[Gnso-epdp-team] For your review - updated use case

[farzaneh badii]

Hi Marika, hi all

Thank you for sending this document.

A couple of observations: legitimate interest was actually in force in the
past in the European Directive and as indicated in the doc you shared as
well there have been court cases about it. ICO has a lot of materials, but
there are many other sources out there.
I can see that in this sheet we have considered some of the criteria that
are necessary to establish a legitimate interest  in the response but looks
like we might need to consider a couple of things

The set of pre-requisite that is needed to establish legitimate interest: -
Disclosure is necessary to achieve the outcome that the third party has in
mind (in this case, for trademark owners to bring legal action against
violation of  trademark through domain name registration)
- There is no alternative to achieve the desired outcome other than
disclosure (Is there no other alternative to establish rights and bring a
lawsuit against the trademark infringing domain name registrant?)
- Balancing test:  The registrant reasonably expects that data will be
disclosed in such cases, the data is not too sensitive, and safeguards have
been put in place to mitigate risks.


The contracted parties have been dealing with this so perhaps they know
better how to legally deal with it. But I don't see alternatives to
disclosure discussed in this document.  can bringing legal action against
the domain name registrants only happen if their personal data is known and
disclosed? At least in the US there are some circumstances under which you
don't have to identify the domain name registrant ( i.e. know their
personal information) to bring legal action against them, in cases when it
is about the cancellation and transfer of the domain names . The ICJ case
that is cited in this document was about "identification" and tangible
property and seeking damages. Because  it was impossible to file a case
against the defendant without identifying him the court ruling allowed
disclosure. So I don't think it will help us to invoke the ICJ case for
establishing all the rights.


- I am not trying to make disclosure more difficult. I am just pointing out
that we need to probably discuss more and make clarifications.  for example
in B) we could highlight that the disclosure should happen only in cases
where legal action is not possible to commence or proceed without the
disclosure of nonpublic registration data.
The requestor can provide evidence of laws, procedural rules etc that
proves the necessity.

- I am not so sure about d). Especially this paragraph: "In view of the
alleged involvement of the registrant in an infringement, it cannot be
assumed that in these cases the interests of the registrant in the
protection of his data outweigh the interest in the protection of IP
rights. "
First , can we start using neutral pronouns or at least have he/she or even
s/he. Women have started owning IP rights.
Secondly, I really don't think we are justifying disclosure by applying the
balancing test (data is not too sensitive, safeguards are in place to
mitigate risk). We cannot just argue that because the registrant
"allegedly" is involved with infringement we cannot assume.. that's kind of
a vicious circle. It's like arguing that: I want to have access to the
personal information because I want to take legal action and by the way
such disclosure won't override the data subject rights because I want to
take legal action against the defendant!

Instead we need to say we have considered mitigating risks, such as the
safeguards we underlined and have evaluated the sensitivity of data
considering the context of the case.

- Also on e) and f) h) it is better not to say safeguards  "applicable" to
the requestor and to the entity disclosing the data. It might be  clearer
to say safeguard  the ---- must implement


- Last point.  I do not think we should discuss accreditation before we
actually talk about why we want to use accreditation as a part of
disclosure policy.

Best






Farzaneh


On Tue, Jun 25, 2019 at 5:45 PM Marika Konings <marika.konings at icann.org>
wrote:

> Dear EPDP Team,
>
>
>
> Please find attached for your review the updated Trademark owners
> requesting data in the establishment, exercise or defense of legal claims
> for trademark infringement use case. In this updated version, we’ve aimed
> to address the comments and suggestions made during today’s session, but
> we’ve also taken the liberty to reorganize some of the sections to make it
> clear to whom certain safeguards apply. We’ve attached both the redline and
> clean version, but as the reorganization has resulted in a lot of redlines
> due to formatting and relocation of text, we would recommend you review the
> clean version.
>
>
>
> Please review this version and share in advance of Thursday’s meeting any
> comments, edits or suggestions, especially in relation to the sections that
> were not specifically discussed yet.
>
>
>
> Best regards,
>
>
>
> Caitlin, Berry and Marika
>
>
>
> *Marika Konings*
>
> *Vice President, Policy Development Support – GNSO, Internet Corporation
> for Assigned Names and Numbers (ICANN) *
>
> *Email: marika.konings at icann.org <marika.konings at icann.org>  *
>
>
>
> *Follow the GNSO via Twitter @ICANN_GNSO*
>
> *Find out more about the GNSO by taking our interactive courses
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__learn.icann.org_courses_gnso&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=7_PQAir-9nJQ2uB2cWiTDDDo5Hfy5HL9rSTe65iXLVM&m=5DXgId95wrCsHi--pxTiJD7bMB9r-T5ytCn7od3CF2Q&s=Cg5uQf0yAfw-qlFZ0WNBfsLmmtBNUiH0SuI6Vg-gXBQ&e=> and
> visiting the GNSO Newcomer pages
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__gnso.icann.org_sites_gnso.icann.org_files_gnso_presentations_policy-2Defforts.htm-23newcomers&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=7_PQAir-9nJQ2uB2cWiTDDDo5Hfy5HL9rSTe65iXLVM&m=5DXgId95wrCsHi--pxTiJD7bMB9r-T5ytCn7od3CF2Q&s=tT-E2RoAucUb3pfL9zmlbRdq1sytaEf765KOEkBVCjk&e=>. *
>
>
> _______________________________________________
> Gnso-epdp-team mailing list
> Gnso-epdp-team at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-epdp-team
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance
> with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and
> the website Terms of Service (https://www.icann.org/privacy/tos). You can
> visit the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20190626/7464e6fb/attachment.html>