[Gnso-epdp-team] For your review - revised language re. Geographic application

James M. Bladel jbladel at godaddy.com
Fri Nov 9 22:25:36 UTC 2018

Diane and team –

I’m much more comfortable with the term “over-application” versus “over-compliance.”  The former has some basis in aligning the policy to the law.  The latter speaks to the risk tolerance of any given Contracted Party.



James Bladel

From: "Plaut, Diane" <Diane.Plaut at corsearch.com>
Date: Friday, November 9, 2018 at 16:05
To: Thomas Rickert <epdp at gdpr.ninja>, "James M. Bladel" <jbladel at godaddy.com>, Alex Deacon <alex at colevalleyconsulting.com>, "Mark Svancarek (CELA)" <marksv at microsoft.com>, Margie Milam <margiemilam at fb.com>, Steve DelBianco <sdelbianco at netchoice.org>, "King, Brian" <brian.king at markmonitor.com>
Cc: "gnso-epdp-team at icann.org" <gnso-epdp-team at icann.org>
Subject: Re: [Gnso-epdp-team] For your review - revised language re. Geographic application

Dear Ayden and James,

We have read your input and respect it but applying privacy and data protection laws involves balance.  As the GDPR states, "the protection of personal data is not an absolute right; it must be considered in relation to its function in society and be balanced against other fundamental rights."  Those other fundamental rights include the rights to personal security, rights to protect one's creations, rights to be free from sexual exploitation and a host of other rights and interests, as you certainly appreciate.  For example, we heard in Barcelona from a Swedish law enforcement official that redaction of WHOIS data is impeding his unit's investigations into child sexual exploitation.  It seems to us, your approach is not adequately taking into account the fundamental balance of competing rights that need to be weighed in striking an appropriate application of privacy law.  We all value privacy rights but other rights must also be considered in balance, and although we may have different views from yours on the issue at hand, we feel just as strongly about ethical standards and ensuring those standards are met. We agree with James' statement that there is no such concept as "over-compliance" within privacy law--the accurate language, as written in our text is "over-application" rather than "over-compliance." Moreover, we point out that policy recommendations do not warrant the use of legal terms but descriptive language. There is legal and general definitional meaning of “over-application, ” but for full clarity purposes, we will amend our comments to: “misapplication of the GDPR specifically, and relevant data protection laws.”  Lastly, we point out, as Milton stated at the end of our last team call, we should not be editing other group’s comments. Therefore, while we will edit the above-noted language to take into account your sentiments, the intent and meaning of our comments should not be changed.



Diane Plaut
General Counsel and Privacy Officer
[cid:image001.png at 01D3CA70.18FC1D40]
Direct +1 646-899-2806 
diane.plaut at corsearch.com<mailto:diane.plaut at corsearch.com>

220 West 42nd Street, 11th Floor, New York, NY 10036, United States
Join Corsearch on   Twitter<https://twitter.com/corsearch>  Linkedin<https://www.linkedin.com/company/2593860/>  Trademarks + Brands<http://trademarksandbrands.corsearch.com/>
Customer Service/Platform Support: 1 800 SEARCH1™ (1 800 732 7241)
Corsearch.USCustomerService at corsearch.com<mailto:Corsearch.USCustomerService at corsearch.com>

Confidentiality Notice: This email and its attachments (if any) contain confidential information of the sender. The information is intended only for the use by the direct addressees of the original sender of this email. If you are not an intended recipient of the original sender (or responsible for delivering the message to such person), you are hereby notified that any review, disclosure, copying, distribution or the taking of any action in reliance of the contents of and attachments to this email is strictly prohibited. If you have received this email in error, please immediately notify the sender at the address shown herein and permanently delete any copies of this email (digital or paper) in your possession.

From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org> on behalf of Thomas Rickert <epdp at gdpr.ninja>
Date: Friday, November 9, 2018 at 12:29 PM
To: "James M. Bladel" <jbladel at godaddy.com>
Cc: "gnso-epdp-team at icann.org" <gnso-epdp-team at icann.org>
Subject: Re: [Gnso-epdp-team] For your review - revised language re. Geographic application

I agree with Ayden and James.

