[ALAC] Draft Principles for GDPR

h.raiche at internode.on.net h.raiche at internode.on.net
Wed Jul 11 10:17:48 UTC 2018 

Hi Tijani
I think we can both agree that it is about the public interest.  And
while privacy is a big part of that, so are other issues - a safe,
stable DNS etc.  

I have asked that this discussion is on the wiki so that there is a
place for everyone to contribute - and I hope you will participate as
well.  

We need agreed principles for the people who will sit on the EpDP -
which means we need to hear from everyone - you included
Holly

----- Original Message -----
From: "Tijani BEN JEMAA" 
To:"Jonathan Zuck" 
Cc:"h.raiche at internode.on.net" , "ALAC List" , "A t" 
Sent:Wed, 11 Jul 2018 09:33:16 +0100
Subject:Re: [ALAC] Draft Principles for GDPR

 Good morning everyone,
 I disagree with this statement Jonathan. The registrants represent
the active part of the end-users. we are responsible to defend their
interest. I have heard such reflection, and it always lead to be more
aligned with the commercial interests. We need to be careful and be
always for the public interest, not for the political or commercial
interests.  
 
-----------------------------------------------------------------------------
TIJANI BEN JEMAA Executive Director  Mediterranean Federation of
Internet Associations (FMAI)  Phone: +216 98 330 114           
   +216 52 385 114 
-----------------------------------------------------------------------------


 Le 10 juil. 2018 à 22:27, Jonathan Zuck  a écrit : 
  Thanks Holly for getting this started.  I guess what we’re after
are some basic principles on our _perspective_ on the GDPR. The temp
spec is the temp spec so some of this will apply for sure, if we reach
some consensus on these but there are areas that are simply part of
the law over which we don’t have influence. A principle might be
something like

	  

	* The ALAC feels responsible to represent the interests of
non-registrants more so than registrants as they represent the
majority of users.

I’m not saying we’ve agreed to that but that’s the kind of
filter we could send our reps in with?

	  Jonathan

	  

	   FROM: ALAC  on behalf of "h.raiche at internode.on.net [3]" 
REPLY-TO: "h.raiche at internode.on.net [5]" 
DATE: Tuesday, July 10, 2018 at 5:22 PM
TO: ALAC List , A t 
SUBJECT: [ALAC] Draft Principles for GDPR

	  Folks

	  Since we all think principles are a good idea, I have set down the
basics from the Temporary Spec - very simplistic, but it's a start. 
What we need now is discussion on the principles.

	  Evin - I'm not sure if you have a new wiki page for discussion on
the temporary spec, but if not, would you create on.

	  And Olivier - the Temporary Spec necessarily will deal with access
- at the least, guiding principles, so whoever is on the EPDP will
have some guidance on our red lines on access.

	  So please everyone - comments

	  Thanks

	  Holly

	   

	TEMPORARY SPECIFICATION FOR GTLD REGISTRATION DATA

	  

	   

	   PRINCIPLES FOR REQUIREMENTS TO REPLACE THE RAA/REGISTRY
REQUIREMENTS

	   _(within the context of compliance with the GDPR)_

	   _ _

	   PURPOSE OF COLLECTION OF DATA

	Quoting from the Temporary Spec – which is quoting from the ICANN
Bylaws:

	_purpose is to coordinate the bottom-up, multistakeholder development
and implementation of policies “[f]or which uniform or coordinated
resolution is reasonably necessary to facilitate the openness,
interoperability, resilience, security and/or stability of the DNS
including, with respect to gTLD registrars and registries”_

	  _Purpose includes_

	·       􏰂  resolution of disputes regarding the
registration of domain names (as opposed to the use of such domain
names, but including where such policies take into account use of the
domain names); 

	·       􏰂  maintenance of and access to accurate and
up-to-date information concerning registered names and name servers;

	·       􏰂  procedures to avoid disruptions of domain
name registrations due to suspension or termination of operations by a
registry operator or a registrar (e.g., escrow); and 

	·       􏰂  the transfer of registration data upon a
change in registrar sponsoring one or more registered names.

	 

	the Bylaws specifically obligate ICANN, in carrying out its mandate,
to “adequately address issues of competition, consumer protection,
security, stability and resiliency, malicious abuse issues,
sovereignty concerns, and rights protection” 

	  _ _

	   GEOGRAPHIC COVERAGE OF EPDP OUTCOME:

	·      Apply globally OR

	·      Apply only to European Economic Area (the coverage of
the GD
R) and otherwise lesser requirements (existing RAA requirements?)

	  

	   DATA COLLECTED

	·      ‘Thick Whois” – based on the differing uses of
the data is listed in the purpose above – OR

	·      Some lesser amount of information

	  

	   CONSENT

	·      Registrants must be told, at the time of collection,
what personal information is collected, why the collection is 
necessary to achieve the purposes, who will have access and in what
circumstances  access will be given to what information, and all
circumstances in which the data will be transferred (to Registry,
Escrow) and where heldThey must also be told their consent can be
withdrawn at any time (and consequences of withdrawal) and how to
withdraw consent

	  

	   ACCESS TO DATA – TIERED ACCESS (LARGELY WHAT IS IN THE TECHNICAL
SPECIFICATION)

	·      Applies to all Registrants – natural or corporate
persons

	·      Information generally publicly available

	o   Registrant name

	o   Anonymised email or other anonymous contact means

	·      Access to other personal information – 

	o   Only to accredited entities (not individuals)– 

	o   Only in specific circumstances that warrant access

	   _______________________________________________
ALAC mailing list
ALAC at atlarge-lists.icann.org [9]
https://atlarge-lists.icann.org/mailman/listinfo/alac [10]

At-Large Online: http://www.atlarge.icann.org [11]
ALAC Working Wiki:
https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)
[12]   
 

Links:
------
[1] mailto:JZuck at innovatorsnetwork.org
[2] mailto:alac-bounces at atlarge-lists.icann.org
[3] mailto:h.raiche at internode.on.net
[4] mailto:h.raiche at internode.on.net
[5] mailto:h.raiche at internode.on.net
[6] mailto:h.raiche at internode.on.net
[7] mailto:alac at atlarge-lists.icann.org
[8] mailto:staff at atlarge.icann.org
[9] mailto:ALAC at atlarge-listsicann.org
[10] https://atlarge-lists.icann.org/mailman/listinfo/alac
[11] http://www.atlarge.icann.org
[12]
https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://atlarge-lists.icann.org/pipermail/alac/attachments/20180711/f96d3d0c/attachment.html>

More information about the ALAC mailing list