[RDS-WHOIS2-RT] Rec SG.1
Alan Greenberg
alan.greenberg at mcgill.ca
Wed Dec 12 12:37:35 UTC 2018
Rec SG.1
New sentence added at the end:
The ICANN Board should require that the ICANN Organization, in consultation with data security and privacy expert(s), ensure that all contracts with contracted parties (to include Privacy/Proxy services when such contracts exist) include uniform and strong requirements for the protection of registrant data and for ICANN to be notified in the event of any data breach. The data security expert(s) should also consider and advise on what level or magnitude of breach warrants such notification.
In carrying out this review, the data security and privacy expert(s) should consider to what extent GDPR regulations, which many but not all ICANN contracted parties are subject to, could or should be used as a basis for ICANN requirements. The ICANN Board must either negotiate appropriate contractual changes or initiate a GNSO PDP to consider effecting such changes.
The ICAN Board should consider whether and to what extent notifications of breaches that it receives should be publicly disclosed.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/rds-whois2-rt/attachments/20181212/60c5585b/attachment.html>
More information about the RDS-WHOIS2-RT
mailing list