[Gnso-epdp-legal] EPDP - Additional Legal Issues (with attachment) [B&B-M.FID11020712]

Gabe Maldoff Gabe.Maldoff at twobirds.com
Fri Mar 1 19:05:27 UTC 2019 

Hi Kurt,

Just to follow up on this, we're aiming to have our note on question 2 for you by mid-next week. We'll let you know if we have any further questions, but at this stage we do not have any.

Best regards,
Gabe

From: Kurt Pritz [mailto:kurt at kjpritz.com]
Sent: 21 February 2019 16:21
To: Gabe Maldoff
Cc: gnso-epdp-legal at icann.org
Subject: Re: [Gnso-epdp-legal] EPDP - Additional Legal Issues (with attachment) [B&B-M.FID11020712]

Thanks Gabe. We will “huddle” on this and be back to you.

Best regards,

Kurt



On Feb 21, 2019, at 5:40 AM, Gabe Maldoff <Gabe.Maldoff at twobirds.com<mailto:Gabe.Maldoff at twobirds.com>> wrote:

Hi Kurt,

I hope you're well! We had a few follow-up points from your email below on which we'd be grateful for your assistance.

On question 1, our analysis will require some additional information:

a)    Benefits to rights holders of disclosing the city field. Are there any materials you could point us to that would further substantiate and help us quantify the benefit that rights holders receive by being able to more easily access the city field? Alternatively, if there isn't something written to point to, could we organise a call with the Intellectual Property constituency to discuss this with them?

b)    Potential impact for data subjects. Similarly, it would be helpful to understand what issues have arisen in the past – in terms of consequences for data subjects – as a result of the publication of Whois data. Are there materials that discuss this or could we set up a call (would it be with the Commercial Stakeholder group?)?

If it would be helpful, we could also speak with other domain name registration bodies (e.g. country-code top level domains) to understand the factors they considered in their analyses. Equally, ICANN may prefer that we not reach out to other bodies on this – please let us know either way.

On question 2, we have begun working through the materials you shared. If we have any questions as we go through them next week, we will be back in touch.

Many thanks,
Gabe


Gabe Maldoff

Associate
Attorney (New York)
Bird & Bird
gabe.maldoff at twobirds.com<mailto:gabe.maldoff at twobirds.com>

Direct   +44 (0)20 7982 6442
Tel       +44 (0)20 7415 6000
Fax      +44 (0)20 7415 6111

Bird & Bird LLP
12 New Fetter Lane
London EC4A 1JP
United Kingdom

twobirds.com<http://www.twobirds.com/>

[Bird & Bird Logo]



-----Original Message-----
From: Ruth Boardman
Sent: 18 February 2019 07:40
To: Kurt Pritz
Cc: Gabe Maldoff; gnso-epdp-legal at icann.org<mailto:gnso-epdp-legal at icann.org>
Subject: Re: EPDP - Additional Legal Issues (with attachment)

Hello Kurt,

Thank you for this.

This is just a line to acknowledge - the proper reply (with comments on timing and some questions/ suggestions) is to follow later this week.

