[Gnso-epdp-team] Recommendation 12 - Reasonable Access

Wed Feb 6 22:27:31 UTC 2019

Ayden, prior to the Temp Spec, contracted parties had no need to reply to such requests because the information was public. With the Temp Spec and with the policy and Purposes we are recommending, contracted parties have a new obligation. Thus we are implicitly "expanding the role of Contractual Compliance" since their role is to ensure that contracted parties are fully fulfilling their obligations and we are adding obligations!

Alan

I oppose the edit put
forward by our colleagues in the ALAC that seeks to expand the role of
Contractual Compliance.

However, if the desire is more along the lines of (2) and the tool was
funded on a cost-recovery basis by those seeking to utilize it, and not
indirectly or directly by registrants, I would not object to language
along the following lines:

--
The EPDP Team recommends that ICANN org and the contracted parties
develop a mechanism that provides third party requestors with uniform
statistical information on the 1) nature of submitted requests, 2)
average processing time, and 3) the number of requests approved or
rejected, with rationale appropriately coded for information purposes.
Such a mechanism must be funded on a cost-recovery basis by those private
sector third parties who make access requests and seek to have access to
these records.
--

Ayden

 Original Message
On Wednesday, February 6, 2019 2:59 PM, Mark Svancarek \(CELA\) via
Gnso-epdp-team
<
gnso-epdp-team at icann.org<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>> wrote:

> Hopefully there is some language which properly reflects the
variability of request responses while recognizing that nothing can be
judged successful or improved without measuring it.
>
> For example, in our online services (1) we offer a firm SLA to
our customers and reimburse them when we miss it, regardless why we
missed it... but (2) internally we generate more interesting metrics to
better understand the root causes, opportunities to improve, and the
relative frequency of the various issues. Also, this reduces
finger-pointing between teams.
>
> CPs cannot agree to language which implies (1); ALAC is
requesting something like (2).
>
> /marksv
>
> -----Original Message-----
> From: Gnso-epdp-team

gnso-epdp-team-bounces at icann.org<https://mm.icann.org/mailman/listinfo/gnso-epdp-team> On Behalf Of Hadia Abdelsalam
Mokhtar EL miniawi
> Sent: Wednesday, February 6, 2019 11:36
> To: Alan Woods
alan at
donuts.email<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
> Cc:

gnso-epdp-team at icann.org<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
> Subject: Re: [Gnso-epdp-team] Recommendation 12 - Reasonable
Access
>
> Hi Alan,
>
> I am sorry that this is how you feel about our suggestion with
regard to compliance, certainly there was no intention to having a stick
to beat the contracted parties. Usually auditing is something that both
parties benefit from. In what sense does our suggestion put new
obligations on the contracted parties? It is just a means of verifying
the process and this is good for the CPs as well because it ascertains
the functionality of their system. Moreover how does the suggestion of
having some kind of auditing contradict with the fact that every single
request received must be considered individually? Additionally, we never
said that existing complaints' processes can not be used we only said
that you need to agree on the auditing mechanisms/means or whatever you
want to call it. This is merely a suggestion to implement a sense of
trust into the system, rather than having that trust something as
intangible as good faith between the parties involved.
>
> Finally I invite you to put a few lines that speak about using
existing complaints processes in this regard.
>
> Hadia
>
> From: Alan Woods
alan at
donuts.email<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
> Sent: 06 February 2019 19:01
> To: Hadia Abdelsalam Mokhtar EL miniawi
> Cc: Marika Konings; Sarah Wyld;

