[Gnso-epdp-team] FW: [Ext] Re: [GNSO-EPDP-Lead] Purpose B Small Team

Thomas Rickert epdp at gdpr.ninja
Wed Oct 17 15:11:58 UTC 2018 

Hi Benedict, Volker and all,
Thanks for the suggested language, Benedict. 

I think this really needs to be discussed with the entire team. 

Given ICANN’s limited mandate, the purpose needs to be tied to the scope of the bylaws. 

Notwithstanding that, contracted parties could claim to pursue such purpose and base their own processing on that, so I think we need to discuss this and have a clear demarcation between what ICANN’s role is and what interests the contracted parties might pursue.

Best
Thomas

> Am 17.10.2018 um 10:29 schrieb Volker Greimann <vgreimann at key-systems.net>:
> 
> This purpose description seems to be a significant case of mission creep by including non-technical uses under the commitment  of section 1.2(a)(i), which should remain focussed on the technical role of ICANN of maintaining a secure, stable and resiliant DNS. 
> 
> Adding in fraud or crime prevention expends the scope beyond that contemplated in the bylaws and should be rejected.
> 
> The best definition of this purpose is included in the bylaws under the scope of the Security, Stability, and Resiliency Review as well as the Annexes G1 and G2, none of which provide for such a broad interpretation of this purpose.
> 
> This purpose is a technical function with some elements regulating the behaviour of those parties that a delegated elements of this technical functions, e.g. the contracted parties, with regard to this technical function.
> 
> Best,
> 
> Volker
> 
> 
> Am 16.10.2018 um 23:28 schrieb Caitlin Tubergen:
>> Thanks, Benedict.
>>  
>> Given the proximity to ICANN63, we took the liberty of sending this language to the full team so that we can discuss in Barcelona.
>> 
>> Thanks again for taking the lead on this!
>>  
>> Best regards,
>>  
>> Marika, Berry and Caitlin
>>  
>> From: Benedict Addis <bee at theale.co.uk> <mailto:bee at theale.co.uk>
>> Date: Tuesday, October 16, 2018 at 6:21 AM
>> To: Kurt Pritz <kurt at kjpritz.com> <mailto:kurt at kjpritz.com>
>> Cc: Stephanie Perrin <stephanie.perrin at mail.utoronto.ca> <mailto:stephanie.perrin at mail.utoronto.ca>, Thomas Rickert <epdp at gdpr.ninja> <mailto:epdp at gdpr.ninja>, Lindsay Hamilton-Reid <lindsay.hamilton-reid at fasthosts.com> <mailto:lindsay.hamilton-reid at fasthosts.com>, Caitlin Tubergen <caitlin.tubergen at icann.org> <mailto:caitlin.tubergen at icann.org>, "gnso-epdp-lead at icann.org" <mailto:gnso-epdp-lead at icann.org> <gnso-epdp-lead at icann.org> <mailto:gnso-epdp-lead at icann.org>
>> Subject: [Ext] Re: [GNSO-EPDP-Lead] Purpose B Small Team
>>  
>> Dear all, 
>>  
>> On Kurt’s suggestion, I propose the following Purpose B that relies directly on the language in Recitals 47, 49 and 50.
>>  
>> [ICANN requires that registration data is processed for the purpose of...]
>>  
>> maintaining the security, stability and resiliency of the Domain Name System. This will involve the disclosure of existing registration data to legitimate third parties, for the following reasons only: 1) fraud prevention; 2) network and information security; and 3) indicating possible criminal acts, or threats to public security.
>>  
>> I think that for ICANN, disclosure will happen under 6(1)f. Third parties will require a lawful basis of their own for their processing, governed by a common set of standards that we’ll discuss when we come to the access discussion.
>>  
>> Thoughts?
>> B
>> 
>> 
>> 
>>  
>> 
>> 
>> _______________________________________________
>> Gnso-epdp-team mailing list
>> Gnso-epdp-team at icann.org <mailto:Gnso-epdp-team at icann.org>
>> https://mm.icann.org/mailman/listinfo/gnso-epdp-team <https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
> -- 
> Volker A. Greimann
> General Counsel and Policy Manager
> KEY-SYSTEMS GMBH
> 
> T: +49 6894 9396901
> F: +49 6894 9396851
> W: www.key-systems.net <http://www.key-systems.net/>
> 
> Key-systems is a company registered in Germany with Registration No.: HR B 18835 - Saarbruecken: CEO: Alexander Siffrin
> Registered Offices: Im Oberen Werk 1, DE-66386 St. Ingbert, Germany
> 
> Part of the CentralNic Group PLC (LON: CNIC) a company registered in England and Wales with company number 8576358.
> Registered Offices: 35-39 Moorgate, London, EC2R 6AR. 
> _______________________________________________
> Gnso-epdp-team mailing list
> Gnso-epdp-team at icann.org <mailto:Gnso-epdp-team at icann.org>
> https://mm.icann.org/mailman/listinfo/gnso-epdp-team <https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20181017/b74b491f/attachment.html>

More information about the Gnso-epdp-team mailing list