Best,

Ruth

Sent from my iPad

> On 16 Feb 2019, at 22:56, Kurt Pritz <kurt at kjpritz.com<mailto:kurt at kjpritz.com>> wrote:
>
> Dear Ruth and Gabe:
>
> On behalf of the EPDP Legal Team, I hope this letter finds you both well. I am writing for two reasons.
>
> 1. City Name Memorandum.
>
> We found your memo (analysis and conclusions) to be clear. Please take this letter as authorization to continue the research and analysis as indicated in Sections 3.16-3.18 of your memorandum on this topic.
>
> Please let us know if you require an additional consultation before starting this effort.
>
> 2. Additional question: “Thick Whois"
>
> The question has to do with the current “Thick Whois” Policy.
>
> Assuming that:
>
>  *   ICANN adopts all of the “purposes" identified in the EPDP current draft version of Recommendation 1,  [see below for reference to those purposes for processing registration data], which addresses processing for the benefit of registries, registrars, ICANN, and third parties, as part of a future Consensus Policy that updates the WHOIS policy to address GDPR concerns
>  *   These purposes become incorporated into the relevant registrar and registry agreements with ICANN
>  *   There is a prior consensus policy calling for THICK WHOIS that was adopted by the ICANN Board following the Bylaws, that requires the transfer of the WHOIS contact data from the registrars to the registries for reasons that are identified in the Final Report, including ICANN mission related, “substantial benefits from mandating thick instead of thin Whois, including enhanced accessibility and enhanced stability."
>
> Question:  Is there a legal basis under GDPR for a Controller or Processor to justify a transfer of data  elements from registrars to registries to enable the processing called for in these purposes even though the processing  and transfer of data may be to enable processing for the benefit of 3rd parties? I.e., should the resulting policy from the EPDP would continue the requirement for Thick WHOIS?
>
> For supporting your work on this question, please take note of the  Thick Whois Final Report<https://gnso.icann.org/en/issues/whois/thick-final-21oct13-en.pdf<https://gnso.icann.org/en/issues/whois/thick-final-21oct13-en.pdf>> (https://gnso.icann.org/en/issues/whois/thick-final-21oct13-en.pdf<https://gnso.icann.org/en/issues/whois/thick-final-21oct13-en.pdf><https://gnso.icann.org/en/issues/whois/thick-final-21oct13-en.pdf<https://gnso.icann.org/en/issues/whois/thick-final-21oct13-en.pdf>>) that describes the policy reasons for the recommendations. See also, https://www.icann.org/resources/pages/thick-whois-2016-06-27-en<https://www.icann.org/resources/pages/thick-whois-2016-06-27-en><https://www.icann.org/resources/pages/thick-whois-2016-06-27-en<https://www.icann.org/resources/pages/thick-whois-2016-06-27-en>>.
>
> If you believe that a portion of the meeting records might be helpful to understand the rationale behind the policy recommendations, ICANN will be able to help you with that research.
>
> The current version of the EPDP report is attached and lists the purposes for processing registration data: see page 5, Section 2.1, Recommendation 1.
>
> In discussion this issue among the Team we believe that, because of its complexity, there will be some iteration between the EPDP Legal Team and Bird and Bird before a final memo is delivered. Therefore, please feel free to contact us at any point during your research and analysis.
>
>
> Final note: Please take note that your input ion these issues will affect Phase 2 or implementation discussions and are not on the critical path for the Final Report on Phase 1 of the EPDP. So while timely input is requested, we are not working against a hard and immediate deadline.
>
> Please let us know if you have any questions.
>
> Best regards,
>
> Kurt
>
> <EPDP Team Draft Final Report - Clean - version 11 February 2019.pdf>
>


________________________________
BIRD & BIRD


For information on the international legal practice comprising Bird & Bird LLP and its affiliated and associated businesses (together "Bird & Bird"), our offices, our members and partners, regulatory information, complaints procedure and the use of e-mail see www.twobirds.com/LN<http://www.twobirds.com/LN>

For our privacy policy, including the types of personal information we collect, how we collect and process that information, who we may share it with in relation to the services we provide and certain rights and options that you have in this respect, see www.twobirds.com/LNPrivacy<http://www.twobirds.com/LNPrivacy>. Click here<https://sites-twobirds.vuture.net/5/52/landing-pages/unsubscribe-blank.asp> if you would like to opt-out of receiving marketing communications from Bird & Bird. Opting out of receiving marketing communications will not affect our continuing communications with you for the provision of our legal services.

Any e-mail sent from Bird & Bird may contain information which is confidential and/or privileged. Unless you are the intended recipient, you may not disclose, copy or use it; please notify the sender immediately and delete it and any copies from your systems. You should protect your system from viruses etc.; we accept no responsibility for damage that may be caused by them.

For the terms on which we receive from, hold for or make available to a client or third party client money see www.twobirds.com/CM<http://www.twobirds.com/CM>

Bird & Bird LLP, a limited liability partnership, registered in England and Wales with registered number OC340318, with its registered office and principal place of business at 12 New Fetter Lane, London EC4A 1JP, is authorised and regulated by the Solicitors Regulation Authority, whose professional rules and code may be found at www.sra.org.uk/handbook/<http://www.sra.org.uk/handbook/>

A list of members of Bird & Bird LLP and of any non-members who are designated as partners, being lawyers or other professionals with equivalent standing or qualifications, and of their respective professional qualifications, is open to inspection at its registered office.

_______________________________________________
Gnso-epdp-legal mailing list
Gnso-epdp-legal at icann.org<mailto:Gnso-epdp-legal at icann.org>
https://mm.icann.org/mailman/listinfo/gnso-epdp-legal<https://mm.icann.org/mailman/listinfo/gnso-epdp-legal>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-legal/attachments/20190301/875eb750/attachment-0001.html>

More information about the Gnso-epdp-legal mailing list