[gnso-rds-pdp-wg] Legal Inquiry to ICANN

[Michael Palage]

Michael,

 

I never said it (the answers to some legal inquiries) was the be all end all of the GDPR.  However, the GDPR is like a complex mathematical equation with various unknown variables, and by answering/narrowing down some fundamental legal questions we make the overall problem more manageable. As Chuck has noted this is something that I think can be done in parallel with our other work, this is NOT intended to be a gating/delay tactic. 

 

Having being involved in the domain name industry for almost 25 years the GDPR is not the FIRST national law that has created difficulties for the industry and lets begin with some US laws and regulations.  The Office of Foreign Asset Control (OFAC) has imposed restrictions on US business engaging in commercial transactions with prohibited/sanctioned governments/individuals. I have had to deal with several such incidents over the years.  In fact upon information and belief both VeriSign and ICANN have waivers from OFAC to preform certain DNS activity. Here is a good article summarizing this legal issue, see https://www.internetgovernance.org/2017/01/13/icanns-jurisdiction-sanctions-and-domain-names/  

 

Now some of my IP colleagues on this mailing list have expressed concern about the extraterritorial aspect of the GDPR and how it will impede their enforcement rights.  However, when the US government passed the ACPA and provided for in rem jurisdiction in connection with every registered .COM domain regardless if the registrant and registrar were located elsewhere they did not complain. 

 

As I have tried to repeat on multiple instances the ICANN multi-stakeholder model is now facing a very real and systemic threat to its existence.  In my opinion the IANA transition was a mixed blessing.  While I think it was important to remove the perceived oversight and control that a single government had over a critical global resource, ICANN now finds itself somewhat on its own trying to navigate very complex international waters.  It no longer can fall back and rely upon the USG to be its protector in chief.  The GDPR is just the first of many national laws that will test the resolve of the multi-stakeholder model. Again not to sound like a broken record, but national data localization laws will be the next BIG challenge to confront ICANN and the domain name industry.

 

If the ICANN model fails there will probably be no shortage of existing or to be created inter-governmental organization looking to fill the void.  If my memory serves me correct the US has previous included domain name related issues into bi-lateral trade agreements with other countries. The idea of the ICANN multi-stakeholder model was to be a place to potential resolve these issues in a more efficient manner.  Sadly the more bloated ICANN has become as an organization the slower it has become. 

 

Best regards,

 

Michael 

 

 

 

 

From: Dotzero [mailto:dotzero at gmail.com] 
Sent: Thursday, February 15, 2018 8:59 AM
To: Ayden Férdeline <icann at ferdeline.com>
Cc: Michael Palage <michael at palage.com>; RDS PDP WG <gnso-rds-pdp-wg at icann.org>
Subject: Re: [gnso-rds-pdp-wg] Legal Inquiry to ICANN

 

To simply assert that the extraterritorial nature of GDPR is the end all and be all falls into the realm of the absurd. If another jurisdiction passes legislation mandating publication of identifying (personal) information in whois, what then? What happens if you are "Trumped" by U.S. legislation? Do you really want to see a trade war or worse? We are dealing with a complex and difficult situation that is the equivalent of wrestling a jello snake in a vat of oil. We are best served by seeking outcomes that accommodate GDPR as best as possible and recognize that other jurisdictions do not necessarily follow the same principles as GDPR. I say this even though I agree with many of the principles embodied in GDPR.

 

Michael Hammer

 

 

On Wed, Feb 14, 2018 at 6:07 PM, Ayden Férdeline <icann at ferdeline.com <mailto:icann at ferdeline.com> > wrote:

I do not support this as a path forward.

 

We have seen repeatedly that the legal advice we have been issued has been ignored by those who are unhappy with the message contained within it.

 

And I disagree with the assertion that there is a "clear lack of consensus" on the question of the extraterritorial nature of the GDPR.

 

To continue dwelling on this question will ensure that we never make any progress as a working group.

 

— Ayden  

 

 

-------- Original Message --------

On 15 February 2018 12:01 AM, Michael Palage <michael at palage.com <mailto:michael at palage.com> > wrote:

 

Chuck,

 

As one of the original authors to the this extraterritorial thread, I welcome all the legal interpretation by both lawyers and non-lawyers in connection the scope to Article 3 of the GDPR. I  think it is fair to say there is a clear lack of consensus.  Therefore I would like to propose the following.  Allow the group to comprise a list of legal questions regarding this issue and forward it to ICANN.org and ask of them the following:

 

1.	Provide the list of questions to Hamilton for a response
2.	Have ICANN legal provide a response to these same questions

 

The reason for Number 2 is that John Jeffrey made very clear in the last webinar that he does NOT agree with all of the Hamilton analysis.  I think us ICANN volunteers toiling away in the PDP coal mine are entitled/deserve an answer to these questions to allow us to move forward with more productive work It does the group no good for a bunch of well-intentioned individuals lacking the requisite legal training to debate these issues.

 

Best regards,

 

Michael

 


_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org> 
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20180215/e84e86d9/attachment.html>