[Gdd-gnso-ppsai-impl] Fwd: PSWG proposal

Chris Pelling chris at netearth.net
Sun Jun 4 13:05:19 UTC 2017 

Hi Amy, 

Thanks Nick (I assume he is on the list) for providing this ahead of Tuesday and I have a few questions / concerns if I may. This is from a standpoint of us being a wholesale registrar, who have offices in the UK and have requests for information from the UK police, properly marked for example. 

This is only a quick read through, and, from us as a wholesale registrar, sorry for the long amount of points I note but having some of these answers for Tuesday or explanations will greatly help :) 

Before Tuesday Nick if I may ask, please confirm that the "Requested Information" part 1.4 will not be in breach of GDPR, as it is pertaining to personal information. Moreover, as a quick thought, information like Credit card details - simply wont be provided (as for wholesale registrars like myself, we wont have it). Also from a technical point, session duration is probably not logged by most registrars - the platform we use certainly doesn't. 

1.5 - I don't believe we have had priority levels before, but, this will no doubt piggy back on the RAA whereby its upto 24 hours. (similar your 3.2.1 section mentions this time-frame) 

In reading section 2; 

2.1.2 states authority of request, this needs clear allowable requesters', police authority would be another one to add for example 
2.1.4 See 1.5 above 
2.1.5 Unless similar to current requests it is stamped "restricted" then this should be instant notification to customer that their personal data (thinking GDPR here and common decency) has been requested. 

Section 4 : 

4.2.1 What secure mechanism ? 
4.2.2 GDPR ? 
4.2.3 So, 2.1.5 above, unless it is marked "restricted" we would have already told the customer that a request for information had been received. 
4.2.5 A "limit" must be placed on this, it cannot keep being returned to the provider by the requester knowing that the requester is wasting the time of the provider each and every time of request thereafter. Example - Say the requester never changes the request, if it did not stand up the first time, it wont the 2nd, 3rd, 4th and 10th time either. 
4.3.1 I would suggest this is unacceptable unless "restricted" marked. 
4.3.2 Er 90 days, I appreciate its an example, but, 1 day in my eyes is too long. 
4.3.3 Unless "restricted" customer is automatically notified on receipt of request (or within 24 hours), and the requester as notified by providers website must accept that. 

Section 6: 

6.1 So we have gone from LEA etc, now to "any" tom, dick or harry sending in a request ? 
6.2 GDPR 
6.3 again "restricted" 


This document seems slightly unfair to the consumer in that it is suggesting guilt before the fact, as it is trying to stop notification to the customer of receipt of the request and not giving the customer any way of defence.. 

Again, thanks for the document, Tuesday's call will be a very interesting call indeed :) Looking forward to it. 

Kind regards, 

Chris 


From: "Amy Bivins" <amy.bivins at icann.org> 
To: gdd-gnso-ppsai-impl at icann.org 
Sent: Sunday, 4 June, 2017 12:10:03 
Subject: [Gdd-gnso-ppsai-impl] Fwd: PSWG proposal 

Dear Colleagues, 

Please see the PSWG proposal attached, which Nick Shorey will present to the IRT on Tuesday. 

Best, 
Amy 

Sent from my iPhone 

Begin forwarded message: 




From: Nick Shorey < lists at nickshorey.com > 
Date: June 4, 2017 at 6:42:52 AM EDT 
To: Amy Bivins < amy.bivins at icann.org > 
Cc: Fabien Betremieux < fabien.betremieux at icann.org > 
Subject: [Ext] Re: Checking in on PSWG proposal 





BQ_BEGIN

Hi Amy, 

Please see attached the Disclosure Framework Principles document, which has now been approved by the GAC. 

Do send me the details for Tuesday's session, and I look forward to running the rest of the IRT through the document. 

FYI I did a Webinar for the GAC last week which took around 30 mins - though I anticipate there could be more questions from the IRT so it could run longer. 

Kind regards, 

Nick 

Nick Shorey 
Phone: +44 (0) 7552 455 988 
Email: lists at nickshorey.com 
Skype: nick.shorey 
Twitter: @nickshorey 
LinkedIn: www.linkedin.com/in/nicklinkedin[linkedin.com] 
Web: www.nickshorey.com[nickshorey.com] 

On Sat, Jun 3, 2017 at 4:12 PM, Amy Bivins < amy.bivins at icann.org > wrote: 

BQ_BEGIN
Hi Nick, 

Just checking in-how are things looking for the PSWG proposal for PP? 

Thanks and have a great weekend! 
Amy 

Sent from my iPhone 

BQ_END



BQ_END

BQ_BEGIN

BQ_END

_______________________________________________ 
Gdd-gnso-ppsai-impl mailing list 
Gdd-gnso-ppsai-impl at icann.org 
https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gdd-gnso-ppsai-impl/attachments/20170604/10f900a4/attachment.html>

More information about the Gdd-gnso-ppsai-impl mailing list