[Gnso-epdp-team] Draft Initial Report

Hadia Abdelsalam Mokhtar EL miniawi Hadia at tra.gov.eg
Wed Dec 4 11:32:27 UTC 2019


Hi James,

The two primary interests that you mentioned below are among the main purposes of the document sent to the EDPB. What is yet not understood, Milton's argument that regardless of the reply he opposes the idea of an entirely centralized request and disclosure system with a distributed registration data system. Depending on the answers we receive we should start factoring all elements in and thus deciding on the best possible system, refusing the entire idea just from the start does not seem to have any benefit to  the work of our team.

Best
Hadia Elminiawi
ALAC representative

From: Gnso-epdp-team [mailto:gnso-epdp-team-bounces at icann.org] On Behalf Of James M. Bladel
Sent: Wednesday, December 04, 2019 3:15 AM
To: Jennifer Gore; 'Mueller, Milton L'; King, Brian; gnso-epdp-team at icann.org
Subject: Re: [Gnso-epdp-team] Draft Initial Report

I’m not sure I understand the “conflict of interest” cited by Jennifer, below.  Are you proposing that Registrars will refuse to disclose data solely on the basis of having a service agreement with the data subject?  And how does disclosure terminate the customer relationship…I don’t recall our discussing this.

While I can’t speak for the Registrars that Jennifer has worked with or for, I don’t believe most Registrars would suspend or terminate service based on a disclosure request.  And while we seek to protect and secure our Registrant customers’ data, no Registrar I know would harbor an abusive or criminal actor for the sake of a $20 domain name.

The primary interests in play are (1) the Registrar’s interests in avoiding fines by complying with data protection law, and (2) the Registrar’s interest in avoiding legal action by their Registrant customers (individually or as a class) for improper disclosure of their private data.

J.


-------------
James Bladel
GoDaddy


From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org> on behalf of Jennifer Gore <Jennifer at winterfeldt.law>
Date: Tuesday, December 3, 2019 at 15:57
To: "'Mueller, Milton L'" <milton at gatech.edu>, "King, Brian" <Brian.King at markmonitor.com>, "gnso-epdp-team at icann.org" <gnso-epdp-team at icann.org>
Subject: Re: [Gnso-epdp-team] Draft Initial Report

Notice: This email is from an external sender.


Hello All,

In my opinion, the Registrar is the worst party to be the decision maker of the data subject due to the blatant conflict of interest. The registrant will have already entered into a legal relationship with the registrar under the registrant (end user) agreement along with it being in the best interests of the registrar to not terminate the relationship with the registrant.  Therefore, I hope Milton is not saying that he will hold up consensus even if the DPAs do support the isolation of centralized decision making within ICANN Org.

Best regards,
Jennifer


________________________________
[cid:image003.png at 01D5AAA6.F6C16460]<https://www.winterfeldt.law/>

Jennifer Gore
Internet Governance
Winterfeldt IP Group
1200 17<x-apple-data-detectors://12/1>th<x-apple-data-detectors://12/1> St NW<x-apple-data-detectors://12/1>, Ste 501<x-apple-data-detectors://12/1>
Washington, DC  20036<x-apple-data-detectors://12/1>
jennifer at winterfeldt.law<mailto:jennifer at winterfeldt.law>
+1 202 340 9631


From: Gnso-epdp-team [mailto:gnso-epdp-team-bounces at icann.org] On Behalf Of Mueller, Milton L
Sent: Tuesday, December 3, 2019 1:29 PM
To: King, Brian <Brian.King at markmonitor.com>; gnso-epdp-team at icann.org
Subject: Re: [Gnso-epdp-team] Draft Initial Report

From: King, Brian <Brian.King at markmonitor.com<mailto:Brian.King at markmonitor.com>>
>Are you saying that even if the DPB writes to the Strawberries and says
>“yes, it’s possible to isolate liability for decision-making centrally with
>ICANN Org”, it would still be impossible for us to come to consensus on
>the centralized decision-making model? (ignoring how (un)likely we think
>that response is)

Yes, indeed. That is what I am saying. This is one reason we are not so pleased with all this kerfuffle about the EDPB. You’re putting the cart before the horse.

What matters is not whether it is legally _possible_ for ICANN to magically absorb the legal responsibility of the registrars for releasing the data of their customers; what matters is whether that is _desirable_ from a policy standpoint. Legal advice or “guidance” from the EDPB has no bearing on what is the right policy, it only clarifies whether one of the policy options is feasible.

We want the disclosure decision to be made as close as possible to the party who is directly accountable to the registrant, the data subject, and that’s the registrar. We believe that the legitimate interests of data requestors are served by standardizing the process, and centralizing and facilitating requests, but centralizing disclosure is going to make it into an automated rubber stamp, as I suspect you have already figured out.

Dr. Milton L Mueller
School of Public Policy
Georgia Institute of Technology
[IGP_logo_gold block_email sig]



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20191204/7b92b552/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 5911 bytes
Desc: image003.png
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20191204/7b92b552/image003-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.jpg
Type: image/jpeg
Size: 2989 bytes
Desc: image004.jpg
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20191204/7b92b552/image004-0001.jpg>


More information about the Gnso-epdp-team mailing list