[Gnso-epdp-team] Materials for agenda item #4

Volker Greimann vgreimann at key-systems.net
Tue Jul 23 11:55:18 UTC 2019


Hi Greg,
I agree, these non-LEA third parties have a valuable role to play and
should benefit from some consideration in our work,...

...but they are not LEA and they have not been imbued with special
investigative legal powers like LEAs have in their jurisdiction. So they
cannot be treated as equals to LEAs as their legal basis for any request is
by definition different from that of the LEAs of competent authority.

Yes, they fill a similar role, but they usually have next to no legal
authority. They are, in essence, a normal third party requestor, like you
and I would be.

As long as we keep that in mind in our work, we should be fine.
-- 
Volker A. Greimann
General Counsel and Policy Manager
*KEY-SYSTEMS GMBH*

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net

Key-Systems GmbH is a company registered at the local court of
Saarbruecken, Germany with the registration no. HR B 18835
CEO: Alexander Siffrin

Part of the CentralNic Group PLC (LON: CNIC) a company registered in
England and Wales with company number 8576358.


<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Virus-free.
www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

On Mon, Jul 22, 2019 at 10:25 PM Greg Aaron <greg at illumintel.com> wrote:

> As I mentioned on Thursday's call, criminal acts on the Internet are not
> dealt with exclusively by law enforcement.  The vast majority of cases are
> dealt with by private entities, such as in-house investigators at networks,
> security companies dealing with phishing, private investigators, etc. etc.
> See also Recital 49.
>
>
>
> So, a fruitful approach to finding  commonalities is to begin with the
> WHAT: WHAT is being investigated and WHAT the goals of the exercise are.
> In many cases, both a private party and an LE agent may use similar
> methods, and may be trying to accomplish similar goals.   For example see
> the attached use case from SSAC – both LE and private entities go through
> these kinds of steps, with similar goals.
>
>
>
> Then perhaps comes the issue WHO is looking into it, and what differences
> that entails.  The differences:  Law Enforcement has a special status under
> the law, and may have a special GDPR basis when requesting data.  And LE
> has some powers that private entities cannot deploy – such as arresting
> people and obtaining search warrants.
>
>
>
> So, I hope the team can consider these ideas at it proceeds.
>
>
>
> All best,
>
> --greg
>
>
>
> *From:* Gnso-epdp-team <gnso-epdp-team-bounces at icann.org> *On Behalf Of *Mueller,
> Milton L
> *Sent:* Wednesday, July 17, 2019 5:40 PM
> *To:* Janis Karklins <karklinsj at gmail.com>
> *Cc:* gnso-epdp-team at icann.org
> *Subject:* Re: [Gnso-epdp-team] Materials for agenda item #4
>
>
>
> Janis:
>
>
>
> > We are using cases to identify commonalities that would allow us, the
> Team,
>
> > to develop policy recommendations how to best implement provisions of
> GDPR.
>
>
>
> I know that. That is exactly why I have proposed to consolidate them in
> the way I have. It seems to me that the commonalities in the cases I
> proposed to merge are fairly obvious. If it is a criminal case, for
> example, it really doesn’t matter a lot whether it is a copyright crime or
> a trademark crime or a phishing crime, the point is that you will have a
> government LEA requesting information needed to attribute and capture the
> criminal, which might be obtained through RDS or through subpoenas or other
> means. If someone can explain how the use case differs substantially in
> ways that affect the application of GDPR, let them do so.
>
>
>
> Use cases are just a method that allows us to focus our attention to all
> necessary aspects of future policy recommendations. Therefore, cases need
> not be ideally drafted but rather represent/outline real life situations
> and help us understand concerns of different groups.
>
>
>
> This comment is completely off the mark. Nothing in my document takes
> issue with any case because it is not “perfectly drafted.” It does not
> address the drafting at all. It talks about commonalities in their
> substance. You said: “we should not try to agree on every word in the
> case,  but rather to seek common understanding/ touch-points.” Which is
> exactly why I proposed to consolidate cases on more general terms.
>
>
>
> > I would propose that we look at your proposal of use cases merger by
> e-mail
>
> > exchange and in the meantime, take most supported cases and discuss
> them
>
> > thru as suggested - thoroughly but quickly.
>
>
>
> This is not an acceptable proposal. In effect you are saying that you will
> ignore my proposed consolidation, and that we will waste time going case by
> case through all the cases anyway, based on an illegitimate survey that
> excluded half of the team.
>
>
>
> And when you say “thoroughly but quickly” you are living in a fantasy
> world. That will not  happen. Think of how much time we spent on a single
> TM case. If the use cases have any value we need carefully consider the
> problems they pose. That will happen more efficiently if the cases are more
> general. That is why we need to consolidate the cases. We will raise this
> issue on the call tomorrow.
>
>
>
> > I invite other Team members to join the conversation on Milton's
> proposal.
>
>
>
> We will have that conversation tomorrow on the call.
>
>
>
> Dr. Milton L Mueller
>
> Georgia Institute of Technology
>
> School of Public Policy
>
>
>
>
> _______________________________________________
> Gnso-epdp-team mailing list
> Gnso-epdp-team at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-epdp-team
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance
> with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and
> the website Terms of Service (https://www.icann.org/privacy/tos). You can
> visit the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20190723/f4ed614b/attachment.html>


More information about the Gnso-epdp-team mailing list