[Gnso-epdp-team] Purpose 2

Volker Greimann vgreimann at key-systems.net
Thu Mar 5 10:40:51 UTC 2020 

I fully agree with your first sentence. For this reason, specificity of 
the actual purposes is required instead of the blanket statement 
proposed up to now.

Ultimately, any ICANN purpose must be specifically defined by the 
questions of what is collected for what specific purpose for and with 
whom it may be shared.

Say we take escrow as a purpose, which is likely univerally agreed as a 
valid ICANN purpose:

ICANN will collect registration data to: protect the ownership of a data 
subject in his registered domain names in case of a registry or 
registrar failure or de-accreditation. For this purpose, the data may be 
shared with escrow service providers x,y,z (and potentially others) as 
well as other contracted parties who may be assigned to take over the 
management of the affected domain name registrations.

The language is not perfect, but I hope this illustrates the level of 
specificity I am seeking here. If ICANN has purposes (and I think we 
agree that it does), we need to specify these purposes by saying what, 
how and why.

Best,

Volker



Am 05.03.2020 um 11:21 schrieb Hadia Abdelsalam Mokhtar EL miniawi:
>
> We need not forget that data subjects need to know with whom their 
> data might be shared and for what purposes. To this end purpose 2 is 
> important as it establishes one core purpose for processing the data 
> related to ICANN's mission and stated in its bylaws. Also in the EC 
> letter to Joran in May 2019 under purposes of processing and access 
> model, the EC say "For  this reason we would recommend revising the 
> formulation of purpose two by excluding the second part of the purpose 
> "through enabling responses to lawful data disclosure requests" and 
> maintaining a broader purpose " Contribute to the maintenance of the 
> security, stability and resiliency of the Domain Name System in 
> accordance with ICANN's mission"
>
> This was the recommendation of the EC to us in May 2019, the question 
> now is why don't we want to follow this recommendation? Maintaining 
> the SSR of the internet is ICANN's core mission and is indeed a 
> purpose for which data might be processed why don't we want to be 
> clear about this.
>
> Hadia
>
> *From:*Gnso-epdp-team [mailto:gnso-epdp-team-bounces at icann.org] *On 
> Behalf Of *Alan Greenberg
> *Sent:* Thursday, March 05, 2020 2:18 AM
> *To:* Margie Milam; brian.kingATmarkmonitor.com; gnso-epdp-team at icann.org
> *Subject:* Re: [Gnso-epdp-team] Purpose 2
>
> I have to agree with Margie. These are all important things and we 
> cannot be left at some later date being told that we cannot do this 
> because it was never mentioned to registrants.
>
> I could live with a much more general statement, but we have been told 
> by the CPH that they need something less vague to put in their 
> policies to registrants.
>
> Although I do not believe there is any merit in pursuing it, I will 
> restate that SOME 3rd party requests are in fact in support of ICANN's 
> mission (those that directly protect the SSR of the DNS) and I believe 
> that the statement that we were conflating 3rd-party purposes with our 
> own was partially in error.
>
> Alan
>
> At 04/03/2020 05:50 PM, Margie Milam wrote:
>
>
> We support Brian’s proposed Purpose 2 below, and note that without 
> it – theere are many gaps, including:
>
>   * Operationalizing and implementing new policies and contract
>     provisions (RDAP, transfers, TM Clearinghouse, etc.)
>   * Conducting research using the contacts
>   * Coordinating cyber-attack responses such as Conficker & other
>     cyber attacks
>   * Publishing Accuracy Reporting System (ARS) reports
>   * Conducting testing of new registrar/registries to ensure that the
>     WHOIS systems work in the manner required by the contract
>   * Implementing & testing escrow deposits with 3^rd party escrow
>     providers
>
>
> All the best,
>
> Margie, Mark & Steve
> On behalf of the BC
>
> *
> Margie Milam
> *IP Enforcement & DNS Policy Lead | Facebook Legal
> NOTICE: This email (including any attachments) may contain information 
> that is private, confidential, or protected by attorney-client or 
> other privilege.  Unless you are the intended recipient, you may not 
> use, copy, or retransmit the email or its contents.
>
>
>
> *From: *Gnso-epdp-team <gnso-epdp-team-bounces at icann.org> on behalf of 
> "King, Brian via Gnso-epdp-team" <gnso-epdp-team at icann.org>
> *Reply-To: *"brian.kingATmarkmonitor.com" <brian.king at markmonitor.com>
> *Date: *Wednesday, March 4, 2020 at 10:12 AM
> *To: *"gnso-epdp-team at icann.org" <gnso-epdp-team at icann.org>
> *Subject: *[Gnso-epdp-team] Purpose 2
>
> Hi all,
>
> Following last week’s conversation about some EPDP members’ desire 
> to have a bit more specificity in Purpose 2 (the irony of which is not 
> lost on the IPC ), I propose the below:
>
> Contributing to the maintenance of the security, stability, and 
> resiliency of the Domain Name System in accordance with ICANN’s 
> mission, specifically “maintenance of and access to accurate and 
> up-to-date information concerning registered names and name 
> servers.” (ICANN Bylaws, Annex G-1; ICANN Bylaws, Annex G-2)
>
> *Brian J. King *
> Director of Internet Policy and Industry Affairs
>
> T +1 443 761 3726
> markmonitor.com 
> <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.markmonitor.com&d=DwMGaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=_4XWSt8rUHZPiRG6CoP4Fnk_CCk4p550lffeMi3E1z8&m=Q65Or6H39_7X6LJk1SN78sszy_Hne8qlISmI8kN7Wh8&s=72C7v9XA12IEQxdYxgz5IDlXPMnrRUz4uW6aDcYmwcU&e=>_
> _
> *MarkMonitor
> *Protecting companies and consumers in a digital world
>
> _______________________________________________
> Gnso-epdp-team mailing list
> Gnso-epdp-team at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-epdp-team
> _______________________________________________
> By submitting your personal data, you consent to the processing of 
> your personal data for purposes of subscribing to this mailing list 
> accordance with the ICANN Privacy Policy 
> (https://www.icann.org/privacy/policy 
> <https://www.icann.org/privacy/policy>) and the website Terms of 
> Service (https://www.icann.org/privacy/tos 
> <https://www.icann.org/privacy/tos>). You can visit the Mailman link 
> above to change your membership status or configuration, including 
> unsubscribing, setting digest-style delivery or disabling delivery 
> altogether (e.g., for a vacation), and so on.
>
>
> _______________________________________________
> Gnso-epdp-team mailing list
> Gnso-epdp-team at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-epdp-team
> _______________________________________________
> By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
-- 
Volker A. Greimann
General Counsel and Policy Manager
*KEY-SYSTEMS GMBH*

T: +49 6894 9396901
M: +49 6894 9396851
F: +49 6894 9396851
W: www.key-systems.net

Key-Systems GmbH is a company registered at the local court of 
Saarbruecken, Germany with the registration no. HR B 18835
CEO: Alexander Siffrin

Part of the CentralNic Group PLC (LON: CNIC) a company registered in 
England and Wales with company number 8576358.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20200305/6de2a1ef/attachment.html>

More information about the Gnso-epdp-team mailing list