[gnso-rds-pdp-wg] ICANN Legal Opinion on GDPR - Part 1
John Bambenek
jcb at bambenekconsulting.com
Tue Oct 24 11:54:25 UTC 2017
Its an example of doing it wrong because its over-broad. They are picking a fight and they know it.
But yes, I have heard the threats of just making it go dark.
But how many times do I need to repeat “whois privacy for free” until people realizing that I am actually providing a solution here? The repeated statements of “just want to preserve the status quo” fly in the face of my repeated emails on this subject.
Allow the consumer to make a choice what is in the directory. I don’t care if they put in role-based info as long as what is in there is verified (ie email doesnt bounce, phone number isnt 000-000-0000). If they don’t put it in the directory it doesnt need verified.
Because the CONSUMER is choosing what gets published, we bypass almost all of this.
Sure, registries/registrars will have to respond to complaints but if whois goes dark they are going to have to respond to 100% of them versus whois privacy for free they only have to respond to the subset that selects privacy.
--
John Bambenek
> On Oct 24, 2017, at 13:46, gtheo <gtheo at xs4all.nl> wrote:
>
> This is merely an example what will happen within the months to come John.
> And if you would be facing some draconian fines you would do the same thing.
>
> Contracted parties will not get an exemption from Europe for now.
>
> So the focus for the RDS is crystal clear for us as a WG. How do we balance privacy rights and fighting abuse?
>
> Thanks,
>
> Theo
>
>
>
> John Bambenek via gnso-rds-pdp-wg schreef op 2017-10-24 01:11 PM:
>> So your solution is no one but law enforcement gets whois on anyone?
>> Because that appears to be the case for .frl and .amsterdam. Why even
>> bother talking about RDS then?
>> --
>> John Bambenek
>> On Oct 24, 2017, at 13:00, Volker Greimann <vgreimann at key-systems.net>
>> wrote:
>>> True. Legal Requirement (Action) -> Compliant implementation
>>> (Reaction)
>>> Seriously though, I see this as a legitimate proposal for a registry
>>> operator to both meet the needs of law enforcement to access this
>>> data and the data protection requirements in the jurisdictions that
>>> affect their business.
>>> ICANN should not have turned this into a compliance matter, but now
>>> that they did, It is good to see them stand up and defend their need
>>> to remain compliant with applicable laws. I see this as a model of
>>> how all Whois data for European data subjects will likely look in
>>> less than 6 months.
>>> Best,
>>> Volker
>>> Am 24.10.2017 um 12:42 schrieb John Bambenek:
>>> Every action has an equal and opposite reaction.
>>> --
>>> John Bambenek
>>> On Oct 24, 2017, at 11:48, Volker Greimann
>>> <vgreimann at key-systems.net> wrote:
>>> Fighting the good fight.
>>> Am 24.10.2017 um 11:32 schrieb Kris Seeburn:
>>> This might be interesting news….
>> http://domainincite.com/22218-amsterdam-refuses-to-publish-whois-records-as-gdpr-row-escalates
>>> On Oct 24, 2017, at 07:59, jonathan matkowsky
>>> <jonathan.matkowsky at riskiq.net> wrote:
>>> Hi, Chuck, Regarding below, has a decision been made by leadership
>>> whether to invite the org folks to meet with us in Abu Dhabi as Greg
>>> A. was suggesting?
>>> Thanks
>>> Jonathan
>>> On Fri, Oct 20, 2017 at 2:46 AM jonathan matkowsky
>>> <jonathan.matkowsky at riskiq.net> wrote:
>>> The other week I was asking this group about the significance of the
>>> ePrivacy Directive and asked to get some feedback.
>>> The memo says:
>>> While our memorandum series will primarily focus on the GDPR, we
>>> will also address other relevant pieces of EU legislation that may
>>> have effect on the processing of personal data through the Whois
>>> services, such as but not limited to the EU ePrivacy Directive
>>> 2002/58/EC and the proposed new EU ePrivacy Regulation aimed to
>>> replace the said directive in May 2018.
>>> This is exactly what I was asking to understand.
>>> That said, I do want to continue our work, but I also have limited
>>> resources—as do we all—so the sooner we can get this
>>> information, the better. It may help us in deciding the most
>>> efficient way forward, or at least help confirm we aren’t wasting
>>> our time in how we move forward here?
>>> Thanks
>>> Jonathan
>>> On Thu, Oct 19, 2017 at 9:40 AM Greg Aaron <gca at icginc.com> wrote:
>>> Dear Chuck:
>>> ICANN meetings are for information-sharing. And since we have two
>>> efforts working on some of the exact same issues, I suggest that
>>> some info-sharing could be very helpful to our volunteers.
