[Gnso-epdp-team] Notes and action items from EPDP Team Phase 2 Meeting #11 - 1 August 2019 - ALAC Online buyers Use Case

[Volker Greimann]

Thanks Hadia, but everything that needed to be said with regard to this 
use case has been said already and instead of r-iterating every argument 
I merely point towards what has been discussed before. This use case is 
not fit for RDS access.

Best,

Volker


Am 26.08.2019 um 17:37 schrieb Hadia Abdelsalam Mokhtar EL miniawi:
>
> Hello All,
>
> The ALAC online buyers online case is a real life scenario for why 
> there needs to be a distinction between natural and legal persons. I 
> shall not get into this debate. However, I note that consumers 
> identity and even location is now available to buyers through many 
> online applications, GDPR protects personal information of natural 
> persons and not legal persons. It is only fair to Internet end users 
> to allow them to have the contact information of the online 
> businesses. This is particularly important in case Internet end users 
> are dealing with small businesses online. You can find online 
> businesses  contact details now through some existing applications. 
> What and who are we trying to protect by not allowing this use case. 
> Commercial websites should be encouraged to indicate who they are and 
> publish their information. The architecture of the web inherently does 
> not require real identity, but having a complete anonymous system is 
> always an invitation to problems, making people feel less accountable 
> and diminishing the trust in the network. A survey conducted by Bright 
> Local showed that 60%  of customers prefer to call small businesses on 
> the phone. The survey also showed that consumers now look beyond 
> websites, RDS is only one tool of many however, prohibiting it to 
> exist works against the norm. I also note that getting clarity in 
> relation to the contracted parties liability in this regard is very 
> important and if implemented information should only be provided if 
> the case is absolutely clear.
>
> I attach the updated user case, which is also available through the 
> google doc
>
> Best
>
> Hadia el-Miniawi
>
> *From:*Gnso-epdp-team [mailto:gnso-epdp-team-bounces at icann.org] *On 
> Behalf Of *Mueller, Milton L
> *Sent:* Monday, August 19, 2019 5:27 PM
> *To:* Tara Whalen; gnso-epdp-team at icann.org
> *Subject:* Re: [Gnso-epdp-team] Notes and action items from EPDP Team 
> Phase 2 Meeting #11 - 1 August 2019 - ALAC Online buyers Use Case
>
> Tara:
>
> Responses inline below:
>
>  1. The ICANN Board resolved in May to have the ePDP “determine and
>     resolve the Legal vs. Natural issue in Phase 2."
>     https://www.icann.org/resources/board-material/resolutions-2019-05-15-en#1.b
>     Because the issue is not decided.
>
> Not quite correct. The Board noted that EPDP’s own Recommendation said 
> that we would resolve the issue in Phase 2. The board did not tell us 
> to do so. The resolution also notes the “Potential liability of a 
> registered name holder's incorrect self-identification of a natural or 
> legal person, which ultimately results in public display of personal 
> data.” This concern was one of several that motivated our reluctance 
> to attempt differentiation.
>
>  2. The EWG recommended a differentiation solution -- that registrants
>     be required to identify as a Registrant Type, with Legal Person
>     and Natural Person among the options.  It also required that a
>     mandatory Business PBC be published for “Registrants that
>     self-identify as Legal Persons engaged in commercial activity"
>     (pages 42-44 of final report).
>
> This option _/was/_ discussed and discarded in Phase 1. It was noted 
> that to the vast majority of ordinary people the distinction between 
> legal and natural has no meaning, and that there would be liability 
> consequences if there were incorrect identification (see above). And 
> besides, the recommendation of the EWG was made prior to GDPR and has 
> no bearing on EPDP.
>
>  3. ICANN’s Procedure for Handling WHOIS Conflicts with Privacy Law
>     was reviewed by the GNSO and revised in mid-2017. A goal of the
>     Procedure was “to resolve the problem in a manner that preserves
>     the ability of the registrar/registry to comply with its [current]
>     contractual WHOIS obligations to the greatest extent possible”. 
>     So -- to publish as much data as possible as allowed by law.
>
> Now you are way off base. Contractual Whois obligations in 2017 were 
> not compliant with GDPR. The Conflicts with Privacy Law procedure is 
> completely irrelevant to our proceedings.
>
>  4. Under that Procedure, about the only precedent was the .TEL case,
>     which addressed concerns raised by UK privacy law. In that case,
>     the WHOIS service was made to differentiate between natural and
>     legal persons.  Some public WHOIS data was limited for natural
>     persons who had elected to withhold their personal information
>     from disclosure by the WHOIS service, records for Legal Persons
>     had to return full and complete WHOIS data (including applicable
>     personal data), and Legal Persons were not permitted to opt out of
>     disclosing such information. The GDPR is definitely a different
>     law and may yield a different policy.  But the .TEL case did show
>     that it’s possible to tell the difference between a natural
>     person’s data and a legal person’s data, and to control where that
>     data appears.
>
> Same comment as above.
>
>
> _______________________________________________
> Gnso-epdp-team mailing list
> Gnso-epdp-team at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-epdp-team
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-- 
Volker A. Greimann
General Counsel and Policy Manager
*KEY-SYSTEMS GMBH*

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net

Key-Systems GmbH is a company registered at the local court of 
Saarbruecken, Germany with the registration no. HR B 18835
CEO: Alexander Siffrin

Part of the CentralNic Group PLC (LON: CNIC) a company registered in 
England and Wales with company number 8576358.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20190826/7ec5089f/attachment.html>