As the term „over-application“ is not a legal term, there is the risk that it is understood as conveying a (negative) value judgement. In our report, we should rather present diverging views in an unbiased fashion.

Kind regards,

Am 09.11.2018 um 17:11 schrieb James M. Bladel <jbladel at godaddy.com<mailto:jbladel at godaddy.com>>:

Agree with Ayden, there is no such concept as “over-compliance” with the law.  And I recommend replacing the specific (GDPR) with the generic (Data Protection law/requirements) wherever possible.


James Bladel

From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org<mailto:gnso-epdp-team-bounces at icann.org>> on behalf of Ayden Férdeline <icann at ferdeline.com<mailto:icann at ferdeline.com>>
Reply-To: Ayden Férdeline <icann at ferdeline.com<mailto:icann at ferdeline.com>>
Date: Friday, November 9, 2018 at 10:09
To: Marika Konings <marika.konings at icann.org<mailto:marika.konings at icann.org>>
Cc: "gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org>" <gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org>>
Subject: Re: [Gnso-epdp-team] For your review - revised language re. Geographic application

I take objection to the first bullet point that says the "GDPR should not be over-applied."  While the law may set forward minimum standards of behaviour, ethical duties and obligations do not always neatly correspond, and I believe it is our responsibility to make decisions that are ethical, and not only strictly legal. I appreciate Alan Greenberg wrote on our list several days ago to say we may have differing opinions on what is ethical and what is not, and I do not dispute that. Of course there is a degree of subjectivity here, though I would also say it isn't actually all that fuzzy. We should not need laws and regulations to guide our actions, but a moral compass that tells us we should not violate the rights of others just because we can get away with it. All domain name registrants should be entitled to privacy protections, not just those in jurisdictions with data protection regulations backed by fines.

Best wishes,
Ayden Férdeline

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Friday, 9 November 2018 16:34, Marika Konings <marika.konings at icann.org<mailto:marika.konings at icann.org>> wrote:

Dear All,

Please find attached for your review the proposed language in relation to geographic application for inclusion in the Initial Report, based on the input that has been received to date. Staff accepted the redlines of the previous version so the redlines on page 1-2 are the edits that have been made based on the discussions to date as well as edits suggested (in the subsequent pages you can find the original draft as well as input received). Please share any further comments you made have with the mailing list by Monday 12 November at the latest.

Best regards,

Caitlin, Berry and Marika

Marika Konings
Vice President, Policy Development Support – GNSO, Internet Corporation for Assigned Names and Numbers (ICANN)
Email: marika.konings at icann.org<mailto:marika.konings at icann.org>

Follow the GNSO via Twitter @ICANN_GNSO
Find out more about the GNSO by taking our interactive courses<https://urldefense.proofpoint.com/v2/url?u=http-3A__learn.icann.org_courses_gnso&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=7_PQAir-9nJQ2uB2cWiTDDDo5Hfy5HL9rSTe65iXLVM&m=5DXgId95wrCsHi--pxTiJD7bMB9r-T5ytCn7od3CF2Q&s=Cg5uQf0yAfw-qlFZ0WNBfsLmmtBNUiH0SuI6Vg-gXBQ&e=> and visiting the GNSO Newcomer pages<https://urldefense.proofpoint.com/v2/url?u=http-3A__gnso.icann.org_sites_gnso.icann.org_files_gnso_presentations_policy-2Defforts.htm-23newcomers&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=7_PQAir-9nJQ2uB2cWiTDDDo5Hfy5HL9rSTe65iXLVM&m=5DXgId95wrCsHi--pxTiJD7bMB9r-T5ytCn7od3CF2Q&s=tT-E2RoAucUb3pfL9zmlbRdq1sytaEf765KOEkBVCjk&e=>.

Gnso-epdp-team mailing list
Gnso-epdp-team at icann.org<mailto:Gnso-epdp-team at icann.org>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20181109/e5916110/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 5571 bytes
Desc: image001.png
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20181109/e5916110/image001-0001.png>

More information about the Gnso-epdp-team mailing list