[Gnso-ppsai-pdp-wg] MP3 PPSAI WG - Tuesday 07 April 2015 at 1400 UTC

[Nathalie Peregrine]

Dear All,

Please find the MP3 recording for the Privacy and Proxy Services Accreditation Issues PDP Working group call held on Tuesday 07 April 2015 at 14:00 UTC at: http://audio.icann.org/gnso/gnso-ppsa-07apr15-en.mp3

On page:

<http://gnso.icann.org/en/group-activities/calendar#mar>http://gnso.icann.org/en/group-activities/calendar#<http://gnso.icann.org/en/group-activities/calendar#apr>apr<http://gnso.icann.org/en/group-activities/calendar#apr>



The recordings and transcriptions of the calls are posted on the GNSO Master Calendar page:

http://gnso.icann.org/calendar/



 Attendees:

Frank Michlick – Individual

Justin Macy - BC

Val Sherman – IPC

Griffin Barnett – IPC

Kathy Kleiman – NCSG

Darcy Southwell – RrSG

Todd Williams – IPC

Steve Metalitz - IPC

Graeme Bunton – RrSG

Jim Bikoff - IPC

Volker Greimann – RrSG

Alex Deacon –IPC
Stephanie Perrin – NCSG

Phil Corwin – BC

Chris Pelling – RrSG

Carlton Samuels – ALAC

Richard Leaning –  no soi

David Hughes – IPC

Tatiana Khramtsova – RrSG

Terri Stumme - BC
 Holly Raiche – ALAC

Vicky Sheckler – IPC

Susan Kawaguchi - BC

Luc Seufer – RrSG
Michele Neylon – RrSG
Osvaldo Novoa - ISPCP
Roger Carney – RrSG
David Heasley - IPC



Apologies :

Don Blumenthal – RySG

Lindsay Hamilton-Reid – RrSG

Kiran Malancharuvil – IPC

 James Bladel – RrSG

Paul McGrady – IPC


ICANN staff:

Mary Wong

Marika Konings

Amy Bivins
Nathalie Peregrine



** Please let me know if your name has been left off the list **



Mailing list archives:
http://mm.icann.org/pipermail/gnso-ppsai-pdp-wg/

Wiki page:

https://community.icann.org/x/9iCfAg



Thank you.