>>> The ICANN Org effort with Hamilton is clearly going to be more
>>> comprehensive than the narrow effort our WG has received from Wilson
>>> Sonsini. And as you know, the Org effort will set a precedent which
>>> will be important for our WG to understand.
>>> The new memo, and those to come, are about the impact of GDPR on
>>> registration data and WHOIS. I draw your attention to the end of
>>> the blog post:
>>> “As a reminder, this legal analysis is intended to serve as
>>> building block for community discussions about how to approach GDPR
>>> issues in the domain name space. [WHOIS.]
>>> Here's where we need help from the multistakeholder community:
>>> Please review the initial legal analysis and provide feedback. This
>>> includes identifying possible questions, and how best to interact
>>> with data protection agencies and others to get to the next step of
>>> the analysis.
>>> It will be helpful to receive your feedback at the earliest
>>> opportunity, so as to inform the upcoming discussions at ICANN60,
>>> and to feed into future iterations of the legal analysis.”
>>> The RDS WG is the main place where the multistakeholder community is
>>> considering WHOIS. So one would think that ICANN Org would have
>>> already reached out to our WG. I am surprised that it has not.
>>> So, I think it’s appropriate for us to invite the Org folks in.
>>> The goal is to understand that work and ask questions. Maybe the
>>> RDS WG could then formulate some feedback as requested above. After
>>> all, we’ve been thinking about this stuff for almost two years
>>> now..
>>> As part of the briefing, it would be good to hear about this
>>> effort's schedule and workplan. The memo says: "We intend to
>>> provide a series of memorandums, which will address different
>>> aspects of the issue and where the scope and topics of each such
>>> memorandum will be discussed and agreed with ICANN. We understand
>>> that ICANN intends to make each memorandum publicly available." I
>>> do not see any of those details in the memo or blog. For example,
>>> what topics will be the subjects of the forthcoming memos?
>>> There’s clearly a plan for that.
>>> I have no idea of any of that will come out in the GDPR session on
>>> Thursday, but since that consists of panel presentations, I am
>>> unsure and would prefer that our WG definitely get a briefing and a
>>> chance to ask questions.
>>> All best,
>>> --Greg
>>> FROM: gnso-rds-pdp-wg-bounces at icann.org
>>> [mailto:gnso-rds-pdp-wg-bounces at icann.org] ON BEHALF OF Stephanie
>>> Perrin
>>> SENT: Thursday, October 19, 2017 11:19 AM
>>> TO: gnso-rds-pdp-wg at icann.org
>>> SUBJECT: Re: [gnso-rds-pdp-wg] ICANN Legal Opinion on GDPR - Part 1
>>> I am curious as to how the questions are being framed. Who is the
>>> client, ICANN the MS body, ICANN the CEO and staff (who have been
>>> found to be a co-controller and therefore have an interest in
>>> avoiding fines) or ICANN the Board.
>>> There are different interests at stake here, I think it would be
>>> useful to get a fuller understanding of how Teresa Swineheart is
>>> handling the development of questions.
>>> Stephanie Perrin
>>> On 2017-10-19 10:43, Chuck wrote:
>>> Greg,
>>> Having just finished reading the Hamilton memo, I don't understand
>>> why you
>>> think the WG needs a presentation? What would a presentation from
>>> Teresa or
>>> other ICANN staff person provide us that we couldn't get from the
>>> memo
>>> itself and other sources such as the ICANN Blog, etc.?
>>> Can you identify any advice from Hamilton that would supplant work
>>> we have
>>> been doing? If so, please identify it.
>>> In my opinion:
>>> - The advice of ways forward fits nicely into our policy development
>>> processes.
>>> - The Hamilton Memo confirms much of what we already heard from the
>>> DP
>>> experts and Wilson Sonsini so we now have it from three separate
>>> sources.
>>> - You are absolutely that we "need to understand and track the legal
>>> advice being made" and that it overlaps what we are doing but I
>>> think that
>>> will help us.
>>> Chuck
>>> -----Original Message-----
>>> From: Greg Aaron [mailto:gca at icginc.com]
>>> Sent: Thursday, October 19, 2017 7:25 AM
>>> To: Chuck <consult at cgomes.com>; 'Alan Greenberg'
>>> <alan.greenberg at mcgill.ca>;
>>> 'GNSO RDS PDP' <gnso-rds-pdp-wg at icann.org>
>>> Subject: RE: [gnso-rds-pdp-wg] ICANN Legal Opinion on GDPR - Part 1
>>> Dear WG leadership:
>>> As we expected, this ICANN Org effort will have a profound effect on
>>> our
>>> work. We will need to understand and track the legal advice being
>>> made,
>>> which overlaps with and in some places may supplant work we have
>>> been doing.