gnso-epdp-team at icann.org<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
> Subject: Re: [Gnso-epdp-team] Recommendation 12 - Reasonable
Access
>
> To be perfectly honest, I think that Hadia & Alan's
suggestions, are perilously close to going against the the very nature of
the tentative agreements we have on Recommendation 12. If their point of
view is that ICANN compliance must be used as a stick to beat the
Contracted parties into submission/compliance, I find that exceptionally
unhelpful. It is not the role of the ePDP to create new obligations for
CPs outside of that which is necessary for GDPR compliance!
>
> The repeated issue of the parties is that it is nigh on
impossible to set this in stone; every single request received must be
considered individually, on its own merits (as the GDPR, which supersedes
all our machinations, requires). The CPs are coming to the table in
goodwill noting that we understand the need for predictability for 3rd
party requests. We have discussed at length the impossibility of setting
a strict timeline on such requests, I simply think this squanders the
goodwill in this agreement in now suggesting a frankly unimplementable,
or more likely a utterly ad hoc and random audit system, rather than
accepting that the contracted parties are acting in good faith, and will
continue to do so. For those CPs who do not act in good faith, I have a
feeling that a poor audit result regarding response to disclosure
requests will be the least of the issues.
>
> There are elements that are tangible and capable of ICANN review
upon complaints regarding same, using existing complaints processes.
Let's not reinvent the wheel here!
>
> So to be clear. The RYSG strongly opposes the ALAC addition.
>
> Alan
>
> [Donuts
Inc.]
https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdonuts.domains&data=02|01|marksv%40microsoft.com|a9079d3d169b43325b3f08d68c6aa4ce|72f988bf86f141af91ab2d7cd011db47|1|0|636850787006891055&sdata=qNzaAlOZg%2FMQWGew0BAhQsiEgNSJWm93KQLay7KeXJM%3D&reserved=0<https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdonuts.domains&data=02|01|marksv%40microsoft.com|a9079d3d169b43325b3f08d68c6aa4ce|72f988bf86f141af91ab2d7cd011db47|1|0|636850787006891055&sdata=qNzaAlOZg%2FMQWGew0BAhQsiEgNSJWm93KQLay7KeXJM%3D&reserved=0>
> Alan Woods
> Senior Compliance & Policy Manager, Donuts Inc.
>
> The Victorians,
> 15-18 Earlsfort Terrace
> Dublin 2, County Dublin
> Ireland
>
>
[
https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fstorage.googleapis.com%2Fsignaturesatori%2Ficons%2Ffacebook.png&data=02|01|marksv%40microsoft.com|a9079d3d169b43325b3f08d68c6aa4ce|72f988bf86f141af91ab2d7cd011db47|1|0|636850787006891055&sdata=zgvRrc4%2F2R4vEiotdSdqRqyFG768vmONrHXOs1ENVoI%3D&reserved=0
]
https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.facebook.com%2Fdonutstlds&data=02|01|marksv%40microsoft.com|a9079d3d169b43325b3f08d68c6aa4ce|72f988bf86f141af91ab2d7cd011db47|1|0|636850787006891055&sdata=ZeISVoj4mLSFO8K0S27Nh5xZL2%2FVm5q9pYcz1SvfphI%3D&reserved=0
 [https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fstorage.googleapis.com%2Fsignaturesatori%2Ficons%2Ftwitter.png&data=02|01|marksv%40microsoft.com|a9079d3d169b43325b3f08d68c6aa4ce|72f988bf86f141af91ab2d7cd011db47|1|0|636850787006891055&sdata=4JUZEzvlQHSFB7n7JYasT%2Byjs4cafuTysVYL%2Fn%2F7gZU%3D&reserved=0]

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FDonutsInc&data=02|01|marksv%40microsoft.com|a9079d3d169b43325b3f08d68c6aa4ce|72f988bf86f141af91ab2d7cd011db47|1|0|636850787006891055&sdata=yEwpQ7m%2F%2BrcZT2rqa8zZ%2BCi6YfD3fYgz%2Fdwj0sSZp%2F0%3D&reserved=0
 [https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fstorage.googleapis.com%2Fsignaturesatori%2Ficons%2Flinkedin.png&data=02|01|marksv%40microsoft.com|a9079d3d169b43325b3f08d68c6aa4ce|72f988bf86f141af91ab2d7cd011db47|1|0|636850787006901063&sdata=Jq7W2sADswmiY%2Bbw%2F0fQArEE6zdKO7%2FvsbAzbr494jU%3D&reserved=0]

