[gnso-rds-pdp-wg] ICANN Legal Opinion on GDPR - Part 1

gtheo gtheo at xs4all.nl
Tue Oct 24 11:46:31 UTC 2017


This is merely an example what will happen within the months to come 
John.
And if you would be facing some draconian fines you would do the same 
thing.

Contracted parties will not get an exemption from Europe for now.

So the focus for the RDS is crystal clear for us as a WG. How do we 
balance privacy rights and fighting abuse?

Thanks,

Theo



John Bambenek via gnso-rds-pdp-wg schreef op 2017-10-24 01:11 PM:
> So your solution is no one but law enforcement gets whois on anyone?
> Because that appears to be the case for .frl and .amsterdam. Why even
> bother talking about RDS then?
> 
> --
> John Bambenek
> 
> On Oct 24, 2017, at 13:00, Volker Greimann <vgreimann at key-systems.net>
> wrote:
> 
>> True. Legal Requirement (Action) -> Compliant implementation
>> (Reaction)
>> 
>> Seriously though, I see this as a legitimate proposal for a registry
>> operator to both meet the needs of law enforcement to access this
>> data and the data protection requirements in the jurisdictions that
>> affect their business.
>> 
>> ICANN should not have turned this into a compliance matter, but now
>> that they did, It is good to see them stand up and defend their need
>> to remain compliant with applicable laws. I see this as a model of
>> how all Whois data for European data subjects will likely look in
>> less than 6 months.
>> 
>> Best,
>> 
>> Volker
>> 
>> Am 24.10.2017 um 12:42 schrieb John Bambenek:
>> Every action has an equal and opposite reaction.
>> 
>> --
>> John Bambenek
>> 
>> On Oct 24, 2017, at 11:48, Volker Greimann
>> <vgreimann at key-systems.net> wrote:
>> 
>> Fighting the good fight.
>> 
>> Am 24.10.2017 um 11:32 schrieb Kris Seeburn:
>> This might be interesting news….
>> 
>> 
> http://domainincite.com/22218-amsterdam-refuses-to-publish-whois-records-as-gdpr-row-escalates
>> 
>> 
>> On Oct 24, 2017, at 07:59, jonathan matkowsky
>> <jonathan.matkowsky at riskiq.net> wrote:
>> 
>> Hi, Chuck, Regarding below, has a decision been made by leadership
>> whether to invite the org folks to meet with us in Abu Dhabi as Greg
>> A. was suggesting?
>> 
>> Thanks
>> Jonathan
>> 
>> On Fri, Oct 20, 2017 at 2:46 AM jonathan matkowsky
>> <jonathan.matkowsky at riskiq.net> wrote:
>> 
>> The other week I was asking this group about the significance of the
>> ePrivacy Directive and asked to get some feedback.
>> 
>> The memo says:
>> 
>> While our memorandum series will primarily focus on the GDPR, we
>> will also address other relevant pieces of EU legislation that may
>> have effect on the processing of personal data through the Whois
>> services, such as but not limited to the EU ePrivacy Directive
>> 2002/58/EC and the proposed new EU ePrivacy Regulation aimed to
>> replace the said directive in May 2018.
>> 
>> This is exactly what I was asking to understand.
>> 
>> That said, I do want to continue our work, but I also have limited
>> resources—as do we all—so the sooner we can get this
>> information, the better. It may help us in deciding the most
>> efficient way forward, or at least help confirm we aren’t wasting
>> our time in how we move forward here?
>> 
>> Thanks
>> Jonathan
>> 
>> On Thu, Oct 19, 2017 at 9:40 AM Greg Aaron <gca at icginc.com> wrote:
>> 
>> Dear Chuck:
>> 
>> ICANN meetings are for information-sharing.  And since we have two
>> efforts working on some of the exact same issues,  I suggest that
>> some info-sharing could be very helpful to our volunteers.
>> 
>> The ICANN Org effort with Hamilton is clearly going to be more
>> comprehensive than the narrow effort our WG has received from Wilson
>> Sonsini.  And as you know, the Org effort will set a precedent which
>> will be important for our WG to understand.
>> 
>> The new memo, and those to come, are about the impact of GDPR on
>> registration data and WHOIS.  I draw your attention to the end of
>> the blog post:
>> 
>> “As a reminder, this legal analysis is intended to serve as
>> building block for community discussions about how to approach GDPR
>> issues in the domain name space. [WHOIS.]
>> 
>> Here's where we need help from the multistakeholder community:
>> 
>> Please review the initial legal analysis and provide feedback. This
>> includes identifying possible questions, and how best to interact
