[Gnso-epdp-team] Proposed agenda and materials for review - EPDP Team meeting Thursday 13 June at 14.00 UTC
Volker Greimann
vgreimann at key-systems.net
Thu Jun 13 12:39:44 UTC 2019
Purposes of third parties are entirely irrelevant to the purposes for
collection. I think that the letters ICANN received should have made
that abundantly clear. The only point where third party purposes come
into play is when data collected for purposes of CPs and ICANN can be
legally requested by a third party with a legitimate interest or a legal
right to request the data originally collected for other purposes. Art
6 1 (f) is very specific as to what it means with purposes in that context.
So we should not try to define third party purposes but rather
legitimate interests and other bases for making disclosure requests.
Best,
Volker
Am 12.06.2019 um 20:55 schrieb Hadia Abdelsalam Mokhtar EL miniawi:
> Dear Janis,
>
>
> Thank you for outlining the charter section that is in relation to our work, however I do not see any contradiction between what I meant and the charter's question "a1) Under applicable law, what are legitimate purposes for third parties to access registration data?
>
>
> The draft document circulated by staff says that the 3rd party purposes have been inspired/derived from the community responses to a request from ICANN at the end of June 2017 to identify user types and purposes of data elements required by ICANN policies and contracts. So instead of being driven by some data that was collected in 2017 which might include purposes that are not GDPR compliant, why not rely on our work that was developed in phase 1 - which actually stems from ICANN's purposes - and make this our base for identifying the users' types and purposes.
>
> Article 5 (1)b of the GDPR - Purpose limitation -says that the data needs to be collected for specified, explicit and legitimate purposes and not processed in a manner that is incompatible with those purposes
>
>
> Using our work as the starting point and base to identify the users and their purposes rather than previously collected data would yield to more up to date results.
>
>
> So yes, my below points are not quite accurate, as for sure we shall need to refer to the third parties purposes when identifying the lawful basis and the data elements. But generally speaking I would like our starting point in identifying the users of the SSAD to be our previous work in phase 1 and not previously collected data that was in relation to the retired WHOIS and was prior to the GDPR and the temp Spec and could be debated forever.
>
>
>
> I hope my thoughts are clearer this time and better organized
>
>
> Regards
>
> Hadia
>
>
>
>
>
>
> ________________________________
> From: Janis Karklins <karklinsj at gmail.com>
> Sent: 12 June 2019 18:45
> To: Hadia Abdelsalam Mokhtar EL miniawi
> Cc: Marika Konings; gnso-epdp-team at icann.org
> Subject: Re: [Gnso-epdp-team] Proposed agenda and materials for review - EPDP Team meeting Thursday 13 June at 14.00 UTC
>
> Dear Hadia,
>
> Thank you for your mail outlining your view on the scope of our task.
> I just checked the Charter and found the following tasks:
>
> ... (page 7)
> System for Standardized Access to Non-Public Registration Data
> Work on this topic shall begin once the gating questions above have been answered and finalized in preparation for the Temporary Specification initial report. The threshold for establishing “answered” for the gating questions shall be consensus of the EPDP Team and non-objection by the GNSO Council.
> (a) Purposes for Accessing Data – What are the unanswered policy questions that will guide implementation? a1) Under applicable law, what are legitimate purposes for third parties to access registration data? a2) What legal bases exist to support this access? a3) What are the eligibility criteria for access to non-public Registration data? a4) Do those parties/groups consist of different types of third-party requestors? a5) What data elements should each user/party have access to based on their purposes? a6) To what extent can we determine a set of data elements and potential scope (volume) for specific third parties and/or purposes? a7) How can RDAP, that is technically capable, allow Registries/Registrars to accept accreditation tokens and purpose for the query? Once accreditation models are developed by the appropriate accreditors and approved by the relevant legal authorities, how can we ensure that RDAP is technically capable and is ready to accept, log and respond to the accredited requestor’s token?
> ...
>
> How would you reconcile your view with task a1 of the Charter? I simply want to understand different points of view to prepare better for the team meeting tomorrow.
>
> Thank you
> JK
>
>
>
> On Wed, Jun 12, 2019 at 3:03 PM Hadia Abdelsalam Mokhtar EL miniawi <Hadia at tra.gov.eg<mailto:Hadia at tra.gov.eg>> wrote:
> Dear Staff,
>
> Thank you for the submitted document, however I have fundamental comments in relation to the logic through which we are handling the first topic of the SSAD that is defining the user groups and data elements
>
>
> • The EPDP team should be considering only ICANN purposes and not third parties' purposes, for this reason the starting point in defining the users of the system should be the ICANN purposes previously defined in phase1. Whilst purpose 2 could be considered serving the public interest by maintaining the security, stability and resiliency of the DNS in accordance to ICANN's mission and bylaws
>
> • So our starting point should be to analyze each of the 7 ICANN purposes to determine 1)who needs to access the registration data in order to fulfill this purpose 2)which parts of the data does he need to access in order to fulfil the purpose
>
> • Stemming from the above will originate all of the user groups and categories as well as the data elements, like the ones in the sheets. We must remember that third parties' purposes are not our objectives but fulfilling ICANN's purposes is our objective and in satisfying ICANN's purposes access or disclosure to certain parts of the data is required for several types of users.
