[gnso-rds-pdp-wg] Using the GDPR as a basis for RDS Policy is backwards
Michele Neylon - Blacknight
michele at blacknight.com
Wed Feb 14 20:46:30 UTC 2018
John
I cannot agree with either of your statements. Others have weighed in on the first one, so I won’t repeat what has been said.
The second one is a mischaracterisation of what registrars (and registries) are dealing with, unless you consider protecting your business from breaking the law as an “objective”.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
https://www.blacknight.com
https://blacknight.blog /
http://ceo.hosting/
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow, R93 X265
,Ireland Company No.: 370845
From: gnso-rds-pdp-wg <gnso-rds-pdp-wg-bounces at icann.org> on behalf of John Horton via gnso-rds-pdp-wg <gnso-rds-pdp-wg at icann.org>
Reply-To: John Horton <john.horton at legitscript.com>
Date: Wednesday 14 February 2018 at 20:08
To: Chuck <consult at cgomes.com>
Cc: RDS PDP WG <gnso-rds-pdp-wg at icann.org>
Subject: Re: [gnso-rds-pdp-wg] Using the GDPR as a basis for RDS Policy is backwards
Thanks, Chuck. I think whatever changes are required by the GDPR can be accomplished with changes that, in my view, do not constitute a fundamental change to Whois/RDS. Beyond what I think are non-fundamental changes relating to the GDPR, I do not believe that any changes are a "must." As to your question:
* There is a limited set of registrants that is entitled to GDPR protection. There is a very large class of registrants that is not entitled to GDPR protection. There is disagreement about where this line is, but this seems to be something where consensus is possible and there's an objectively, legally correct answer.
* It is possible to protect that subset of registrants through (e.g.) complimentary privacy protection, as well as some other limited policies granting access to the data for a legitimate purpose (etc., everything we've been discussing).
* Whether a registrant is, in fact, an entity that is in the very limited class entitled to GDPR protection can be determined during the registration process, and ICANN policy can require registrars to add these fields to the registration process. Existing registrants can be asked to update their information.
* Aside from the policies requiring that those additional data fields be collected during the registration process (e.g., are you an EU citizen and other relevant questions), and that if certain answers are "TRUE" then privacy protection is automatically granted, Whois would not change. Port 43 access would continue as is, and so on.
I guess I would turn around and ask you and others if everyone agrees with these two statements:
1. The GDPR applies to, and is intended to benefit, a limited set of registrants.
2. Registrar convenience or business objectives is not a valid basis to support a policy change.
John Horton
President and CEO, LegitScript
[https://docs.google.com/uc?export=download&id=0B13GfLt8zwZJRXE5UTAtclVxdTg&revid=0B13GfLt8zwZJSG9zOUVwN1lFKzFrRVlnaWU0NGZ4RmdkUjg4PQ]
Follow LegitScript: LinkedIn<http://www.linkedin.com/company/legitscript-com> | Facebook<https://www.facebook.com/LegitScript> | Twitter<https://twitter.com/legitscript> | Blog<http://blog.legitscript.com/> | Newsletter<http://go.legitscript.com/Subscription-Management.html>
[https://www.legitscript.com/wp-content/uploads/2015/09/LegitScript-Workplace.png][https://docs.google.com/uc?export=download&id=0B13GfLt8zwZJTmNWbmcwOTVJMXc&revid=0B13GfLt8zwZJQlZWOXVGbG9acC9nRGhzdEkxclFJVytCWVNjPQ]
On Wed, Feb 14, 2018 at 11:35 AM, Chuck <consult at cgomes.com<mailto:consult at cgomes.com>> wrote:
John,
You said ‘no’ but your qualification says it needs to change, albeit in what you think is a minor change.
Do you believe that changing the RDS to accommodate the GDPR is Europe is a minor tweak? If so, please tell me what that minor tweak is.
Chuck
From: John Horton [mailto:john.horton at legitscript.com<mailto:john.horton at legitscript.com>]
Sent: Wednesday, February 14, 2018 11:26 AM
To: Chuck <consult at cgomes.com<mailto:consult at cgomes.com>>
Cc: Sara Bockey <sbockey at godaddy.com<mailto:sbockey at godaddy.com>>; Steve Crocker <steve at shinkuro.com<mailto:steve at shinkuro.com>>; RDS PDP WG <gnso-rds-pdp-wg at icann.org<mailto:gnso-rds-pdp-wg at icann.org>>
Subject: Re: [gnso-rds-pdp-wg] Using the GDPR as a basis for RDS Policy is backwards
Yes, I respectfully disagree with Sara's statement, Chuck. (With a small qualification.) I don't think you have consensus around that point, in my view. The qualification I'd make is: where there are specific regulatory reasons to either require or permit a change to existing Whois/RDS policy, provided that it's done in the most conservative way possible, I think that's reasonable to discuss. (The obvious example here is the GDPR.) Beyond that, I believe that one of the best alternatives that's (implicitly) presented so far is no change, as many (all?) of the proposed changes I've heard so far would be worse than the status quo.