>> with data protection agencies and others to get to the next step of
>> the analysis.
>> 
>> It will be helpful to receive your feedback at the earliest
>> opportunity, so as to inform the upcoming discussions at ICANN60,
>> and to feed into future iterations of the legal analysis.”
>> 
>> The RDS WG is the main place where the multistakeholder community is
>> considering WHOIS.   So one would think that ICANN Org would have
>> already reached out to our WG.   I am surprised that it has not.
>> So, I think it’s appropriate for us to invite the Org folks in.
>> The goal is to understand that work and ask questions.  Maybe the
>> RDS WG could then formulate some feedback as requested above.  After
>> all, we’ve been thinking about this stuff for almost two years
>> now..
>> 
>> As part of the briefing, it would be good to hear about this
>> effort's schedule and workplan.  The memo says: "We intend to
>> provide a series of memorandums, which will address different
>> aspects of the issue and where the  scope and topics of each such
>> memorandum will be discussed and agreed with ICANN. We understand
>> that ICANN intends to make each memorandum publicly available."  I
>> do not see any of those details in the memo or blog.  For example,
>> what topics will be the subjects of the forthcoming memos?
>> There’s clearly a plan for that.
>> 
>> I have no idea of any of that will come out in the GDPR session on
>> Thursday, but since that consists of panel presentations, I am
>> unsure and would prefer that our WG definitely get a briefing and a
>> chance to ask questions.
>> 
>> All best,
>> 
>> --Greg
>> 
>> FROM: gnso-rds-pdp-wg-bounces at icann.org
>> [mailto:gnso-rds-pdp-wg-bounces at icann.org] ON BEHALF OF Stephanie
>> Perrin
>> SENT: Thursday, October 19, 2017 11:19 AM
>> TO: gnso-rds-pdp-wg at icann.org
>> 
>> SUBJECT: Re: [gnso-rds-pdp-wg] ICANN Legal Opinion on GDPR - Part 1
>> 
>> I am curious as to how the questions are being framed.   Who is the
>> client, ICANN the MS body, ICANN the CEO and staff (who have been
>> found to be a co-controller and therefore have an interest in
>> avoiding fines) or ICANN the Board.
>> 
>> There are different interests at stake here, I  think it would be
>> useful to get a fuller understanding of how Teresa Swineheart is
>> handling the development of questions.
>> 
>> Stephanie Perrin
>> 
>> On 2017-10-19 10:43, Chuck wrote:
>> 
>> Greg,
>> 
>> Having just finished reading the Hamilton memo, I don't understand
>> why you
>> 
>> think the WG needs a presentation?  What would a presentation from
>> Teresa or
>> 
>> other ICANN staff person provide us that we couldn't get from the
>> memo
>> 
>> itself and other sources such as the ICANN Blog, etc.?
>> 
>> Can you identify any advice from Hamilton that would supplant work
>> we have
>> 
>> been doing?  If so, please identify it.
>> 
>> In my opinion:
>> 
>> - The advice of ways forward fits nicely into our policy development
>> 
>> processes.
>> 
>> - The Hamilton Memo confirms much of what we already heard from the
>> DP
>> 
>> experts and Wilson Sonsini so we now have it from three separate
>> sources.
>> 
>> - You are absolutely that we "need to understand and track the legal
>> 
>> advice being made" and that it overlaps what we are doing but I
>> think that
>> 
>> will help us.
>> 
>> Chuck
>> 
>> -----Original Message-----
>> 
>> From: Greg Aaron [mailto:gca at icginc.com]
>> 
>> Sent: Thursday, October 19, 2017 7:25 AM
>> 
>> To: Chuck <consult at cgomes.com>; 'Alan Greenberg'
>> <alan.greenberg at mcgill.ca>;
>> 
>> 'GNSO RDS PDP' <gnso-rds-pdp-wg at icann.org>
>> 
>> Subject: RE: [gnso-rds-pdp-wg] ICANN Legal Opinion on GDPR - Part 1
>> 
>> Dear WG  leadership:
>> 
>> As we expected, this ICANN Org effort will have a profound effect on
>> our
>> 
>> work.  We will need to understand and track the legal advice being
>> made,
>> 
>> which overlaps with and in some places may supplant work we have
>> been doing.
>> 
>> And the memo's "Finding New Ways Forward"  section (3.9) provides
>> advice for
>> 
>> the policy-making process.  Clearly our WG needs (deserves) a
>> presentation
>> 
>> at Abu Dhabi from Teresa Swinehart, who is heading up this effort.
>> 
>> Could this be done at the WG meeting on Wednesday 1 November?
>> 
