[Gnso-epdp-legal] Proposed Agenda - EPDP Legal Team, Meeting #2 - 2 Jan 2019

Margie Milam margiemilam at fb.com
Wed Jan 2 19:48:20 UTC 2019 

Hi & Happy New Year:

Here is a first stab at the language related to conflicts:

In selecting the law firm,  ICANN will consider whether the law firm has any actual or positional conflicts of interest with respect to the application of GDPR to WHOIS.  In responding to the RFP, interested law firms should note whether they have previously provided advice to ICANN, Contracted Parties, or interested third parties (such as those seeking access to WHOIS), regarding the application of GDPR to WHOIS, that may prevent them from providing advice that may be inconsistent or contrary to prior advice provided on this issue.

All the best,

Margie




From: Gnso-epdp-legal <gnso-epdp-legal-bounces at icann.org> on behalf of "mail at berrycobb.com" <mail at berrycobb.com>
Date: Tuesday, January 1, 2019 at 2:15 PM
To: "gnso-epdp-legal at icann.org" <gnso-epdp-legal at icann.org>
Subject: [Gnso-epdp-legal] Proposed Agenda - EPDP Legal Team, Meeting #2 - 2 Jan 2019

Hi All,

Welcome to 2019.
Please find attached the proposed agenda for the next EPDP Legal Team meeting.

Wednesday, 2 January 2019 – 14:00 UTC

  1.  Roll Call & SOI Updates (5 minutes)
  2.  Review / Present on open action items (20 minutes)
     *   Open actions list:
        *   Margie to draft conflict of interest language for this team to review by the end of the week. (open)
        *   Thomas to draft CCWG lessons learned, e.g., one law firm preferred, early intervention from Board liaisons preferred, for this team to review by the end of the week. (open)
        *   Berry to provide written update on the procurement process. (will present at call)
        *   Caitlin to send initial question assignments to team members. (see below), https://mm.icann.org/pipermail/gnso-epdp-legal/2018-December/000004.html<https://urldefense.proofpoint.com/v2/url?u=https-3A__mm.icann.org_pipermail_gnso-2Depdp-2Dlegal_2018-2DDecember_000004.html&d=DwMFAg&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=D_C3sk2OFP5AYcn3N0Ma5QyeTv3Lc-oGpM8nDyblr0w&s=oUQ7hIp9023J-Qk5OXGnJ3ym1Cq97zNglxiUHyYo0Fs&e=>
  3.  Continue developing EPDP Questions requiring legal advice (30 minutes)
  4.  Wrap and confirm next meeting to be scheduled for Wednesday 9 January 2019 at 14.00 UTC
     *   Confirm action items


Question 1: Hadia, Emily, Leon
The EPDP Team also took note of a related footnote which states, “[if contact details for persons other than the RNH are provided] it should be ensured that the individual concerned is informed”. The EPDP Team discussed whether this note implies that it is sufficient for the Registered Name Holder (RNH) to inform the individual it has designated as the technical contact, or whether the registrar may have the additional legal obligations to obtain consent. The EPDP Team agreed to request further clarification from the EDPB on this point. (p. 33 of Initial Report)

Question 2: Laureen, Kristina, Margie
(For the EDPB) If registrars allow registrants to self-identify at the time as a natural or legal person, who will be held liable if the registrant incorrectly self-identifies and personal information is publicly displayed? Apart from self-identification, and educational materials to inform the registrant, are there any other ways in which risk of liability could be mitigated by registrars? (p. 53 of Initial Report)

Question 3: Thomas, Diane, Tatiana
As noted below, the EPDP Team disagreed about the application of Art. 6(1)b, namely, does the reference ‘to which the data subject is party’ limit the use of this lawful basis to only those entities that have a direct contractual relationship with the Registered Name Holder? Similarly, in relation to Art. 6(1)(b), questions arose regarding how to apply “necessary for the performance of a contract”; specifically, does this clause solely relate to the registration and activation of a domain, or, alternatively, could related activities such as fighting DNS abuse also be considered necessary for the performance of a contract? The EPDP Team plans to put these questions forward to the European Data Protection Board (EDPB) to obtain further clarity in order to help inform its deliberations. (p. 57 of the Initial Report)



Thank you.

B

Berry Cobb
GNSO Policy Consultant
@berrycobb

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-legal/attachments/20190102/88a19297/attachment.html>

More information about the Gnso-epdp-legal mailing list