[Gnso-epdp-team] FW: [Ext] Question for ICANN org re DPIA
marika.konings at icann.org
Fri Sep 28 00:01:23 UTC 2018
FYI (note that Collin sent this email originally before her status on the mailing list was changed back to alternate but it then did not go through)
From: Collin Kurre <collin at article19.org>
Date: Thursday, September 27, 2018 at 5:42 PM
To: "gnso-epdp-team at icann.org" <gnso-epdp-team at icann.org>
Cc: Marika Konings <marika.konings at icann.org>, Caitlin Tubergen <caitlin.tubergen at icann.org>
Subject: [Ext] Question for ICANN org re DPIA
Stemming from conversations this week, would anyone be opposed to posing the following question to ICANN org from the EPDP group?
“Why hasn’t a Data Protection Impact Assessment been carried out to clarify data flows and ICANN’s relationship with the data subject in light of its acknowledged role as a joint controller and Article 35 of the GDPR?”
GDPR Section 3 Article 35.1, for reference:
Where a type of processing in particular using new technologies, and taking into account the nature, scope, context and purposes of the processing, is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall, prior to the processing, carry out an assessment of the impact of the envisaged processing operations on the protection of personal data. A single assessment may address a set of similar processing operations that present similar high risks.
Nice seeing everyone in person!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnso-epdp-team