[gnso-rds-pdp-wg] Facebook loses Belgian court case over consent and tracking

allison nixon elsakoo at gmail.com
Tue Feb 20 17:58:43 UTC 2018 

Hi Volker,

My response was not intended for the list. It was only because you emailed
me directly. Please keep the responses on-list.

On Tue, Feb 20, 2018 at 12:41 PM, Volker Greimann <vgreimann at key-systems.net
> wrote:

> Thank you for your helpful, concise but erroneous contribution.
>
> The difference between whois details and DNS entries, name servers, etc is
> that the latter are actually technically necessary to provide the service,
> so comparing the two is like comparing apples to elephants. Not even in the
> same classification of life.
>
> Volker
>
>
> On 20. Feb 2018, at 18:35, allison nixon <elsakoo at gmail.com> wrote:
>
> wrong
>
> On Tue, Feb 20, 2018 at 12:35 PM, Volker Greimann <
> vgreimann at key-systems.net> wrote:
>
>> Actually, we can. No whois, no risk of prosecution for unlawful
>> processing in form of publication.
>>
>>
>> On 20. Feb 2018, at 17:47, allison nixon <elsakoo at gmail.com> wrote:
>>
>> 1,000,000% agreed. Registrars cannot eliminate all their risk by masking
>> WHOIS into oblivion. The DPAs can still ask why they are exposing A
>> records, nameservers, etc, to anyone who asks for them, without valid
>> reasons or authentication. Why do they expose zone files, etc. The DPAs can
>> ask why customer support can sometimes so easily be social engineered into
>> handing over accounts to account takeover scammers.
>>
>> Since most registrars are also hosting providers/mail providers, would
>> criminals storing stolen PII on your servers be a GDPR issue? After all,
>> the ultimate owner of the server is also considered a "processor", which
>> has interesting implications if one's customers include phishers, or sell
>> stolen credit cards, and one's already been notified. I have even seen
>> miscreants putting doxes in TXT records.
>>
>> I already know of quite a few incidents where people would have had
>> standing to file a GDPR complaint against registrars/hosters, unrelated to
>> WHOIS.
>>
>> Eventually the issue is going to impact the core business model of
>> registrars. This isn't going to stop at WHOIS. An open dialog with the DPAs
>> at an early stage is of utmost importance for all parties involved here.
>>
>>
>> On Mon, Feb 19, 2018 at 10:16 AM, Sam Lanfranco <sam at lanfranco.net>
>> wrote:
>>
>>> Benny,
>>>
>>> This is why I support multi-venue multi-stakholder dialogue with the
>>> DPA's so that they are appraised of the issues on all sides of the data
>>> protection issue. They are then more likely to act in a judicious manner,
>>> and less like an attack dog. Watch the new movie "*The Post*" where
>>> when *Washington Post* owner Katharine Graham decided to publish the
>>> Vietnam War Pentagon Papers, with the downside risk that she could be
>>> jailed for treason. The court ruled in favor of freedom of the press. It is
>>> not what the DPA can do, but what they are likely to do, and dialogue goes
>>> a long way to mitigating risk and shaping appropriate positions and
>>> behavior (with integrity) on all sides.
>>>
>>> Sam L.
>>>
>>> On 2/19/2018 10:02 AM, benny at nordreg.se wrote:
>>>
>>> <ironi on> Now I am relieved, we as registrars will not be subject for
>>> anything… </ironi off>
>>>
>>> None of us know where and what they will prioritise,* remember that it
>>> only take 1 complaint to a DPA to get the snowball moving.* [emphasis
>>> added] I am sure your statement have noe value then.
>>>
>>> --
>>> Med vänliga hälsningar / Kind Regards / Med vennlig hilsen
>>>
>>> Benny Samuelsen
>>> Registry Manager - Domainexpert
>>>
>>> Nordreg AB - ICANN accredited registrar
>>> IANA-ID: 638
>>> Phone: +46.42197000 <+46%2042%2019%2070%2000>
>>> Direct: +47.32260201 <+47%2032%2026%2002%2001>
>>> Mobile: +47.40410200 <+47%20404%2010%20200>
>>>
>>> On 19 Feb 2018, at 15:29, Sam Lanfranco <sam at lanfranco.net> wrote:
>>>
>>> Hi Tim,
>>>
>>> No, completely to the contrary. My point with that dollars reference was
>>> that in some cases litigation is the preferred business response, rather