Kind regards,

Nathalie

-------------------------------



 Adobe Connect chat transcript for Tuesday 07 April 2015

   Nathalie  Peregrine:Welcome to the PPSAI WG Meeting of 07 April 2015

  Mary Wong:I can hear you
  Mary Wong:Clear as a bell :)
  Michele Neylon:Graeme I can hear you
  Michele Neylon:though I'm not listening
  Holly Raiche:I'm not hearing anything - but then noone is talking?
  Michele Neylon:I've got music on
  Chris Pelling:clicking noised on bridge
  Frank Michlick:I'm listing to a podcast ;-)
  Chris Pelling:ok clicking seems intermitent, if it gets on my nerves ill calll back in
  Chris Pelling::)
  Frank Michlick:Will stop that though when this call starts.
  Frank Michlick:hello!
  val sherman:David Heasley also on audio bridge
  Graeme Bunton:Thanks Val
  Osvaldo Novoa:Hello all, sorry I'm a bit late
  Nathalie  Peregrine:Todd Williams and Vicky Schedkler have joined the call
  Kathy:Sorry Graeme -- too many holidays!
  Nathalie  Peregrine:Michael Shoukry has joined rhe call
  Kathy Kleiman:I think we should bar it, but how do you know?
  Mary Wong:Yes it's at the end
  Nathalie  Peregrine:Terri Stumme is on the audio bridge
  Mary Wong:Last para in blue (sorry, having audio and voice issues)
  Kathy Kleiman:Good paragraph - can we move it up in the doc?
  Darcy Southwell:I agree with Graeme from a service provider's perspective.
  Stephanie Perrin:I think the threshold for asking for a reveal has to be a lot higher than for the others....
  Nathalie  Peregrine:Carlton Samuels has joined the room
  Carlton Samuels:Morning all
  Stephanie Perrin:Therefore, we need to add language here.  I have no objection to the service provider, for instance, automatically forwarding any requests.
  Stephanie Perrin:"any steps in the process" makes it over-broad...
  Stephanie Perrin:"in the absence of human review" also makes me a bit nervous, we would have to define human review.
  Kathy Kleiman:New II.D
  Kathy Kleiman:+1 Volker
  Kathy Kleiman:quality and quantity
  steve metalitz:We ashould also find automated high volume refusals to disclose and automated high volume responses from customers  objectionable.
  Nathalie  Peregrine:Luc Seufer has joined the call
  Carlton Samuels:@Stephanie: Higher threshold for reveal +1.
  vicky sheckler:disagree w/ stephanie and carlton
  Michele Neylon:whoever is being noisy can you please use the mute button
  Carlton Samuels:I can't hear Steve....I'm on A/C Audio only
  Volker Greimann:true, Steve
  Nathalie  Peregrine:Please all mute mics when not speaking.
  Kathy Kleiman:But it doesn't cover everything...
  Stephanie Perrin:Steve you are fading in and out
  Carlton Samuels:@Steve: Yes, attestation at all levels +1
  Stephanie Perrin:agree with the belt and suspenders
  Stephanie Perrin:people are disappearing frequently
  Chris Pelling:i left and came back
  Chris Pelling:way better
  Chris Pelling:no clicking at all
  Stephanie Perrin:IS everyone having fade in and out or do I need to redial?
  Nathalie  Peregrine:If you are having issues with AC audio, please dial into the phone bridge, or we can dial out to you.
  Stephanie Perrin:+1 Kathy
  Chris Pelling:I agree with Kathy
  Mary Wong:The words "high volume, automated processes" are from the RAA.
  Stephanie Perrin:In other words, Humans do use computers to send things out....
  Luc Seufer:Just as an FYI the French DPA allows AFNIC to disclose private data but the request and the disclosure need to be reviewed by a human.
  Chris Pelling:I would agree with Michele, as long as each notice is reviewed by a LIVING and breithing person it is ok
  Carlton Samuels:@Kathy: Let's err on the side of TMI; keep it and look to placement
  Mary Wong:Yes
  val sherman:+1 Graeme and Michele -- if there is human review, the communication should not be considered automated
  Mary Wong:With suggested edits from Volker
  Kathy Kleiman:very responsive
  Carlton Samuels:@Steve: There was the use of the word 'solely' there as well
  Kathy Kleiman:@Steve: I think you summarized the concerns well
  Mary Wong:Would "human rights (e.g. FoE or privacy)" work?
  vicky sheckler:that is not a pretext
  Holly Raiche:Agree with Volker and Stephanie
  Volker Greimann:Stephanie +1
  Michele Neylon:shes' cutting out
  Volker Greimann:what is violated by the reveal is always the privacy., but now always human rights
  Chris Pelling:I agree
  Michele Neylon:privacy is a human right though ?
  Volker Greimann:so if it needs to be violated, the threshhold should be met
  val sherman:The mere desire of the customer to preserve their privacy cannot be sufficient to refuse a legitimate request, meeting all other criteria of these standards
  steve metalitz:(5) only comes into play once requestor has met "threshold for "'reveal" (actually, for disclosure)
  Holly Raiche:Yes Michele - but what is being protected is privacy - which should be the default position
  Volker Greimann:Exactly
  vicky sheckler:strongly disagee w/ stephanie.  that is not a pretext, which is what the provision todd wrote was trying to addres
  Carlton Samuels:@Graeme: I would prefer the use of  the word 'mainly' or a phrase that removes the [artificial] limit
  Michele Neylon:Holly yes but the privacy or lack of it can stem speech
  steve metalitz:No, that does not make sense, Stephanie, in light of our discussions over the past 16 months
  Holly Raiche:@ Michele - true enough, but what Stephanie is saying is that people ought to be able to choose to protct their personal informtion unless there is a demonstrable reason otherwise
  Carlton Samuels:@Stephanie: +1 Should be no need to prove harm to protect privacy
  Holly Raiche:@ Kathy - the language is there - just use privacy at the end