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fdonuts-inc&data=02|01|marksv%40microsoft.com|a9079d3d169b43325b3f08d68c6aa4ce|72f988bf86f141af91ab2d7cd011db47|1|0|636850787006901063&sdata=kxVuIPK4uDWls1FB8gb9gUz5lXQ58EM1yVZNavPBUyw%3D&reserved=0
>
> Please NOTE: This electronic message, including any attachments,
may include privileged, confidential and/or inside information owned by
Donuts Inc. . Any distribution or use of this communication by anyone
other than the intended recipient(s) is strictly prohibited and may be
unlawful. If you are not the intended recipient, please notify the sender
by replying to this message and then delete it from your system. Thank
you.
>
> On Wed, Feb 6, 2019 at 12:10 PM Hadia Abdelsalam Mokhtar EL
miniawi
<Hadia
at
tra.gov.egmailto<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
:Hadia at
tra.gov.eg<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>> wrote:
> Hi all , I have added a few words about compliance and the
implantation of the policy and hence propose the following minor edits to
recommendation number 12
>
> "
> The EPDP Team recommends that ICANN org and the contracted
parties develop a mechanism that allows ICANN Contractual Compliance to
audit response times to the requests.
> The EPDP recommends that the implementation of this policy
includes requirements of acknowledgement of recipient of requests and the
response to such requests, criteria for a " Reasonable Request for
lawful Disclosure" and a mechanism that allows ICANN Contractual
Compliance to audit response time to the requests.
>
> The implementation of this policy will include at a minimum
"
>
> The above is to replace
>
> "The EPDP Team recommends that criteria for a “Reasonable
Request for Lawful Disclosure” and the requirements for acknowledging
receipt of a request and response to such request will be defined as part
of the implementation[Kristina 1] of these policy recommendations but
will include at a minimum: "
>
> Hadia
>
> From: Gnso-epdp-team
[
mailto:gnso-epdp-team-bounces at
icann.orgmailto:gnso-epdp-team-bounces at icann.org] On Behalf Of Hadia
Abdelsalam Mokhtar EL miniawi
> Sent: Wednesday, February 06, 2019 12:32 PM
> To: Marika Konings; Sarah Wyld;

gnso-epdp-team at
icann.orgmailto<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
:
gnso-epdp-team at icann.org<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
> Subject: Re: [Gnso-epdp-team] Recommendation 12 - Reasonable
Access
>
> Hi all, the below comments are on behalf of Alan G
>
> the proposal.
>
> 1.  still does not set an expectation that although SOME
requests may take the specified limit, not all should. Nor does it seem
to imply that the Contractual Compliance has any ability to audit
response times.
> 2.  I find the reference to "GDPR legal bases"
problematic. For example, under the current proposals, a registrar who is
operating full outside of the EU mat redact information for legal persons
and for natural persons not subject to the GDPR. What is the GDPR legal
basis for requesting information on such registrations. According to GDPR
there was no need for redaction to begin with, so a registrar can refuse
to provide any results with full impunity.
>
>     From: Gnso-epdp-team
[
mailto:gnso-epdp-team-bounces at icann.orgmailto:gnso-epdp-team-bounces
at icann.org<mailto:gnso-epdp-team-bounces%20at%20icann.orgmailto:gnso-epdp-team-bounces%20at%20icann.org>] On Behalf Of Marika Konings
>
>
> Sent: Tuesday, February 05, 2019 11:43 PM
> To: Sarah Wyld;