>>> And the memo's "Finding New Ways Forward" section (3.9) provides
>>> advice for
>>> the policy-making process. Clearly our WG needs (deserves) a
>>> presentation
>>> at Abu Dhabi from Teresa Swinehart, who is heading up this effort.
>>> Could this be done at the WG meeting on Wednesday 1 November?
>>> Wednesday will be better attended, both in-person and remotely.
>>> (Some
>>> members may still be in transit during the WG's early Saturday
>>> morning
>>> meeting. And the Saturday meeting is at a challenging time for
>>> those
>>> participating remotely -- ~6:30 a.m. Saturday morning in Europe /
>>> 12:30
>>> a.m. Saturday East Coast USA.)
>>> As part of the briefing, it would be good to hear about this
>>> effort's
>>> schedule, workplan, and immediate next steps. The memo says: "We
>>> intend to
>>> provide a series of memorandums, which will address different
>>> aspects of the
>>> issue and where the scope and topics of each such memorandum will
>>> be
>>> discussed and agreed with ICANN. We understand that ICANN intends to
>>> make
>>> each memorandum publicly available."
>>> All best,
>>> --Greg
>>> -----Original Message-----
>>> From: gnso-rds-pdp-wg-bounces at icann.org
>>> [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of Chuck
>>> Sent: Thursday, October 19, 2017 8:51 AM
>>> To: 'Alan Greenberg' <alan.greenberg at mcgill.ca>; 'GNSO RDS PDP'
>>> <gnso-rds-pdp-wg at icann.org>
>>> Subject: Re: [gnso-rds-pdp-wg] ICANN Legal Opinion on GDPR - Part 1
>>> I want to call attention to the following paragraph:
>>> "The memo highlights the complexity of these issues in the domain
>>> name
>>> space, and concludes that the current open, publicly available WHOIS
>>> services cannot remain unchanged. The WHOIS system has to become
>>> adaptable
>>> to address the GDPR from the European perspective, as well as other
>>> changing
>>> regulations around the world."
>>> After input from Data Protection experts, the Wilson Sonsini memo
>>> and now
>>> this memo, do any in the WG disagree with this statement?
>>> Chuck
>>> -----Original Message-----
>>> From: gnso-rds-pdp-wg-bounces at icann.org
>>> [mailto:gnso-rds-pdp-wg-bounces at icann.org] On Behalf Of Alan
>>> Greenberg
>>> Sent: Thursday, October 19, 2017 5:04 AM
>>> To: GNSO RDS PDP <gnso-rds-pdp-wg at icann.org>
>>> Subject: Re: [gnso-rds-pdp-wg] ICANN Legal Opinion on GDPR - Part 1
>>> Full Blog post is at
>>> https://www.icann.org/news/blog/data-protection-and-privacy-update.
>>> Alan
>>> At 19/10/2017 12:23 AM, Alan Greenberg wrote:
>>> Perhaps it has already been posted, but if not, ICANN has received
>>> the
>>> first part of the independent legal analysis of the GDPR in relation
>>> to
>>> WHOIS that had been commissioned.
>>> It can be found at
>> https://www.icann.org/en/system/files/files/gdpr-memorandum-part1-16oct
>>> 17-e
>>> n.pdf.
>>> Alan
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> --
>> Jonathan Matkowsky
>> --
>> Jonathan Matkowsky
>> *******************************************************************
>> This message was sent from RiskIQ, and is intended only for the
>> designated recipient(s). It may contain confidential or proprietary
>> information and may be subject to confidentiality protections. If you
>> are not a designated recipient, you may not review, copy or distribute
>> this message. If you receive this in error, please notify the sender
>> by reply e-mail and delete this message. Thank you.
>> *******************************************************************_______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> Kris Seeburn
>> seeburn.k at gmail.com
>> * www.linkedin.com/in/kseeburn/ [8]
>> <KeepItOn_Social_animated.gif>
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> --
>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>> Mit freundlichen Grüßen,
>> Volker A. Greimann
>> - Rechtsabteilung -
>> Key-Systems GmbH
>> Im Oberen Werk 1
>> 66386 St. Ingbert
>> Tel.: +49 (0) 6894 - 9396 901
>> Fax.: +49 (0) 6894 - 9396 851
>> Email: vgreimann at key-systems.net
>> Web: www.key-systems.net [1] / www.RRPproxy.net [2]
>> www.domaindiscount24.com [3] / www.BrandShelter.com [4]
>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
>> www.facebook.com/KeySystems [5]
>> www.twitter.com/key_systems [6]
>> Geschäftsführer: Alexander Siffrin
>> Handelsregister Nr.: HR B 18835 - Saarbruecken
>> Umsatzsteuer ID.: DE211006534
>> Member of the KEYDRIVE GROUP
>> www.keydrive.lu [7]
>> Der Inhalt dieser Nachricht ist vertraulich und nur für den
>> angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe,
>> Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist
>> unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so
>> bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung
>> zu setzen.