>>> than compliance and paying fines. Also, the big revenues in mining big data
>>> are outside the DNS sphere, and outside the abuses and "bad things" that
>>> websites do to people. The big EU fines are more likely to hit social media
>>> than Registrars, although they are risks there as well. The revenues, and
>>> privacy violations, will come from profiling users by mining big data for
>>> scraps of personal date to individualize target marketing.
>>>
>>> *As a brief aside:* This goes well beyond the remit of ICANN and is
>>> actually worse than just being inundated by adverts base on personal online
>>> behavior. Artificial Intelligence mining apps are increasingly customizing
>>> the "news" one gets from news feeds, to help "glue the eyeballs" to the
>>> adverts, creating a news silo of one.  (That is amusing for me since I
>>> virtually live in two towns in two countries). Even more worrisome is the
>>> growing practice for A.I. companies where A.I. "writes" the news releases,
>>> now mainly in sports and finance, for thousands of print and online news
>>> outlets. I know all of this is outside the ICANN remit so I will stop
>>> there.
>>>
>>> Sam L.
>>>
>>> On 2/18/2018 5:43 PM, Chen, Tim wrote:
>>>
>>> Hi Sam,
>>>
>>> When you say these are hundred million dollar issues for "the
>>> companies",which companies are you talking about?  Large Registrars?
>>>
>>> I hope you are not comparing cybersecurity professionals and the good
>>> work they are trying to enable, to a completely separate privacy issue
>>> around data used for ad tracking or behavior tracking across websites.  If
>>> I spent my days trying to protect people on the internet from bad things, I
>>> would certainly not appreciate any allusion that I was engaged on the whois
>>> data issue 'for the money'.
>>>
>>> Tim
>>>
>>>
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>
>>>
>>>
>>> --
>>> ------------------------------------------------
>>> "It is a disgrace to be rich and honoured
>>> in an unjust state" -Confucius
>>>  邦有道,贫且贱焉,耻也。邦无道,富且贵焉,耻也
>>> ------------------------------------------------
>>> Visiting Prof, Xi'an Jaiotong-Liverpool Univ, Suzhou, China
>>> Dr Sam Lanfranco (Prof Emeritus & Senior Scholar)
>>> Econ, York U., Toronto, Ontario, CANADA - M3J 1P3
>>> email: sam at lanfranco.net   Skype: slanfranco
>>> blog:  https://samlanfranco.blogspot.com
>>> Phone: +1 613-476-0429 <(613)%20476-0429> cell: +1 416-816-2852 <(416)%20816-2852>
>>>
>>>
>>> _______________________________________________
>>> gnso-rds-pdp-wg mailing list
>>> gnso-rds-pdp-wg at icann.org
>>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>>
>>
>>
>>
>> --
>> _________________________________
>> Note to self: Pillage BEFORE burning.
>> _______________________________________________
>> gnso-rds-pdp-wg mailing list
>> gnso-rds-pdp-wg at icann.org
>> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>>
>>
>> --
>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>>
>> Mit freundlichen Grüßen,
>>
>> Volker A. Greimann
>> - Rechtsabteilung -
>>
>> Key-Systems GmbH
>> Im Oberen Werk 1
>> <https://maps.google.com/?q=Im+Oberen+Werk+1+66386+St.+Ingbert&entry=gmail&source=g>
>> 66386 St. Ingbert
>> <https://maps.google.com/?q=Im+Oberen+Werk+1+66386+St.+Ingbert&entry=gmail&source=g>
>> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
>> Fax.: +49 (0) 6894 - 9396 851 <+49%206894%209396851>
>> Email: vgreimann at key-systems.net <vgreimann at key-systems.net>
>>
>> Web: www.key-systems.net / www.RRPproxy.net <http://www.rrpproxy.net/>
>> www.domaindiscount24.com / www.BrandShelter.com
>> <http://www.brandshelter.com/>
>>
>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
>> www.facebook.com/KeySystems
>> www.twitter.com/key_systems
>>
>> Geschäftsführer: Alexander Siffrin
>> Handelsregister Nr.: HR B 18835 - Saarbruecken
>> Umsatzsteuer ID.: DE211006534
>>
>> Member of the KEYDRIVE GROUP
>> www.keydrive.lu
>>
>> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen
>> Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder
>> Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese
>> Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per
>> E-Mail oder telefonisch in Verbindung zu setzen.
>>
>> --------------------------------------------
>>
>> Should you have any further questions, please do not hesitate to contact
>> us.
>>
>> Best regards,
>>
>> Volker A. Greimann
>> - legal department -
>>
>> Key-Systems GmbH
>> Im Oberen Werk 1
>> <https://maps.google.com/?q=Im+Oberen+Werk+1+66386+St.+Ingbert&entry=gmail&source=g>
>> 66386 St. Ingbert
>> <https://maps.google.com/?q=Im+Oberen+Werk+1+66386+St.+Ingbert&entry=gmail&source=g>
>> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
>> Fax.: +49 (0) 6894 - 9396 851 <+49%206894%209396851>
>> Email: vgreimann at key-systems.net
>>
>> Web: www.key-systems.net / www.RRPproxy.net <http://www.rrpproxy.net/>
>> www.domaindiscount24.com / www.BrandShelter.com
>> <http://www.brandshelter.com/>
>>
>> Follow us on Twitter or join our fan community on Facebook and stay
>> updated:
>> www.facebook.com/KeySystems
>> www.twitter.com/key_systems
>>
>> CEO: Alexander Siffrin
>> Registration No.: HR B 18835 - Saarbruecken
>> V.A.T. ID.: DE211006534
>>
>> Member of the KEYDRIVE GROUP
>> www.keydrive.lu
>>
>> This e-mail and its attachments is intended only for the person to whom
>> it is addressed. Furthermore it is not permitted to publish any content of
>> this email. You must not use, disclose, copy, print or rely on this e-mail.
>> If an addressing or transmission error has misdirected this e-mail, kindly
>> notify the author by replying to this e-mail or contacting us by telephone.
>>
>>
>
>
> --
> _________________________________
> Note to self: Pillage BEFORE burning.
>
>
> --
> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>
> Mit freundlichen Grüßen,
>
> Volker A. Greimann
> - Rechtsabteilung -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
> Fax.: +49 (0) 6894 - 9396 851 <+49%206894%209396851>
> Email: vgreimann at key-systems.net <vgreimann at key-systems.net>
>
> Web: www.key-systems.net / www.RRPproxy.net
> www.domaindiscount24.com / www.BrandShelter.com
>
> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
> www.facebook.com/KeySystems
> www.twitter.com/key_systems
>
> Geschäftsführer: Alexander Siffrin
> Handelsregister Nr.: HR B 18835 - Saarbruecken
> Umsatzsteuer ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu
>
> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen
> Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder
> Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese
> Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per
> E-Mail oder telefonisch in Verbindung zu setzen.
>
> --------------------------------------------
>
> Should you have any further questions, please do not hesitate to contact
> us.
>
> Best regards,
>
> Volker A. Greimann
> - legal department -
>
> Key-Systems GmbH
> Im Oberen Werk 1
> 66386 St. Ingbert
> Tel.: +49 (0) 6894 - 9396 901 <+49%206894%209396901>
> Fax.: +49 (0) 6894 - 9396 851 <+49%206894%209396851>
> Email: vgreimann at key-systems.net
>
> Web: www.key-systems.net / www.RRPproxy.net
> www.domaindiscount24.com / www.BrandShelter.com
>
> Follow us on Twitter or join our fan community on Facebook and stay
> updated:
> www.facebook.com/KeySystems
> www.twitter.com/key_systems
>
> CEO: Alexander Siffrin
> Registration No.: HR B 18835 - Saarbruecken
> V.A.T. ID.: DE211006534
>
> Member of the KEYDRIVE GROUP
> www.keydrive.lu
>
> This e-mail and its attachments is intended only for the person to whom it
> is addressed. Furthermore it is not permitted to publish any content of
> this email. You must not use, disclose, copy, print or rely on this e-mail.
> If an addressing or transmission error has misdirected this e-mail, kindly
> notify the author by replying to this e-mail or contacting us by telephone.
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>



-- 
_________________________________
Note to self: Pillage BEFORE burning.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20180220/54b5458b/attachment-0001.html>

More information about the gnso-rds-pdp-wg mailing list