gnso-epdp-team at
icann.orgmailto<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
:
gnso-epdp-team at icann.org<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
> Subject: Re: [Gnso-epdp-team] Recommendation 12 - Reasonable
Access
>
> Thanks, Sarah.
>
> EPDP Team members, as this topic is included in the agenda for
tomorrow’s meeting, please share any issues or concerns your group may
have with the modified language prior to the meeting, if possible. Staff
has taken the liberty to fix some formatting issues in the attached
version (some of the sub-bullets did not appear properly).
>
> Best regards,
>
> Caitlin, Berry and Marika
>
> From: Gnso-epdp-team
<
gnso-epdp-team-bounces at
icann.orgmailto<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
:
gnso-epdp-team-bounces at icann.org<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>> on behalf of Sarah Wyld
<swyld
at
tucows.commailto<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
:swyld at
tucows.com<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>>
> Organization: Tucows
> Date: Tuesday, February 5, 2019 at 12:31
> To:
"
gnso-epdp-team at
icann.orgmailto<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
:
gnso-epdp-team at icann.org<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>"
<
gnso-epdp-team at
icann.orgmailto<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
:
gnso-epdp-team at icann.org<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>>
>
> Subject: [Gnso-epdp-team] Recommendation 12 - Reasonable Access
>
> Hello All,
>
> As discussed on today's call, here is the proposed revised Rec.
12 from RySG/RrSG. Thank you.
>
>
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Sarah Wyld
>
> Domains Product Team
>
> Tucows
>
> +1.416 535 0123 Ext. 1392
>
> On 1/31/2019 11:31 PM, Kurt Pritz wrote:
>
> Hello Everyone:
>
> Thanks again for your perseverance. And - thank you in advance
for your spirit of cooperation and compromise in considering the
attached. We have spent the last few days reviewing the transcripts and
other records of our recent discussions and then amending the Final
Report Recommendations - taking into account the Initial Report
Recommendations, the small team work, the conclusions in Toronto and
these last several meetings.
>
> The Recommendations included here are:
>
> Recommendation 5 - Data elements to be transferred from
Registrars to Registries
>
> Recommendation 10 - Email communication
>
> Recommendation 12 - Reasonable Access
>
> Recommendation 14 - Responsible Parties
>
> [Not included are Rec. 13 (sent earlier) and Rec. 11 and the
Research Purpose (to be sent tomorrow.]
>
> Each of these documents has a brief forward containing a
description of the pertinent discussion and an explanation for choosing
the wording in the Recommendations. They each then contain the
Recommendation as originally written and a redline of the proposed
recommendation based on the most recent discussions. Please read the
entire documents (they are not long), and not just the recommendation
itself.
>
> I am certainly not asking for you to stand silently by if you
disagree with these Recommendations because they would negatively impact
GDPR compliance. I am asking that you study the balancing that went into
this and be ready to accept wording in cases where it does not match your
own choice.
>
> Please review with your groups and return to us by Monday so
that we can put any of these on the Tues/Wed/Thur agendas.
>
> Sincerely,
>
> Kurt
>
> Gnso-epdp-team mailing list
>
>

Gnso-epdp-team at
icann.orgmailto<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
:
Gnso-epdp-team at icann.org<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
>
>

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmm.icann.org%2Fmailman%2Flistinfo%2Fgnso-epdp-team&data=02|01|marksv%40microsoft.com|a9079d3d169b43325b3f08d68c6aa4ce|72f988bf86f141af91ab2d7cd011db47|1|0|636850787006901063&sdata=ztu02eOXYqmlM6hkr5cySLY7%2B08r5qpe4L5JXi%2F%2B%2B%2Fs%3D&reserved=0
>
> [Kristina 1]see previous comment about IRT/actor
_______________________________________________
> Gnso-epdp-team mailing list
>

Gnso-epdp-team at
icann.orgmailto<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
:
Gnso-epdp-team at icann.org<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
>

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmm.icann.org%2Fmailman%2Flistinfo%2Fgnso-epdp-team&data=02|01|marksv%40microsoft.com|a9079d3d169b43325b3f08d68c6aa4ce|72f988bf86f141af91ab2d7cd011db47|1|0|636850787006901063&sdata=ztu02eOXYqmlM6hkr5cySLY7%2B08r5qpe4L5JXi%2F%2B%2B%2Fs%3D&reserved=0
>
> Gnso-epdp-team mailing list
>

Gnso-epdp-team at icann.org<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
>

https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmm.icann.org%2Fmailman%2Flistinfo%2Fgnso-epdp-team&data=02|01|marksv%40microsoft.com|a9079d3d169b43325b3f08d68c6aa4ce|72f988bf86f141af91ab2d7cd011db47|1|0|636850787006901063&sdata=ztu02eOXYqmlM6hkr5cySLY7%2B08r5qpe4L5JXi%2F%2B%2B%2Fs%3D&reserved=0
>
> Gnso-epdp-team mailing list
>

Gnso-epdp-team at icann.org<https://mm.icann.org/mailman/listinfo/gnso-epdp-team>
>

https://mm.icann.org/mailman/listinfo/gnso-epdp-team

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20190206/abe01853/attachment-0001.html>