  vicky sheckler:there is a general rule about when the p/p customer can request refusal of the disclosure, agqain AFTER the requester has provided the requisite information about a violation of the requrester's rights
  Mary Wong:The framework language since this was first presented has been premised (in Section III) on the customer providing reasons to the provider NOT to disclose.
  Mary Wong:As Vicky notes, this happens AFTER a provider receives a full and accurate request (per the framework requirements)
  vicky sheckler:Kathy - rights to authroship are also a human right.  privacy does not defacto trump any other tights no matter what
  vicky sheckler:rights to authorship are in the human declaration of human rights
  Kathy Kleiman:legitimate rights and protections (e.g., freedom of expression and freedom of association).”
  Stephanie Perrin:I would be happy to provide edits after the call...
  Carlton Samuels:We agreed all applicants following the same set of rules can have a P/P registration. We cannot now say to maintain it post registration and in the absence of credible evidence of infraction of rules, one must prove harm to retain it!
  Carlton Samuels:@Kathy: +1. Let's go for more explicit. Err on the side of TMI here.
  vicky sheckler:i agree w/ Steve.  feels like we are going backwards
  Kathy Kleiman:+1 Volker
  Holly Raiche:That is how I understood what Volker was saying
  vicky sheckler:or we get rid of item 5.
  steve metalitz:Looking forward to seeing your language Stephanie.
  Kathy Kleiman:@Vicky - I think we are getting close; and it is very important
  Mary Wong:@Stephanie, isn't that example you give already covered by the current language? Esp if we say "human rights (e.g FoE and rights to privacy)"?
  Kathy Kleiman:Todd's language is good - just tweaking
  Stephanie Perrin:I agree, we are just talking about tweaking
  Holly Raiche:@ Stephanie - are we not really saying that respect for privacy through genuine tests before reveal is allowed serves to protect the other rights
  Todd Williams:I'm back.  Sorry.  I'll check the transcript on what I missed.
  Mary Wong:Note also footnote #2, which adds Val's suggestion for what the form of attestation might look like (bottom of pg 4)
  Kathy Kleiman:self-attestation, hmmm
  Kathy Kleiman:it seems to have some limitations
  Stephanie Perrin:@ Holly yes that is the bottom line, this service protects privacy and confidentiality of customer data in order to protect other fundamental human rights (including Privacy)
  Mary Wong:To clarify - the main text specifies WHAT the attestation requires, the footnote suggests HOW this might look
  Holly Raiche:@ Stephanie - Tks
  vicky sheckler:stephanie - or to protect those that violate others rights.  p/p services are abused by wrondoers too.  Well over a majority of the sites we monitor that engage in widespread infringement are behind p/p serivces
  Mary Wong:Note that those ccTLD operators whose disclosure requests policies we could find requires at most "authorized representative" and certification/attestation that any disclosed info will only be used for the specified purpose.
  vicky sheckler:we need to find the proper balance, not keep saying that one right trump[s over anythign else
  Stephanie Perrin:@ Vicky I understand that.  If a requestor can  make a valid case to prove that, the customer data is revealed.
  Holly Raiche:@ Vicki - I think we are all aware of the abuse of p/p services, and I don't think access to information by law agencies is problematic for anyone in this WG
  Stephanie Perrin:Indeed, we are not talking about LEAs here, we are talking about civil action.
  Holly Raiche:@ Vicki and Stephanie - agreed
  vicky sheckler:Kathy - that seems like more than what cctld operators are requiring. Not sure why we can't follow the ccTLd oeprators lead here
  Mary Wong:We have not come across any published policy that requires documentation other than ID and TM registration cert (for example).
  Mary Wong:Published ccTLD policy, I mean.
  Chris Pelling:its putting an enforcable action for being able to sue the requestor
  Stephanie Perrin:Is this not the first time that we have looked at the issue?  Why follow the ccTLDs?
  vicky sheckler:+1 w/ Val
  Mary Wong:For example, CIRA (.ca) requires a form with name, address and reasons to be stated, accompanied by a notarized/certified copy of a TM registration plus proof of requestor identity.
  Mary Wong:@Stephanie, it was just to see if we can find guidance or common practice that, if appropriate, we can consider utilizing.
  Chris Pelling:sorry, its having the paperwork to show it
  Stephanie Perrin:@Mary, and I do agree that the CIRA example is better than many
  Kathy Kleiman:@Mary: But we are setting up probably a whole new scale for reveal requests - probably far beyond ccTLD requests
  Carlton Samuels:@Val: Would it mean the same if there is some registration of requestor's connection to the rights owner?
  Chris Pelling:@Steve its not really documents, its a single page in most cases
  vicky sheckler:i need to drop off. sorry
  Stephanie Perrin:This process definitely has to set the standards for the agency represnetation.  Otherwise, we know that services will be outsourced to the lowest price.
  Kathy Kleiman:@All: It's an accountability issue
  Stephanie Perrin:Yes it is an accountability issue.
  val sherman:Carlton -- i'm not sure I understand your question.
  Mary Wong:@Kathy, agreed on scale - so question is whether any particular requirement is both practical and justified in the context.
  Volker Greimann:caveat: unless I have to...
  Frank Michlick:thank you
  Carlton Samuels:@Val: To relieve seeing contracts fto attest standing, could a pre-reg work?
  Kathy Kleiman:Tx Graeme and All!
  Darcy Southwell:Thanks!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-ppsai-pdp-wg/attachments/20150407/6dcecde5/attachment-0001.html>