[gnso-rds-pdp-wg] Reputation systems are not just nice to have (was Re: What we want redux)

Chuck consult at cgomes.com
Wed Oct 4 13:54:17 UTC 2017


I think that we should explore that.  In the case of personal data in jurisdictions with restrictive laws about displaying it publicly, I think that consent is an approach that has some possibilities.  As WSGR points out, it is not a trivial process, but it could be one way of dealing with this.

 

Chuck

 

From: Paul Keating [mailto:paul at law.es] 
Sent: Wednesday, October 04, 2017 6:10 AM
To: Chuck <consult at cgomes.com>
Cc: allison nixon <elsakoo at gmail.com>; Jeremy Malcolm <jmalcolm at eff.org>; gnso-rds-pdp-wg at icann.org
Subject: Re: [gnso-rds-pdp-wg] Reputation systems are not just nice to have (was Re: What we want redux)

 

Chuck and alison

 

Is there a purpose that could support the public display of PID such that consent could be requested and provided?

Sincerely,

Paul Keating, Esq.


On Oct 4, 2017, at 2:46 PM, Chuck <consult at cgomes.com <mailto:consult at cgomes.com> > wrote:

I have similar views to Allison’s with regard to primary versus secondary purposes.  It is not at all clear to me that it matters.  One of the clarifying questions we have asked WSGR relates to this.  I hope they will respond because I think it would help us as we deliberate further on users and purposes.

 

Allison – I have one clarifying question for you: Do you support keeping personal information public in jurisdictions where that would be illegal?  I assume not and, if I am correct in assuming that, then I think that we need to focus on how to deal with that.  Your suggestions for informed consent could help in that regard.

 

Chuck

 

From: gnso-rds-pdp-wg-bounces at icann.org <mailto:gnso-rds-pdp-wg-bounces at icann.org>  [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of allison nixon
Sent: Tuesday, October 03, 2017 3:32 PM
To: Jeremy Malcolm <jmalcolm at eff.org <mailto:jmalcolm at eff.org> >
Cc: gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>  >> gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>  <gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org> >
Subject: Re: [gnso-rds-pdp-wg] Reputation systems are not just nice to have (was Re: What we want redux)

 

Thank you for the additional clarification Jeremy as I think I understand youall's position better. Those of us from the anti-abuse side are pretty happy with the imperfect, redacted, and fake info we currently have access to. We aren't interested in coercing reluctant people into disclosing things they don't want to. We want to keep the available information public, not gated, for the same reasons why you described a "vetting" process as prone to problems. We don't want the collected information reduced, and we are very adamant about this. We agree on informed consent and really anything that can help people keep themselves safer online.

 

The distinction between "primary" and "secondary" purpose seems less important to me since no one here is seriously pushing for an expansion of collected information. We just don't want it reduced to uselessness which is what this group is still in danger of doing, since this working group has for the most part treated anti-abuse as completely irrelevant. I am fine with anti-abuse being listed as a secondary purpose. So long as it is listed as a purpose.

 

 

 

 

On Tue, Oct 3, 2017 at 6:04 PM, Jeremy Malcolm <jmalcolm at eff.org <mailto:jmalcolm at eff.org> > wrote:

On 3/10/17 2:56 pm, allison nixon wrote:
> Those and others are currently listed on ICANN's website as uses for
> WHOIS data. To reject anti-abuse as a purpose would be to shift away
> from the currently accepted purposes of WHOIS.

I'm arguing that it's a secondary purpose, not the primary purpose.  A
secondary purpose is a purpose for which information, that was gathered
for a primary purpose, can also legitimately be used.  So for ICANN to
call these uses of WHOIS data "legitimate" does not imply for purposes
of data protection law that they are the primary purpose for collection
of that data.

The distinction is that if anti-abuse is a primary purpose, we would be
collecting a lot more information than if it is a secondary purpose.  (I
accept you're not arguing for the collection of additional information,
but my opposition to anti-abuse as a primary purpose is to counter such
arguments.)


--
Jeremy Malcolm
Senior Global Policy Analyst
Electronic Frontier Foundation
https://eff.org
jmalcolm at eff.org <mailto:jmalcolm at eff.org> 

Tel: 415.436.9333 ext 161 <tel:415.436.9333%20ext%20161> 

:: Defending Your Rights in the Digital World ::

Public key: https://www.eff.org/files/2016/11/27/key_jmalcolm.txt
PGP fingerprint: 75D2 4C0D 35EA EA2F 8CA8 8F79 4911 EC4A EDDF 1122








 

-- 

_________________________________
Note to self: Pillage BEFORE burning.

_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org> 
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20171004/e4e2226b/attachment.html>


More information about the gnso-rds-pdp-wg mailing list