[Gnso-epdp-team] Comments on Final Report & Additional Topics- Part 1

Margie Milam margiemilam at fb.com
Tue Feb 5 02:02:35 UTC 2019

Per Marika’s request, here are some language clarifications for your consideration, as well as additional topic submitted on behalf of the BC,  and developed in collaboration with the IPC.  New Text is in yellow highlight.

Rec 1
Purpose 1(b):   Subject to the Registry and Registry Terms Conditions and Policies, and ICANN Consensus Policies – please ADD: { and relevant registry agreements and registrar accreditation agreements]

Purpose 2:  Footnote 6 needs to be moved to be linked to Purpose 2, not Rec 2.

Research purpose:  The EPDP Team commits to  considering in Phase 2 of its work whether additional purposes should be considered to facilitate research ADD: [ and threat response] carried out by ICANN’s Office of the Chief Technology Officer (OCTO). This consideration should be informed by legal guidance on if/how provisions in the GDPR concerning research apply to ICANN Org and the expression 426for the need of such data by  ICANN

Footnote 7/8  should not be a footnote but moved up to the body of the report.  These footnotes are substantive recommendations and commitments that should not be buried in a footnote.

Rec 7:   Replace “ICANN Compliance”with ”ICANN Organization” to be consistent with other recommendations.
Delete  the quote in  Footnote 12 on page 24, since this is inconsistent with Purpose 5.

Additional Topics:

Page 16- where there is the quote from the EDPB:
 It should therefore be made clear, as part of the registration process, that the registrant is free to (1) designate the same person as the registrant (or its representative) as the administrative or technical contact; or (2) provide contact information which does not directly identify the administrative or technical contact person concerned (e.g. admin at company.com<mailto:admin at company.com>). For the avoidance of doubt, the EDPB recommends explicitly clarifying this within future updates of the Temporary Specification”.

We believe it is important to follow the EDPB’s advice and propose including a recommendation regarding informed consent, in light of the legal advice received, as follows:

The EPDP recommends that as part of the registration process, the Registrar shall offer the registered name holder the option to (1) designate the same person as the registrant or its representative as the technical contact; or (2) provide contact information which does not directly identify the technical contact person, but instead uses a generic or role-based email  (e.g.admin at company.com<mailto:admin at company.com>).

OPTIONAL TECH CONTACT DISCUSSION:  We do not support making the Tech Contact optional  at the registrar level or registry level and believe that more discussion is needed.  For example, we have not discussed what happens to existing Tech contacts in the legacy registrations.  Shouldn’t there be a similar transitional process to what has been developed for the ORGANIZATION field?   In any event, this obligation must be requieeed for the registries since they should receive the tech contact data for those registrants who have provided consent.

RECOMMENTATION  REGARDING CONSENT Page 19 – Line 549  please delete  “as soon as commercially reasonable”.  Instead, this recommendation should track the dates for implementation under the transition plan that James and the registrars proposed in Toronto.

Rec 4: THICK WHOIS: we do not support the deletion of THICK WHOIS as a consensus policy, and believe that this goes beyond the scope of this EPDP.

Rec 8:  GLOBAL REDACTION vs. OPTIONAL AT THE REGISTRAR---  We do not agree with global application of the REDACTION, and believe  that this recommendation goes well beyond the Temp Spec, which at a minimum allows the registrars/registries to CHOOSE a different application, especially because of differing legal regimes.  Our policy needs to be flexible enough to account for laws beyond GDRP, such as the possible US legislation related to WHOIS.  Similarly, we do not believe that the redaction should apply to legal persons.  We recall James suggesting that we could consider an approach similar to the approach taken for the ORGANIZATION Field, and thus we would like to further explore it in Phase 2.

Footnote 15 is a recommendation that should be moved into the body of the Final Report & not be buried in a footnote.   Also- it needs to exclude registrations with privacy/proxy services and those for which the registrant has provided consent.

PAGE 27:  REDACTION OF CITY– we don’t agree with the redaction of CITY and are awaiting legal advice from Ruth on the issue. As a result, it is premature to make a recommendation that it be redacted now.  This should be a Phase 2 discussion

REC 9:   Instead of a “via a process that can be determined by each registrar”   we should have concrete steps that can be enforced by ICANN.  Could the registrars identify some reasonable steps for this process?

ADD:  After the implementation phase-in period, the ORG FIELD will no longer be REDACTED by either the registry or registrar.

We are still working through the remainder of the Final Report, and will follow up this email with additional comments.

All the best,

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20190205/da6451c8/attachment-0001.html>

More information about the Gnso-epdp-team mailing list