So do I believe it "must" change? No, aside from a very limited tweak due to some specific regulatory issues. Do I believe it could be improved, and that improvements are worth discussing? Yes. But the answer to your question is: Yes, there is someone on this working group who respectfully disagrees with Sara's statement.
John Horton
President and CEO, LegitScript
[https://docs.google.com/uc?export=download&id=0B13GfLt8zwZJRXE5UTAtclVxdTg&revid=0B13GfLt8zwZJSG9zOUVwN1lFKzFrRVlnaWU0NGZ4RmdkUjg4PQ]
Follow LegitScript: LinkedIn<http://www.linkedin.com/company/legitscript-com> | Facebook<https://www.facebook.com/LegitScript> | Twitter<https://twitter.com/legitscript> | Blog<http://blog.legitscript.com/> | Newsletter<http://go.legitscript.com/Subscription-Management.html>
[https://www.legitscript.com/wp-content/uploads/2015/09/LegitScript-Workplace.png][https://docs.google.com/uc?export=download&id=0B13GfLt8zwZJTmNWbmcwOTVJMXc&revid=0B13GfLt8zwZJQlZWOXVGbG9acC9nRGhzdEkxclFJVytCWVNjPQ]
On Wed, Feb 14, 2018 at 11:08 AM, Chuck <consult at cgomes.com<mailto:consult at cgomes.com>> wrote:
Is there anyone in this WG who disagrees with Sara’s statement that ‘RDS must change’, understanding that we still have large differences of opinion regarding how to change it?
Chuck
From: gnso-rds-pdp-wg [mailto:gnso-rds-pdp-wg-bounces at icann.org<mailto:gnso-rds-pdp-wg-bounces at icann.org>] On Behalf Of Sara Bockey
Sent: Wednesday, February 14, 2018 9:22 AM
To: Steve Crocker <steve at shinkuro.com<mailto:steve at shinkuro.com>>; gnso-rds-pdp-wg at icann.org<mailto:gnso-rds-pdp-wg at icann.org>
Subject: Re: [gnso-rds-pdp-wg] Using the GDPR as a basis for RDS Policy is backwards
I agree with Steve and look forward to additional feedback from him.
RDS must change. Discussions to the contrary are a waste of time.
Sara
sara bockey
sr. policy manager | GoDaddy™
sbockey at godaddy.com<mailto:sbockey at godaddy.com> 480-366-3616<tel:(480)%20366-3616>
skype: sbockey
This email message and any attachments hereto is intended for use only by the addressee(s) named herein and may contain confidential information. If you have received this email in error, please immediately notify the sender and permanently delete the original and any copy of this message and its attachments.
From: gnso-rds-pdp-wg <gnso-rds-pdp-wg-bounces at icann.org<mailto:gnso-rds-pdp-wg-bounces at icann.org>> on behalf of Steve Crocker <steve at shinkuro.com<mailto:steve at shinkuro.com>>
Date: Wednesday, February 14, 2018 at 9:27 AM
To: "gnso-rds-pdp-wg at icann.org<mailto:gnso-rds-pdp-wg at icann.org>" <gnso-rds-pdp-wg at icann.org<mailto:gnso-rds-pdp-wg at icann.org>>
Subject: [gnso-rds-pdp-wg] Using the GDPR as a basis for RDS Policy is backwards
I am only partially up to speed on the state of discussion within this WG, but I have been following the RDS situation for several years. In my view, the current focus on GDPR, while understandable because of the looming deadline, is logically backwards. The challenge, which we tried to address forcefully in 2012, is to rethink the RDS from the ground up. In my view, this is:
o necessary
o feasible
o will lead to a much cleaner model
o will make it relatively straightforward to satisfy the GDPR and all similar regulations around the world.
There are also some issues such as the relationship of name server operators that also need to be addressed.
There is obviously much more that needs to be said. I will contribute as much and as quickly as I can.
Steve
_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg at icann.org<mailto:gnso-rds-pdp-wg at icann.org>
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20180214/1abf5607/attachment-0001.html>
More information about the gnso-rds-pdp-wg
mailing list