Mueller, Milton L
milton at gatech.edu
Mon Aug 27 17:37:03 UTC 2018
> -----Original Message-----
> My understanding is EPDP was tasked to find a way
> to gain access to WHOIS data without running foul of GDPR and nothing
> else..compliance with other laws was not part of the EPDP mandate.
That is a pretty fundamental misunderstanding of the ePDP's charter. The basic task of ePDP is to ratify or modify the temp spec. Here is the relevant statement from the charter.
" This EPDP Team is being chartered to determine if the Temporary Specification for gTLD Registration Data should become an ICANN Consensus Policy, as is or with modifications, while complying with the GDPR and other relevant privacy and data protection law."
Regarding access, the charter says, "Work on this topic shall begin once the gating questions above have been answered and finalized in
preparation for the Temporary Specification initial report"
1) temp spec first;
2) "other relevant privacy and data protection law" is applicable, not just GDPR;
3) we deal with access to redacted Whois data after we have resolved the status of the temp spec.
Here's a link to the charter:
More information about the Gnso-epdp-team