[Gnso-epdp-team] Requestor Purpose - Rec 7

Margie Milam margiemilam at fb.com
Tue Jul 28 20:14:47 UTC 2020


Regarding the footnote – we need to retain the footnote since it gives a concrete example of what we mean by regulated companies, and, more importantly, it avoids confusion later that a digital service provider is not a regulated company for the purposes of Rec 7.

We’ve discussed the NIS directive as it applies to digital service providers numerous times, and have referred the team to the description here:<https://ico.org.uk/for-organisations/the-guide-to-nis/digital-service-providers/>   Examples of the types of obligations are listed here: https://ico.org.uk/for-organisations/the-guide-to-nis/key-concepts-and-definitions/.  These pages describe how the NIS requires these types of organizations to have sufficient security to prevent any action that compromises either the data they store, or any related services they provide. This proactive requirement doesn’t commit ICANN to do anything specific related the NIS but allows these entities to request disclosure of redacted data to enable them to comply with their obligations under the NIS.

All the best,


From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org> on behalf of Rafik Dammak <rafik.dammak at gmail.com>
Date: Monday, July 27, 2020 at 11:52 PM
To: "Mueller, Milton L" <milton at gatech.edu>
Cc: "gnso-epdp-team at icann.org" <gnso-epdp-team at icann.org>
Subject: Re: [Gnso-epdp-team] Requestor Purpose - Rec 7

Thanks Mathew and Milton

@RySG/BC representatives is it acceptable for you to drop the footnote and have everyone to "live with" this recommendation without the footnote?



Le mar. 28 juil. 2020 à 01:21, Mueller, Milton L <milton at gatech.edu<mailto:milton at gatech.edu>> a écrit :
NCSG approves of the modified language, which is more generic (obligations of regulated entities). But we strongly object to the footnote being included. We have had no opportunity to review the EU NIS Directive legislation and its implications for disclosure or what it might commit ICANN to doing. During the consideration of this we asked for specific examples of what obligations we might be talking about and never got them. It's too late to include this now. We can accept item (iv) without the footnote.
From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org<mailto:gnso-epdp-team-bounces at icann.org>> on behalf of Crossman, Matthew via Gnso-epdp-team <gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org>>
Sent: Monday, July 27, 2020 11:54 AM
To: gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org> <gnso-epdp-team at icann.org<mailto:gnso-epdp-team at icann.org>>
Subject: [Gnso-epdp-team] Requestor Purpose - Rec 7

Hi team,

As an update, Margie, Brian, and I worked on a compromise for the Rec 7 language on Requestor Purposes. We agreed on the following edit to 7.1(a):


Requestors MUST submit data disclosure requests for specific purposes such as but not limited to: but not limited to: (i) criminal law enforcement, national or public security, (ii) non law enforcement investigations and civil claims, including, intellectual property infringement and UDRP and URS claims, (iii) consumer protection, abuse prevention, and network security, and (iv) obligations applicable to regulated entities.[1] Requestors MAY also submit data verification requests on the basis of Registered Name Holder (RNH) consent that has been obtained by the Requestor (and is at the sole responsibility of that Requestor), for example to validate the RNH’s claim of ownership of a domain name registration, or contract with the Requestor.

(Footnote below)

1  For example, the  EU Directive on security of network and information systems (known as the NIS Directive) imposes specific obligations on Digital Service Providers and Operators of Essential Services.

With these changes this is no longer a CLW item for the RySG. Let us know if this new language causes any concern for other groups.


Matthew Crossman | Amazon
Corporate Counsel gTLD Registry, IP

P: 206-266-1103 | C: 530-574-2956

Email: mmcross at amazon.com<mailto:mmcross at amazon.com>


[1] This approach is very similar to the business model ARSI had previously discussed with the Author Central Pro teams for the .AUTHOR TLD.
Gnso-epdp-team mailing list
Gnso-epdp-team at icann.org<mailto:Gnso-epdp-team at icann.org>
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_policy&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=f40qXENVwTNlHaI3M3teHJv_-eTQbKL7yJarKwfvn3A&s=sOyjkCW5ErH-zqC67ds8MhFCp-dYrE_oiH5Tmq6nmf8&e=>) and the website Terms of Service (https://www.icann.org/privacy/tos<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_privacy_tos&d=DwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=f40qXENVwTNlHaI3M3teHJv_-eTQbKL7yJarKwfvn3A&s=oB13Y4B3b0nGxJ7TpDWHafSmV6Qf7FE8zbFKWFAzahk&e=>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20200728/80cc5cc9/attachment-0003.html>

More information about the Gnso-epdp-team mailing list