[gnso-rds-pdp-wg] More mandatory reading in preparation for ICANN AD

John Bambenek jcb at bambenekconsulting.com
Thu Oct 26 17:05:59 UTC 2017 

That is not impossible. I disagree there are 25 checkboxes any more than there will be 25 checkboxes needed to post a tweet. 

The checkbox is “this information will be in a public database and accessible world-wide so others can verify domain ownership and contact you. If you don’t like this, click private registration now.”

There is no need to overcomplicate a simple issue. 

--
John Bambenek

> On Oct 26, 2017, at 18:51, Theo Geurts <gtheo at xs4all.nl> wrote:
> 
> John,
> 
> Let's see.
> Escrow requirements Registry/Registrar.
> Country depended/Company depended and security level depended.
> Data retention spec (tons of data gathered there)
> ICANN, running several WHOIS programs in conjunction with third-party vendors by GAC marching orders.
> WHOIS data being processed by unknown third parties given its current public access.
> Over a 1000 TLDs scattered over all over the globe.
> 
> A simple gTLD registration will require a registrant to click at least 25 checkboxes to consent too.
> This is a conservative prediction and not meant to tick off WG members.
> 
> Theo Geurts
> 
> 
>> On 26-10-2017 18:34, John Bambenek via gnso-rds-pdp-wg wrote:
>> Exactly how does this document say that consent is practically impossible when my reading of it provides guidance of how such consent could be achieved?
>> 
>> As far as private by default, SHOULD is not MUST. The document doesn’t say that’s a hard requirement.
>> 
>> --
>> John Bambenek
>> 
>>> On Oct 26, 2017, at 16:01, Volker Greimann <vgreimann at key-systems.net> wrote:
>>> 
>>> The Council of Europe has just published a guide on privacy and data protection principles specifically for ICANN related data processing.
>>> 
>>> TL;DR:
>>> 
>>> 1) Data controller needs to define twofold purposes for processing; a) related to policy; b) for contracted parties and their agreements with data subjects.
>>> 
>>> 2) Data controller is fully liable for all data processing performed in accordance with purpose statement in compliance with all applicable laws.
>>> 
>>> 3) Data processed for purposes not included in purpose statement is unlawful.
>>> 
>>> 4) Data processing must be limited by guiding principles of necessity, proportionality and purpose limitation
>>> 
>>> 5) Data processing based on consent is practically impossible in ICANN context.
>>> 
>>> 6) Personal data must not be stored for longer than absolutely necessary for the legitimate purpose pursued.
>>> 
>>> 7) ICANN needs formal data transfer policy for trans-border transfers.
>>> 
>>> 8) Privacy by design and default as basis for all processing considerations.
>>> 
>>> -- 
>>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>>> 
>>> Mit freundlichen Grüßen,
>>> 
>>> Volker A. Greimann
>>> - Rechtsabteilung -
>>> 
>>> Key-Systems GmbH
>>> Im Oberen Werk 1
>>> 66386 St. Ingbert
>>> Tel.: +49 (0) 6894 - 9396 901
>>> Fax.: +49 (0) 6894 - 9396 851
>>> Email: vgreimann at key-systems.net
>>> 
>>> Web: www.key-systems.net / www.RRPproxy.net
>>> www.domaindiscount24.com / www.BrandShelter.com
>>> 
>>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
>>> www.facebook.com/KeySystems
>>> www.twitter.com/key_systems
>>> 
>>> Geschäftsführer: Alexander Siffrin
>>> Handelsregister Nr.: HR B 18835 - Saarbruecken
>>> Umsatzsteuer ID.: DE211006534
>>> 
>>> Member of the KEYDRIVE GROUP
>>> www.keydrive.lu
>>> 
>>> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>>> 
>>> --------------------------------------------
>>> 
>>> Should you have any further questions, please do not hesitate to contact us.
>>> 
>>> Best regards,
>>> 
>>> Volker A. Greimann
>>> - legal department -
>>> 
>>> Key-Systems GmbH
>>> Im Oberen Werk 1
>>> 66386 St. Ingbert
>>> Tel.: +49 (0) 6894 - 9396 901
>>> Fax.: +49 (0) 6894 - 9396 851
>>> Email: vgreimann at key-systems.net
>>> 
>>> Web: www.key-systems.net / www.RRPproxy.net
>>> www.domaindiscount24.com / www.BrandShelter.com
>>> 
>>> Follow us on Twitter or join our fan community on Facebook and stay updated:
>>> www.facebook.com/KeySystems
>>> www.twitter.com/key_systems
>>> 
>>> CEO: Alexander Siffrin
>>> Registration No.: HR B 18835 - Saarbruecken
>>> V.A.T. ID.: DE211006534
>>> 
>>> Member of the KEYDRIVE GROUP
>>> www.keydrive.lu
>>> 
>>> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>>> 
>>> 
>>> 
>>> <ICANN_privacy_guide_COE.pdf>
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>

More information about the gnso-rds-pdp-wg mailing list