[gnso-rds-pdp-wg] Purpose in accordance with Registry Agreement section 2.18
Dotzero
dotzero at gmail.com
Fri Jun 2 20:15:56 UTC 2017
The overwhelming majority of domains registered would be considered for
commercial purposes. The fact that a small percentage of domains are
registered by individuals for personal use should not be the determining
factor as to what is appropriate for ICANN to do. In fact, many of what
people assert are personal domains have advertising on them and would
therefor be considered by almost any jurisdiction to be engaged in a
commercial activity. This includes many (most?) parked domains.
Under these circumstances, having disclosure requirement in
registry/registrar agreements seems very appropriate and reasonable. Adding
in the fact that "private registration" is an option reduces the scope of
the issue even further.
This is starting to increasingly look like a case of throwing the baby out
with the bath water.
Michael Hammer
On Fri, Jun 2, 2017 at 2:38 PM, Stephanie Perrin <
stephanie.perrin at mail.utoronto.ca> wrote:
> This clause has not been acceptable in the past, even before GDPR. I
> think it is worth pointing out that what is in the ICANN agreements has
> been repeatedly pointed out, notably by the Art 29 WG, but certainly by
> others such as the IWGDPT, as violating DP law. These documents I believe
> are all in our repository. So please let us not assume that what has been
> happening is ok, even if we sign contract after contract with the same
> offending clauses in them. Consent in most jurisdictions has to be some
> variant of "free, enlightened, and informed". Noone can be compelled to
> consent to a practice that is disproportionate or fails the necessity
> test...An ability to withdraw consent has to be available. I won't go on
> and on but this clause obviously does not pass this test.
>
> In my opinion, the longer ICANN tries to stymie the DPAs and ignore
> necessary changes in privacy policy, the greater the risk they run that a
> viral campaign will be launched among ordinary users, to appeal to the
> Courts. DPAs try to effect change through dialogue. WHen dialogue fails,
> individuals have to take cases to Court. We don't want that.
>
> Stephanie
>
> On 2017-06-02 08:19, Volker Greimann wrote:
>
> I was just reviewing the changes to the registry agreement again and I
> noticed a section that has relevance here as well and that had not been
> discussed here.
>
> Apparently the definition of the purpose for personal data collection as
> far as ICANN is concerned is the job of the registry operators:
>
> 2.18 Personal Data. Registry Operator shall (i) notify each
> ICANN-accredited registrar that is a party to the Registry-Registrar
> Agreement for the TLD of the purposes for which data about any identified
> or identifiable natural person (“Personal Data”) submitted to Registry
> Operator by such registrar is collected and used under this Agreement or
> otherwise and the intended recipients (or categories of recipients) of such
> Personal Data, and (ii) require such registrar to obtain the consent of
> each registrant in the TLD for such collection and use of Personal Data.
> Registry Operator shall take reasonable steps to protect Personal Data
> collected from such registrar from loss, misuse, unauthorized disclosure,
> alteration or destruction. Registry Operator shall not use or authorize the
> use of Personal Data in a way that is incompatible with the notice provided
> to registrars.
>
> This does have some relevance to our current discussion, so I thought I'd
> recklessly post it here!
>
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170602/6165ac25/attachment.html>
More information about the gnso-rds-pdp-wg
mailing list