>> --------------------------------------------
>> Should you have any further questions, please do not hesitate to
>> contact us.
>> Best regards,
>> Volker A. Greimann
>> - legal department -
>> Key-Systems GmbH
>> Im Oberen Werk 1
>> 66386 St. Ingbert
>> Tel.: +49 (0) 6894 - 9396 901
>> Fax.: +49 (0) 6894 - 9396 851
>> Email: vgreimann at key-systems.net
>> Web: www.key-systems.net [1] / www.RRPproxy.net [2]
>> www.domaindiscount24.com [3] / www.BrandShelter.com [4]
>> Follow us on Twitter or join our fan community on Facebook and stay
>> updated:
>> www.facebook.com/KeySystems [5]
>> www.twitter.com/key_systems [6]
>> CEO: Alexander Siffrin
>> Registration No.: HR B 18835 - Saarbruecken
>> V.A.T. ID.: DE211006534
>> Member of the KEYDRIVE GROUP
>> www.keydrive.lu [7]
>> This e-mail and its attachments is intended only for the person to
>> whom it is addressed. Furthermore it is not permitted to publish any
>> content of this email. You must not use, disclose, copy, print or rely
>> on this e-mail. If an addressing or transmission error has misdirected
>> this e-mail, kindly notify the author by replying to this e-mail or
>> contacting us by telephone.
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> --
>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>> Mit freundlichen Grüßen,
>> Volker A. Greimann
>> - Rechtsabteilung -
>> Key-Systems GmbH
>> Im Oberen Werk 1
>> 66386 St. Ingbert
>> Tel.: +49 (0) 6894 - 9396 901
>> Fax.: +49 (0) 6894 - 9396 851
>> Email: vgreimann at key-systems.net
>> Web: www.key-systems.net [1] / www.RRPproxy.net [2]
>> www.domaindiscount24.com [3] / www.BrandShelter.com [4]
>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
>> www.facebook.com/KeySystems [5]
>> www.twitter.com/key_systems [6]
>> Geschäftsführer: Alexander Siffrin
>> Handelsregister Nr.: HR B 18835 - Saarbruecken
>> Umsatzsteuer ID.: DE211006534
>> Member of the KEYDRIVE GROUP
>> www.keydrive.lu [7]
>> Der Inhalt dieser Nachricht ist vertraulich und nur für den
>> angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe,
>> Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist
>> unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so
>> bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung
>> zu setzen.
>> --------------------------------------------
>> Should you have any further questions, please do not hesitate to
>> contact us.
>> Best regards,
>> Volker A. Greimann
>> - legal department -
>> Key-Systems GmbH
>> Im Oberen Werk 1
>> 66386 St. Ingbert
>> Tel.: +49 (0) 6894 - 9396 901
>> Fax.: +49 (0) 6894 - 9396 851
>> Email: vgreimann at key-systems.net
>> Web: www.key-systems.net [1] / www.RRPproxy.net [2]
>> www.domaindiscount24.com [3] / www.BrandShelter.com [4]
>> Follow us on Twitter or join our fan community on Facebook and stay
>> updated:
>> www.facebook.com/KeySystems [5]
>> www.twitter.com/key_systems [6]
>> CEO: Alexander Siffrin
>> Registration No.: HR B 18835 - Saarbruecken
>> V.A.T. ID.: DE211006534
>> Member of the KEYDRIVE GROUP
>> www.keydrive.lu [7]
>> This e-mail and its attachments is intended only for the person to
>> whom it is addressed. Furthermore it is not permitted to publish any
>> content of this email. You must not use, disclose, copy, print or rely
>> on this e-mail. If an addressing or transmission error has misdirected
>> this e-mail, kindly notify the author by replying to this e-mail or
>> contacting us by telephone.
>> Links:
>> ------
>> [1] http://www.key-systems.net
>> [2] http://www.RRPproxy.net
>> [3] http://www.domaindiscount24.com
>> [4] http://www.BrandShelter.com
>> [5] http://www.facebook.com/KeySystems
>> [6] http://www.twitter.com/key_systems
>> [7] http://www.keydrive.lu
>> [8] http://www.linkedin.com/in/kseeburn/
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
More information about the gnso-rds-pdp-wg
mailing list