[gnso-rds-pdp-wg] Equifax hack worse than previously thought: Biz kissed goodbye to card expiry dates, tax IDs etc

Volker Greimann vgreimann at key-systems.net
Thu Feb 15 11:29:52 UTC 2018 

That would be problematic, as you should know, since there is no clear 
cut line of what would constitute over-enforcement or under-enforcement. 
Well, the latter will resolve itself due to the incoming DPA actions.

I also never heard of fees to be paid into a fund by those simply trying 
to remain compliant with their applicable laws.

Contracted parties have been stating for years, if not over a decade 
that publication whois details in the current form and shape is 
problematic from a data protection perspective. We have repeatedly tried 
to drive home the point that the current system is not sustainable. We 
were ignored or ridiculed, or asked to get sued to prove our point. Now 
that we are forced to take action, everybody is protesting as if this 
were something new. It is not. Now we have to do a short-term fix, that 
will hurt more than it would have needed to if everyone had cooperated 
in good faith to reform whois years ago. The status quo will change.

Our job is now to cooperate in good faith to build a new universal 
system that still fits most needs but also takes data protection as its 
core principle.

Volker out!



Am 15.02.2018 um 05:14 schrieb Greg Shatan:
> In a similar vein, ICANN could establish an “Over-enforce the GDPR 
> Fund,” in which everyone who thinks the GDPR’s data blackout should be 
> extended to the data of non-EU and legal persons would pay in, and it 
> would be used to defray the expenses incurred by those who should have 
> access to information and instead must expend additional time, money 
> and effort, and often incur additional harm, due GDPR over-enforcement.
>
> On Wed, Feb 14, 2018 at 5:03 AM Volker Greimann 
> <vgreimann at key-systems.net <mailto:vgreimann at key-systems.net>> wrote:
>
>     Maybe you are hitting on something here.
>
>     ICANN could just establish a "Leave-Whois-as-it-is" legal defense
>     fund. Everyone who argues that whois should remain as it is has to
>     pay into that fund and everyone who is fined by data protection
>     violations can take the fines and their legal costs out of that
>     fund. Of course, that would necessitate huge investments to set up
>     the fund from mainly volunteer organizations that do not actually
>     have the means to support it.
>
>     Best,
>
>     Volker
>
>
>     Am 14.02.2018 um 02:21 schrieb Rubens Kuhl:
>>
>>
>>>     On 13 Feb 2018, at 20:32, John Horton
>>>     <john.horton at legitscript.com
>>>     <mailto:john.horton at legitscript.com>> wrote:
>>>
>>>     Thanks, Rubens -- I don't agree with that interpretation. (I
>>>     think you mean the Q&A memo Section 2, right?) See memo here
>>>     <https://www.icann.org/en/system/files/files/gdpr-memorandum-part2-18dec17-en.pdf>.
>>>     Let me know if you meant the first or a different one.
>>
>>
>>     It's exactly that memo.
>>     Since you don't agree, does that mean that your organisation is
>>     willing to pay every GDPR fine contracted parties get from
>>     following your interpretation ? Because if you are unwilling to
>>     do that, then your belief in that interpretation is not rock solid.
>>
>>     What I can tell you is that this risk has been flagged by that
>>     paper, by the eco model and by internal analysis of some
>>     registries, all independently of each other; which means you will
>>     likely see a good number of contracted parties following exactly
>>     the path I outlined in order to mitigate this risk.
>>
>>     If you see things differently, get Europeans DPAs to put that in
>>     writing, and we are all good to go.
>>
>>
>>
>>     Rubens
>>
>>
>>
>>
>>
>>     _______________________________________________
>>     gnso-rds-pdp-wg mailing list
>>     gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>>     https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
>     _______________________________________________
>     gnso-rds-pdp-wg mailing list
>     gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>     https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20180215/e862b16f/attachment.html>

More information about the gnso-rds-pdp-wg mailing list