________________________________________
> GTLD-WG mailing list
> GTLD-WG at atlarge-lists.icann.org <mailto:GTLD-WG at atlarge-lists.icann.org>
> https://atlarge-lists.icann.org/mailman/listinfo/gtld-wg <https://atlarge-lists.icann.org/mailman/listinfo/gtld-wg>
> 
> Working Group direct URL: https://community.icann.org/display/atlarge/New+GTLDs <https://community.icann.org/display/atlarge/New+GTLDs>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/cpwg/attachments/20181030/c09a63c1/attachment-0001.html>

More information about the CPWG mailing list