[Gnso-epdp-legal] Notes and action items - EPDP Phase 2 Legal Committee Meeting #3

Fri Aug 9 20:10:47 UTC 2019

Hi Tatiana –

The use case is meant to be illustrative, to facilitate Bird & Bird’s general understanding in order to provide its analysis.  As a result I don’t believe that the use case needs to be finalized before it is presented.

All the best,
Margie

From: Tatiana Tropina <tatiana.tropina at gmail.com>
Date: Friday, August 9, 2019 at 10:20 AM
To: Margie Milam <margiemilam at fb.com>
Cc: Caitlin Tubergen <caitlin.tubergen at icann.org>, "gnso-epdp-legal at icann.org" <gnso-epdp-legal at icann.org>
Subject: Re: [Gnso-epdp-legal] Notes and action items - EPDP Phase 2 Legal Committee Meeting #3

Hi Margie,
a question - is this the case we discussed on the call yesterday? I just wonder if there is a need to reach a general agreement within the bigger EPDP team on this use case before we forward the question to legal -- there were some questions about the use case yesterday and SSAC said they would reply. I think there is a need to wait until at least the issues with the case are resolved before sending the question to legal? - but would listen to what others say.
But as we have 1,5 weeks before the next meeting, maybe this could be sorted.
Wish you and all others a great weekend,
Cheers,
Tanya

On Fri, 9 Aug 2019 at 18:55, Margie Milam <margiemilam at fb.com<mailto:margiemilam at fb.com>> wrote:
Hi-
Following up on the action items from Tuesday’s call -  I added the use case we discussed on yesterday’s call to Question 11.

Updated Question 11: Can legal counsel be consulted to determine whether GDPR prevents fast automated, and non-rate limited responses (as described in SSAC 101) to nonpublic WHOIS data with regards to the SSAC use case (Overarching Purpose: Crime and abuse investigation by non-law enforcement parties) for properly credentialed security practitioners (as defined in SSAC 101), who have agreed on appropriate safeguards?  If such access is not prohibited, can counsel provide examples of safeguards (such as pseudonymization) that should be considered? (BC)

All the best,

Margie

From: Gnso-epdp-legal <gnso-epdp-legal-bounces at icann.org<mailto:gnso-epdp-legal-bounces at icann.org>> on behalf of Caitlin Tubergen <caitlin.tubergen at icann.org<mailto:caitlin.tubergen at icann.org>>
Date: Tuesday, August 6, 2019 at 11:07 AM
To: "gnso-epdp-legal at icann.org<mailto:gnso-epdp-legal at icann.org>" <gnso-epdp-legal at icann.org<mailto:gnso-epdp-legal at icann.org>>
Subject: [Gnso-epdp-legal] Notes and action items - EPDP Phase 2 Legal Committee Meeting #3

Updated Question 11: Can legal counsel be consulted to determine whether GDPR prevents fast automated, and non-rate limited responses (as described in SSAC 101) to nonpublic WHOIS data for properly credentialed security practitioners (as defined in SSAC 101), who have agreed on appropriate safeguards?  If such access is not prohibited, can counsel provide examples of safeguards (such as pseudonymization) that should be considered? (BC)

_______________________________________________
Gnso-epdp-legal mailing list
Gnso-epdp-legal at icann.org<mailto:Gnso-epdp-legal at icann.org>
https://mm.icann.org/mailman/listinfo/gnso-epdp-legal<https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_mailman_listinfo_gnso-2Depdp-2Dlegal&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=4Ct67L7B_OjiOzhFeRkGiZRNhJIU_MbBQeGI63cNa5I&s=euxVLQNefiEYd-TqfcuyjR1kybnG8vqVeVwoDX9xeRo&e=>
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_policy&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=4Ct67L7B_OjiOzhFeRkGiZRNhJIU_MbBQeGI63cNa5I&s=R9nOdr9ruR6dzN9mAoEy3HqOqKeXAxluNM0CPWYOHQc&e=>) and the website Terms of Service (https://www.icann.org/privacy/tos<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_tos&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=4Ct67L7B_OjiOzhFeRkGiZRNhJIU_MbBQeGI63cNa5I&s=FQVQkCt49mSrAD_a0inmlfD8HcQRjSFCSfnphDTMIy0&e=>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-legal/attachments/20190809/9a6f9128/attachment.html>