[Gnso-epdp-team] RrSG Comment on Recommendation 10
greg at illumintel.com
Thu Jan 31 23:25:30 UTC 2019
The SSAC team proposes a revised version of #2.
A goal is to make measurement and compliance activity around this contractual requirement possible. The Temp Spec doesn't offer that, and the existing proposals don't yet either. The RrSG proposal says that no personal data about the activity will retained, and log format or content are not specified. If so, how will a registrar demonstrate that a message from any requestor was sent to the registrant?
The below makes clear that the records about forwarding are for examination by ICANN Compliance (only). If someone who originated a message is concerned, they can make a complaint to ICANN. That is the same model that we have now for invalid WHOIS and abuse reporting complaints. We also assume that such records will be retained for only an appropriate term.
Part of the recommendation below is based on an existing procedure in the RAA. so it is familiar. It creates no new personal data transfer, and there is already a “P”urpose defined for contracted parties to send personal data to Compliance. It does not require the registrar to keep the entire email message if they do not want to.
"2) The EPDP Team recommends that Registrars must maintain records that demonstrate that the communication from the requestor was relayed by email to the Registered Name Holder. This information must include the requestor's identity as it was provided to the Registrar, the Registered Name Holder's email address, and a timestamp. Such records will be available to ICANN for compliance purposes, upon request. If Registrar receives a bounced email notification or non-delivery notification message, the Registrar must initiate re-verification of the registrant's contact data per the RAA's WHOIS Accuracy Program Specification, paragraph 4."
From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org> On Behalf Of Sarah Wyld
Sent: Friday, January 25, 2019 4:14 PM
To: gnso-epdp-team at icann.org
Subject: [Gnso-epdp-team] RrSG Comment on Recommendation 10
For Recommendation 10, the RrSG has the following proposed new text:
1) In relation to facilitating email communication between third parties and the Registered Name Holder, the EPDP Team recommends that current requirements in the Temporary Specification that specify that a Registrar MUST provide an email address or a web form to facilitate email communication with the relevant contact, but MUST NOT identify the contact email address or the contact itself, remain in place.
2) The EPDP Team recommends Registrars MUST maintain Log Files, which shall not contain any Personal Information, and which shall contain confirmation that a relay of the communication between the requestor and the Registered Name Holder has occurred, not including the origin, recipient, or content of the message. The registrar cannot be reasonably expected to confirm, or attempt to confirm by any means, the receipt of any such relayed communication.
3) DELETE 3
Domains Product Team
+1.416 535 0123 Ext. 1392
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnso-epdp-team