> Kind regards
> Hadia
>
>
> From: Gnso-epdp-team [mailto:gnso-epdp-team-bounces at icann.org<mailto:gnso-epdp-team-bounces at icann.org>] On Behalf Of Marika Konings
> Sent: Tuesday, June 11, 2019 3:41 PM
> To: gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org>
> Subject: [Gnso-epdp-team] Proposed agenda and materials for review - EPDP Team meeting Thursday 13 June at 14.00 UTC
>
> Dear EPDP Team,
>
> Please find below the proposed agenda for the next EPDP Team meeting which is scheduled for Thursday 13 June at 14.00 UTC. For agenda item 6c, you will find attached an initial draft of the agenda for the F2F meetings at ICANN65 – if you have any comments or suggestions, you are encouraged to share these. Please also review the document for agenda item 4 in advance of the meeting.
>
> Best regards,
>
> Caitlin, Berry and Marika
>
> ======================
>
> EPDP Phase 2 - Meeting #6
> Proposed Agenda
> Thursday, 13 June 2019 at 14.00 UTC
>
>
> 1. Roll Call & SOI Updates (5 minutes)
>
>
> 2. Confirmation of agenda (Chair)
>
>
> 3. Welcome and housekeeping issues (Chair) (10 minutes)
> • Working definitions – confirm posting of updated version on wiki
> • Legal advisory group – nominations received to date
> • SSAD Priority 1 worksheet status
>
>
> 4. SSAD – Topic c: Define user groups, criteria and purposes / lawful basis per user group (Marika) (40 minutes)
> a. Review purpose template developed by staff support team (see attached)
> b. EPDP Team input
> c. Confirm next steps
>
>
> 5. Presentation by Steve Crocker (40 minutes)
> a. Presentation
> b. Q & A
>
>
> 6. Any other business (5 minutes)
> a. Priority 2 small team meetings update
>
> Reminder - Call schedule remaining priority 2 worksheets:
> • Monday 17 June – 13:00 – 14:30 UTC
> Potential OCTO Purpose
> Feasibility of unique contacts to have a uniform anonymized email address
> • TBC (post ICANN65)
> Accuracy and WHOIS ARS
> Deadline for providing input for those that were not able to attend the calls – proposed 20 June 2019.
> b. Confirm attendance for meeting on Thursday 13 June at 14.00 UTC
> c. ICANN65 EPDP Team meetings - Initial Draft Agenda (see attached)
>
>
> 7. Wrap and confirm next meeting to be scheduled for Thursday, 13 June at 14.00 UTC (5 minutes)
> a. Confirm action items
> b. Confirm questions for ICANN Org, if any
>
> Marika Konings
> Vice President, Policy Development Support – GNSO, Internet Corporation for Assigned Names and Numbers (ICANN)
> Email: marika.konings at icann.org<mailto:marika.konings at icann.org>
>
> Follow the GNSO via Twitter @ICANN_GNSO
> Find out more about the GNSO by taking our interactive courses<https://urldefense.proofpoint.com/v2/url?u=http-3A__learn.icann.org_courses_gnso&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=7_PQAir-9nJQ2uB2cWiTDDDo5Hfy5HL9rSTe65iXLVM&m=5DXgId95wrCsHi--pxTiJD7bMB9r-T5ytCn7od3CF2Q&s=Cg5uQf0yAfw-qlFZ0WNBfsLmmtBNUiH0SuI6Vg-gXBQ&e=> and visiting the GNSO Newcomer pages<https://urldefense.proofpoint.com/v2/url?u=http-3A__gnso.icann.org_sites_gnso.icann.org_files_gnso_presentations_policy-2Defforts.htm-23newcomers&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=7_PQAir-9nJQ2uB2cWiTDDDo5Hfy5HL9rSTe65iXLVM&m=5DXgId95wrCsHi--pxTiJD7bMB9r-T5ytCn7od3CF2Q&s=tT-E2RoAucUb3pfL9zmlbRdq1sytaEf765KOEkBVCjk&e=>.
>
> _______________________________________________
> Gnso-epdp-team mailing list
> Gnso-epdp-team at icann.org<mailto:Gnso-epdp-team at icann.org>
> https://mm.icann.org/mailman/listinfo/gnso-epdp-team
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
> _______________________________________________
> Gnso-epdp-team mailing list
> Gnso-epdp-team at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-epdp-team
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
--
Volker A. Greimann
General Counsel and Policy Manager
*KEY-SYSTEMS GMBH*
T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net
Key-Systems GmbH is a company registered at the local court of
Saarbruecken, Germany with the registration no. HR B 18835
CEO: Alexander Siffrin
Part of the CentralNic Group PLC (LON: CNIC) a company registered in
England and Wales with company number 8576358.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20190613/a7222186/attachment-0001.html>
More information about the Gnso-epdp-team
mailing list