[Gdd-gnso-ppsai-impl] Materials, action items from 17 Oct Privacy/Proxy IRT call
Darcy Southwell
darcy.southwell at endurance.com
Mon Oct 30 08:52:20 UTC 2017
Sara, thank you so much for putting together such detailed revisions/comments on these pieces. I totally support the requested revisions. Like all aspects of this (and any) IRT’s work, we need to be mindful that we are not deviating from the policy represented in the Final Report. I think that’s exactly what’s happened here with the language of PPAA 3.14. The Final Report does not provide the absolute prohibition that is represented in the PPAA. With the prohibition not included in the Final Report, I’m not sure why staff added this language.
Regarding universally changing “Registered Name Holder” with “Customer,” we should consider each change very carefully to avoid operational issues or failures.
And then there’s GDPR … this is the wild animal that is running rampant everywhere within the ICANN community. We cannot allow this IRT to put forth what a brand new contracted party that has an accreditation agreement in violation of the GDPR (not to mention the very similar privacy laws of many other countries).
Thanks,
Darcy
----------------
Darcy Southwell | Compliance Officer
M: +1 503-453-7305 │ Skype: darcy.enyeart
From: <gdd-gnso-ppsai-impl-bounces at icann.org> on behalf of Theo Geurts <gtheo at xs4all.nl>
Reply-To: <gdd-gnso-ppsai-impl at icann.org>
Date: Monday, October 30, 2017 at 11:45 AM
To: <gdd-gnso-ppsai-impl at icann.org>, Sara Bockey <sbockey at godaddy.com>
Subject: Re: [Gdd-gnso-ppsai-impl] Materials, action items from 17 Oct Privacy/Proxy IRT call
Agreed Sara and thanks,
And again, given what is going on, we need to make sure this thing is data protection proof. And yes that is out of scope as an IRT but I feel if we do not do this we will get shot down during the comment period. But I am repeating myself here.
Theo
On 30-10-2017 11:32, Sara Bockey wrote:
Caitlin,
Thanks for the revised docs. A few items at first glance that need to be revised, as I believe they have been discussion/raised before. I will take a closer look and follow up with additional edits, but in the meantime…
Edit the definitions of Proxy Service and Privacy Service to match the definitions provided in the Final Report/2013 RAA
The definitions of Privacy Service and Proxy Service reflect those in the 2013 RAA.
In this context, the 2013 RAA also defines “Registered Name” as a domain name within the domain of a gTLD, about which a gTLD Registry Operator (or an Affiliate or subcontractor thereof engaged in providing Registry Services) maintains data in a Registry Database, arranges for such maintenance, or derives revenue from such maintenance, and “Registered Name Holder” is defined as the holder of a Registered Name.
It’s noted that ICANN staff has replace “Registered Name Holder” with “Customer” in many instances, but I question the logic in that since it is inconsistent with the RAA.
Edit Sections 3.5.3.3. thru 3.5.3.6 to take into consideration GDPR requirements regarding consent.
Consent must be explicitly given for each purpose and can be withdrawn at any time and not a requirement for registration or use of the service. Therefore, 3.5.3.3. – 3.5.3.6 (at a minimum) are not compatible and must be revise.
Edit section 3.12.2, as it still contains new language that has been added since the IRT agreement on language in August. The first sentence in its entirety should be removed.
The section should start with “Well founded…”
Additionally, the following sections need revision or at a minimum further discuss by the IRT
Edit Section 3.14 to remove the language re no automation. This is not feasible. This language must be removed:
Provider shall not use high-volume, automated electronic processes (for example, processes that do not utilize human review) for sending Requests or responses to Requests to Requesters or Customers in performing any of the steps in the processes outlined in the Intellectual Property Disclosure Framework Specification.
Edit Section 3.15 – Labeling – to remove excessive language.
Provider shall ensure that each Registered Name for which Provider is providing the Services is clearly labeled as such in the Registration Data Directory Service, as specified in the Labeling Specification attached hereto, and shall otherwise comply with the requirements of the Labeling Specification attached hereto. This language is duplicative and not necessary. Let’s not add unnecessary words to this already long document. If there are doing to be extra works, perhaps mention complying with applicable local laws in light of GDPR.
sara bockey
sr. policy manager | GoDaddy™
sbockey at godaddy.com 480-366-3616
skype: sbockey
This email message and any attachments hereto is intended for use only by the addressee(s) named herein and may contain confidential information. If you have received this email in error, please immediately notify the sender and permanently delete the original and any copy of this message and its attachments.
From: <gdd-gnso-ppsai-impl-bounces at icann.org> on behalf of Caitlin Tubergen <caitlin.tubergen at icann.org>
Reply-To: "gdd-gnso-ppsai-impl at icann.org" <gdd-gnso-ppsai-impl at icann.org>
Date: Wednesday, October 25, 2017 at 4:44 AM
To: "gdd-gnso-ppsai-impl at icann.org" <gdd-gnso-ppsai-impl at icann.org>
Subject: [Gdd-gnso-ppsai-impl] Materials, action items from 17 Oct Privacy/Proxy IRT call
Dear Colleagues,
Thanks so much for your participation on today’s Privacy/Proxy IRT call. For those who could not attend, I encourage you to review the recording and materials on the wiki, https://community.icann.org/display/IRT/24+October+2017.
During the call, we discussed an overview of the changes to the draft PPAA.
Please note that ICANN proposed a deadline of Tuesday, 14 November for all comments, concerns, and edits to the draft PPAA. The changes from the last iteration, provided to the IRT in July, have been highlighted in the attached issues list. Please respond to the list if you would like to request a longer review period.
During ICANN60, we will be presenting an overview of the P/P program’s status to the community. Attached, please find the slide deck for the presentation.
To highlight a few notes from the IRT’s discussion this morning, we received feedback to:
(a) Edit the definition of Working Group in Section 1.43, to specify that the Provider Stakeholder Group, if formed, shall only appoint the provider representatives of the Working Group, and the GNSO may appoint other members of the community.
(b) Add back in the previously-deleted Code of Conduct language in Section 3.5.1.
(c) Add back in the previously-deleted review provision in Section 7 of the Customer Data Accuracy Program Specification.
If you believe the above items do not reflect the intent of the Working Group’s recommendations, please reply to the list by 14 November 2017.
Thank you, and safe travels to those of you attending ICANN 60!
Kind regards,
Caitlin Tubergen
Registrar Services and Engagement Senior Manager
ICANN
12025 Waterfront Drive, Suite 300
Los Angeles, CA 90094
Office: +1 310 578 8666
Mobile: +1 310 699 5326
Email: caitlin.tubergen at icann.org
_______________________________________________
Gdd-gnso-ppsai-impl mailing list
Gdd-gnso-ppsai-impl at icann.org
https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl
_______________________________________________ Gdd-gnso-ppsai-impl mailing list Gdd-gnso-ppsai-impl at icann.org https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gdd-gnso-ppsai-impl/attachments/20171030/0228f7eb/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 10180 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/gdd-gnso-ppsai-impl/attachments/20171030/0228f7eb/image001-0001.png>
More information about the Gdd-gnso-ppsai-impl
mailing list