[gnso-rds-pdp-wg] Does the principle of proportionality apply to thin data?

John Bambenek jcb at bambenekconsulting.com
Thu Jun 1 16:38:51 UTC 2017 

Which is why its past time to get third-party independent legal advice instead of relying on activists and those with economic conflicts of interest telling us what is compliant. 

Sent from my iPhone

> On Jun 1, 2017, at 04:21, Volker Greimann <vgreimann at key-systems.net> wrote:
> 
> Well, if whatever we develop is not in compliance with privacy laws, we are all wasting our time and working for the wastepaper basket. Anything we develop must be compliant or it will be unimplementable...
> 
>> Am 31.05.2017 um 22:26 schrieb Chen, Tim:
>> I am compelled to point out that making sure ICANN is compliant with privacy laws is not "the purpose of this WG".  And I believe statements like that, which I hope and believe was made in brevity and not in fact, contribute to the belief shared by some here that others have distressingly myopic viewpoints as to what the outcome of all this work is meant to be.  We are trying to solve a complex equation [sidebar, this thin whois piece should not be the hard part] not simply protect ICANN from the broad category of 'privacy laws' despite that being an important consideration.
>> 
>> Marika has been very clear in repeatedly pointing all of us to the original charter docs.  This is how she (not me) summarized it weeks ago:
>> 
>> ·         What are the fundamental requirements for gTLD registration data? When addressing this question, the PDP WG should consider, at a minimum, users and purposes and associated access, accuracy, data element, and privacy requirements.
>> ·         Is a new policy framework and next-generation RDS needed to address these requirements?
>> o    If yes, what cross-cutting requirements must a next-generation RDS address, including coexistence, compliance, system model, and cost, benefit, and risk analysis requirements?
>> o    If no, does the current WHOIS policy framework sufficiently address these requirements? If not, what revisions are recommended to the current WHOIS policy framework to do so?
>> 
>>> On Wed, May 31, 2017 at 12:01 PM, nathalie coupet via gnso-rds-pdp-wg <gnso-rds-pdp-wg at icann.org> wrote:
>>> Benefits: making sure ICANN is in compliance with privacy laws. Isn't it the purpose of this WG? Issues pertaining to cost and protection of IP address I will leave other to answer. But it seems to me that pseudonimization, randomization and encryption could be candidate solutions. 
>>> 
>>>  
>>> Nathalie 
>>> 
>>> 
>>> On Wednesday, May 31, 2017 2:48 PM, John Bambenek via gnso-rds-pdp-wg <gnso-rds-pdp-wg at icann.org> wrote:
>>> 
>>> 
>>> This applies a web interface... would an API be exposed for those of us who use the command-line? Would there be a central point of query or would a consumer have to google it? Who pays for constructing such a system and what is the commensurate return on the investment for them paying to make all this? If you are asking for this information, surely you are also getting source data (for instance consumer IP, which can be PII), how will all that be protected?
>>> There is a whole lot of complexity, in general, and costs for registries/registrars, specifically.  What problem does this solve that it makes sense to engineer a solution for it?
>>> 
>>>> On 5/31/2017 1:40 PM, nathalie coupet via gnso-rds-pdp-wg wrote:
>>> 
>>> Hi Chuck,
>>> 
>>> My position was and is to secure unauthenticated access to thin data for all. 
>>> I envisioned access to RDS through 3 chock points to weed out bad actors as much as possible: 
>>> An end-user would need to check the first box for authenticated/unauthenticated access, then another box for consumer and a third would be to select the purpose or a default purpose would be selected for him (maybe no purpose could also be possible). 
>>> Consumers don't need all the thin data to be published for their simple queries, since - in my mind - they want to make sure the website is legitimate or they want to identify the author in case of abuse (such as defamation, abuse or threats). 
>>> If the principle of proportionality doesn't apply to most other cases, that's fine. But I think it does apply for simple consumer queries. 
>>> This is an interesting debate, but I never thought it would lead to people actually proposing to drop vital data for the functioning of the Internet.
>>> I had in mind the other principle that you do not volunteer data when it is not required. It should be useful. Not because it is PPI, but out of caution.
>>> 
>>> 
>>> 
>>> Sent from my iPhone
>>> 
>>> On May 31, 2017, at 2:21 PM, Gomes, Chuck <cgomes at verisign.com> wrote:
>>> 
>>> 
>>> Nathalie,
>>>  
>>> Thank you for your suggestion that the principle of proportionality be added.  That has generated a very lively discussion.
>>>  
>>> As I am sure you have seen, a lot of WG members have stated that they do not believe that the principle of proportionality applies to thin data and have provided what I think is pretty good rationale in support of their position.  As the originator of the suggestion, do you still maintain that the principle applies to thin data?  If so, how would you counter the arguments that have been made to the contrary?
>>>  
>>> All – If anyone else thinks that the principle of proportionality applies to think data, please speak up and provide your counters to the arguments that have been made to the contrary.
>>>  
>>> Chuck
>>> 
>>> 
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>> 
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>> 
>>> 
>>> 
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> 
>> 
>> 
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> 
> -- 
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
> 
> Mit freundlichen Grüßen,
> 
> Volker A. Greimann
> - Rechtsabteilung -
> 
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann at key-systems.net
> 
> Web: www.key-systems.net / www.RRPproxy.net
> www.domaindiscount24.com / www.BrandShelter.com
> 
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
> www.facebook.com/KeySystems
> www.twitter.com/key_systems
> 
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken 
> Umsatzsteuer ID.: DE211006534
> 
> Member of the KEYDRIVE GROUP
> www.keydrive.lu 
> 
> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
> 
> --------------------------------------------
> 
> Should you have any further questions, please do not hesitate to contact us.
> 
> Best regards,
> 
> Volker A. Greimann
> - legal department -
> 
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann at key-systems.net
> 
> Web: www.key-systems.net / www.RRPproxy.net
> www.domaindiscount24.com / www.BrandShelter.com
> 
> Follow us on Twitter or join our fan community on Facebook and stay updated:
> www.facebook.com/KeySystems
> www.twitter.com/key_systems
> 
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken 
> V.A.T. ID.: DE211006534
> 
> Member of the KEYDRIVE GROUP
> www.keydrive.lu 
> 
> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
> 
> 
> 
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170601/58c865a9/attachment-0001.html>

More information about the gnso-rds-pdp-wg mailing list