>> Wednesday will be better attended, both in-person and remotely.
>> (Some
>> 
>> members may still be in transit during the WG's early Saturday
>> morning
>> 
>> meeting.  And the Saturday meeting is at a challenging time for
>> those
>> 
>> participating remotely -- ~6:30 a.m. Saturday morning in Europe /
>> 12:30
>> 
>> a.m. Saturday East Coast USA.)
>> 
>> As part of the briefing, it would be good to hear about this
>> effort's
>> 
>> schedule, workplan, and immediate next steps.  The memo says: "We
>> intend to
>> 
>> provide a series of memorandums, which will address different
>> aspects of the
>> 
>> issue and where the  scope and topics of each such memorandum will
>> be
>> 
>> discussed and agreed with ICANN. We understand that ICANN intends to
>> make
>> 
>> each memorandum publicly available."
>> 
>> All best,
>> 
>> --Greg
>> 
>> -----Original Message-----
>> 
>> From: gnso-rds-pdp-wg-bounces at icann.org
>> 
>> [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of Chuck
>> 
>> Sent: Thursday, October 19, 2017 8:51 AM
>> 
>> To: 'Alan Greenberg' <alan.greenberg at mcgill.ca>; 'GNSO RDS PDP'
>> 
>> <gnso-rds-pdp-wg at icann.org>
>> 
>> Subject: Re: [gnso-rds-pdp-wg] ICANN Legal Opinion on GDPR - Part 1
>> 
>> I want to call attention to the following paragraph:
>> 
>> "The memo highlights the complexity of these issues in the domain
>> name
>> 
>> space, and concludes that the current open, publicly available WHOIS
>> 
>> services cannot remain unchanged. The WHOIS system has to become
>> adaptable
>> 
>> to address the GDPR from the European perspective, as well as other
>> changing
>> 
>> regulations around the world."
>> 
>> After input from Data Protection experts, the Wilson Sonsini memo
>> and now
>> 
>> this memo, do any in the WG disagree with this statement?
>> 
>> Chuck
>> 
>> -----Original Message-----
>> 
>> From: gnso-rds-pdp-wg-bounces at icann.org
>> 
>> [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of Alan
>> Greenberg
>> 
>> Sent: Thursday, October 19, 2017 5:04 AM
>> 
>> To: GNSO RDS PDP <gnso-rds-pdp-wg at icann.org>
>> 
>> Subject: Re: [gnso-rds-pdp-wg] ICANN Legal Opinion on GDPR - Part 1
>> 
>> Full Blog post is at
>> 
>> https://www.icann.org/news/blog/data-protection-and-privacy-update.
>> Alan
>> 
>> At 19/10/2017 12:23 AM, Alan Greenberg wrote:
>> 
>> Perhaps it has already been posted, but if not, ICANN has received
>> the
>> 
>> first part of the independent legal analysis of the GDPR in relation
>> to
>> 
>> WHOIS that had been commissioned.
>> 
>> It can be found at
>> 
>> 
> https://www.icann.org/en/system/files/files/gdpr-memorandum-part1-16oct
>> 
>> 17-e
>> 
>> n.pdf.
>> 
>> Alan
>> 
>> _______________________________________________
>> 
>> gnso-rds-pdp-wg mailing list
>> 
>> gnso-rds-pdp-wg at icann.org
>> 
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> 
>> _______________________________________________
>> 
>> gnso-rds-pdp-wg mailing list
>> 
>> gnso-rds-pdp-wg at icann.org
>> 
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> 
>> _______________________________________________
>> 
>> gnso-rds-pdp-wg mailing list
>> 
>> gnso-rds-pdp-wg at icann.org
>> 
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> 
>   _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> --
> 
> Jonathan Matkowsky
> --
> 
> Jonathan Matkowsky
> *******************************************************************
> This message was sent from RiskIQ, and is intended only for the
> designated recipient(s). It may contain confidential or proprietary
> information and may be subject to confidentiality protections. If you
> are not a designated recipient, you may not review, copy or distribute
> this message. If you receive this in error, please notify the sender
> by reply e-mail and delete this message. Thank you.
> 
> 
> *******************************************************************_______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> 
> Kris Seeburn
> seeburn.k at gmail.com
> 
>  	* www.linkedin.com/in/kseeburn/ [8]
> 
> <KeepItOn_Social_animated.gif>
> 
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> 
> --
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
> 
> Mit freundlichen Grüßen,
> 
> Volker A. Greimann
> - Rechtsabteilung -
> 
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann at key-systems.net
