[Gnso-epdp-team] For final review - building block e) retention/destruction of data
mcanderson at verisign.com
Thu Oct 10 20:53:34 UTC 2019
Overall this new version is an improvement on the previous drafts. I added a couple notes for consideration. I also want to point out that the building block recommendations are very specific to the SSAD system and what the requirements are for the Retention and Destruction of any non-public registration data disclosed via that SSAD system. I think this is the right focus, but it doesn't address other retention/destruction requirements such as those related to user account information, and logs of requests for data.
The TSG report (https://www.icann.org/en/system/files/files/technical-model-access-non-public-registration-data-30apr19-en.pdf) page 26 has some thoughts on this including what we might consider for an SSAD system requirement: "the system MUST NOT retain non-public gTLD domain name registration data in any persistent way or for any longer than needed to fulfill the query for which the data were acquired."
From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org> On Behalf Of Caitlin Tubergen
Sent: Thursday, October 10, 2019 8:51 AM
To: gnso-epdp-team at icann.org
Subject: [EXTERNAL] [Gnso-epdp-team] For final review - building block e) retention/destruction of data
Dear EPDP Team,
Building Block e (retention and destruction of data) is ready for your final review:
The edit log notes the proposed changes made as a result of Marc A's suggestions on the email list.
Please flag any remaining issues that require further EPDP Team consideration (if any) by Friday 11 October at 22.00 UTC. Thank you.
Marika, Berry, and Caitlin
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnso-epdp-team