[Gnso-epdp-team] European Commission comments on Phase 1 report - additional information

Mark Svancarek (CELA) marksv at microsoft.com
Mon May 6 17:34:57 UTC 2019


Volker, thanks for clarifying.  Like you, I am confident that we’ll be able to design a compliant model which is practical for the needs of both LEA and 3rd parties.

/marksv

From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org> On Behalf Of Volker Greimann
Sent: Monday, May 6, 2019 02:34
To: gnso-epdp-team at icann.org
Subject: Re: [Gnso-epdp-team] European Commission comments on Phase 1 report - additional information


Hi Alex,

I actually read the letter a bit differently. You are correct that it stresses the need for such a model, particulararly for law enforcement and government agencies, but it does not state that such a model is per se compliant with GDPR, but rather that care must be taken that the model is compliant.

We cannot simply design any old model and call it compliant, the model we design must comply with the principles I referred to in my earlier mail to be compliant.

I do not doubt we will be able to design such a compliant model though.

And believe me, I have talked to many at ICANN meetings and other venues who still believe that access to the UAM will mean full access. While I don't know whether such beliefs or hopes are also held by members here (I sure hope not), it would be helpful if we can agree on that as a basis.

Best,

Volker
Am 04.05.2019 um 22:55 schrieb Alex Deacon:

Thanks Chris for forwarding these letters to the team.  And thanks also to both ICANN org and the European Commission for this important input and very helpful clarification.

The EC letter makes it very clear that the development of a unified access model is not only vital, urgent and a matter of priority, but also that such a model would be fully in line with EU data protection rules (i.e., the GDPR).    Clearly we have a lot of work to do to attain this goal and our main focus should be to chart a path (work plan, schedule, etc.) to achieve it and then get to work.

In response to these letters:

First, the IPC agrees completely that "ICANN and the contracted parties may enable access to and disclose registration data upon request from a third party showing a legitimate interest, provided both the controller - ICANN and/or the contracted parties - and the third party have a legal basis for such processing (see below)."

Second, we do not understand assertions that some are arguing for an "all-access" WHOIS model or that there exists a set of people who believe we can somehow return to unfettered WHOIS access. Spending time arguing against positions that do not exist in the ePDP is distracting and a waste of time.

Lastly, while we appreciate Volker’s suggestion to create shortcuts to save time, we do not agree that issues related to access for LEA should be prioritized ahead of issues related to other third party legitimate interests. LEA have their own processes for getting standardized access to data, which are different from the private sector. IP and consumer protection do not, and LEA access methods will not be particularly relevant in addressing these issues.  To expeditiously complete a standardized access model, we should focus on answering the questions as outlined in the charter - and build a framework to accommodate standardized access for all legitimate interests in compliance with the law.

Regards,
Alex

___________
Alex Deacon
Cole Valley Consulting
alex at colevalleyconsulting.com<mailto:alex at colevalleyconsulting.com>
+1.415.488.6009



On Fri, May 3, 2019 at 4:11 AM Chris Disspain <chris at disspain.uk<mailto:chris at disspain.uk>> wrote:
Hello All,

As you will know, on 26 April Göran Marby wrote to the European Commission seeking additional information regarding their comments of 17 April. That letter is attached for ease of reference.

A response has now been received from the Commission and I attach that for your information.



Cheers,



CD


_______________________________________________
Gnso-epdp-team mailing list
Gnso-epdp-team at icann.org<mailto:Gnso-epdp-team at icann.org>
https://mm.icann.org/mailman/listinfo/gnso-epdp-team<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmm.icann.org%2Fmailman%2Flistinfo%2Fgnso-epdp-team&data=01%7C01%7Cmarksv%40microsoft.com%7C27145d0fe15743c7679b08d6d205fa7b%7C72f988bf86f141af91ab2d7cd011db47%7C1&sdata=QgzQ4ljrFKJp%2FC4Vml55i9KQvs3RD4ur%2FhzOgZ%2FxZDw%3D&reserved=0>



_______________________________________________

Gnso-epdp-team mailing list

Gnso-epdp-team at icann.org<mailto:Gnso-epdp-team at icann.org>

https://mm.icann.org/mailman/listinfo/gnso-epdp-team<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fmm.icann.org%2Fmailman%2Flistinfo%2Fgnso-epdp-team&data=01%7C01%7Cmarksv%40microsoft.com%7C27145d0fe15743c7679b08d6d205fa7b%7C72f988bf86f141af91ab2d7cd011db47%7C1&sdata=QgzQ4ljrFKJp%2FC4Vml55i9KQvs3RD4ur%2FhzOgZ%2FxZDw%3D&reserved=0>
--
Volker A. Greimann
General Counsel and Policy Manager
KEY-SYSTEMS GMBH

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net<https://nam06.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.key-systems.net&data=01%7C01%7Cmarksv%40microsoft.com%7C27145d0fe15743c7679b08d6d205fa7b%7C72f988bf86f141af91ab2d7cd011db47%7C1&sdata=B4fROm9NzicgbLRLflRNL8Vre%2BSWEn%2BCH5YaCjvrDZg%3D&reserved=0>

Key-Systems GmbH is a company registered at the local court of Saarbruecken, Germany with the registration no. HR B 18835
CEO: Alexander Siffrin

Part of the CentralNic Group PLC (LON: CNIC) a company registered in England and Wales with company number 8576358.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20190506/4cdb7e93/attachment-0001.html>


More information about the Gnso-epdp-team mailing list