> 
> Web: www.key-systems.net [1] / www.RRPproxy.net [2]
> www.domaindiscount24.com [3] / www.BrandShelter.com [4]
> 
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
> www.facebook.com/KeySystems [5]
> www.twitter.com/key_systems [6]
> 
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken
> Umsatzsteuer ID.: DE211006534
> 
> Member of the KEYDRIVE GROUP
> www.keydrive.lu [7]
> 
> Der Inhalt dieser Nachricht ist vertraulich und nur für den
> angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe,
> Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist
> unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so
> bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung
> zu setzen.
> 
> --------------------------------------------
> 
> Should you have any further questions, please do not hesitate to
> contact us.
> 
> Best regards,
> 
> Volker A. Greimann
> - legal department -
> 
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann at key-systems.net
> 
> Web: www.key-systems.net [1] / www.RRPproxy.net [2]
> www.domaindiscount24.com [3] / www.BrandShelter.com [4]
> 
> Follow us on Twitter or join our fan community on Facebook and stay
> updated:
> www.facebook.com/KeySystems [5]
> www.twitter.com/key_systems [6]
> 
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken
> V.A.T. ID.: DE211006534
> 
> Member of the KEYDRIVE GROUP
> www.keydrive.lu [7]
> 
> This e-mail and its attachments is intended only for the person to
> whom it is addressed. Furthermore it is not permitted to publish any
> content of this email. You must not use, disclose, copy, print or rely
> on this e-mail. If an addressing or transmission error has misdirected
> this e-mail, kindly notify the author by replying to this e-mail or
> contacting us by telephone.
> 
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
> 
> --
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
> 
> Mit freundlichen Grüßen,
> 
> Volker A. Greimann
> - Rechtsabteilung -
> 
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann at key-systems.net
> 
> Web: www.key-systems.net [1] / www.RRPproxy.net [2]
> www.domaindiscount24.com [3] / www.BrandShelter.com [4]
> 
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
> www.facebook.com/KeySystems [5]
> www.twitter.com/key_systems [6]
> 
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken
> Umsatzsteuer ID.: DE211006534
> 
> Member of the KEYDRIVE GROUP
> www.keydrive.lu [7]
> 
> Der Inhalt dieser Nachricht ist vertraulich und nur für den
> angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe,
> Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist
> unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so
> bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung
> zu setzen.
> 
> --------------------------------------------
> 
> Should you have any further questions, please do not hesitate to
> contact us.
> 
> Best regards,
> 
> Volker A. Greimann
> - legal department -
> 
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901
> Fax.: +49 (0) 6894 - 9396 851
> Email: vgreimann at key-systems.net
> 
> Web: www.key-systems.net [1] / www.RRPproxy.net [2]
> www.domaindiscount24.com [3] / www.BrandShelter.com [4]
> 
> Follow us on Twitter or join our fan community on Facebook and stay
> updated:
> www.facebook.com/KeySystems [5]
> www.twitter.com/key_systems [6]
> 
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken
> V.A.T. ID.: DE211006534
> 
> Member of the KEYDRIVE GROUP
> www.keydrive.lu [7]
> 
> This e-mail and its attachments is intended only for the person to
> whom it is addressed. Furthermore it is not permitted to publish any
> content of this email. You must not use, disclose, copy, print or rely
> on this e-mail. If an addressing or transmission error has misdirected
> this e-mail, kindly notify the author by replying to this e-mail or
> contacting us by telephone.
> 
> 
> 
> Links:
> ------
> [1] http://www.key-systems.net
> [2] http://www.RRPproxy.net
> [3] http://www.domaindiscount24.com
> [4] http://www.BrandShelter.com
> [5] http://www.facebook.com/KeySystems
> [6] http://www.twitter.com/key_systems
> [7] http://www.keydrive.lu
> [8] http://www.linkedin.com/in/kseeburn/
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg


More information about the gnso-rds-pdp-wg mailing list