[ALAC] Draft Principles for GDPR
Alan Greenberg
alan.greenberg at mcgill.ca
Wed Jul 11 15:27:06 UTC 2018
Carlton, I think that this is THE answer to the
question of why At-Large needs to participate in
this process. There are likely to be few GNSO
participants that look at it from this perspective.
See my comment at https://community.icann.org/x/_YlHBQ.
Alan
At 11/07/2018 11:10 AM, Carlton Samuels wrote:
>A good piece to introduce here. So we not mis
>read this let me state how the end user
>interest is inextricably conjoined with "third parties".
>
>The first is the protection of end users from
>predators and predatory practices enabled by the
>DNS. The vast majority of end users would not
>know a WHOIS record even it jumped up and bit
>them in the butt. We depend on others to help
>us, to be on the line for our collective sake.
>
>These surrogates, if you will, include the
>reputation companies, the antivirus folks, the
>researchers and a whole amalgam of third party interests.
>
>When the end user gets a green tick that says
>this is a safe website, it protects the end
>user. That springs from the work of reputation
>companies. Accesd to WHOIS data is vested in
>their formulaic response that keeps me from
>wandering, mouth-breathing, into dangerous territory.
>
>ICANN and the entire chain of connections in the
>DNS infrastructure has a role, each from a
>slightly different perspective. But reputation
>is not a sole interest as it is for these guys.
>And the end user is a beneficiary of this
>interest, which kicks in long way before the mainline DNS actors.
>
>This is just one example. But let us be clear.
>That end user interests are defended by
>surrogates and so-called third parties is not an
>outlier. I would argue it is the central case.
>
>The ALAC may not argue for end user interests
>absent an appreciation of the role in defending
>those interests by third parties. That would be
>a failure to recognize the facts as they
>are...and an egregious abdication of responsibilities.
>
>-Carlton
>
>On Wed, 11 Jul 2018, 7:51 am Bastiaan Goslings,
><<mailto:bastiaan.goslings at ams-ix.net>bastiaan.goslings at ams-ix.net> wrote:
>I think I can agree with both Jonathan/Alan and
>Tijani on this. And as a matter of principle
>Iâd therefore suggest to follow what the EDPB
>says on page 2
><https://www.icann.org/en/system/files/correspondence/jelinek-to-marby-05jul18-en.pdf>https://www.icann.org/en/system/files/correspondence/jelinek-to-marby-05jul18-en.pdf
>
>âThe EDPB considers it essential that a clear
>distinction be maintained between the different
>processing activities that take place in the
>context of WHOIS and the respective purposes
>pursued by the various stakeholders involved.
>(
) The EDPB therefore reiterates that ICANN
>should taake care not to conflate its own
>purposes with the interests of third parties,
>nor with the lawful grounds of processing which
>may be applicable in a particular caseâ
>
>
>
> > On 11 Jul 2018, at 12:17,
> <mailto:h.raiche at internode.on.net>h.raiche at internode.on.net wrote:
> >
> > Hi Tijani
> >
> > I think we can both agree that it is about
> the public interest. And while privacy is a
> big part of that, so are other issues - a safe, stable DNS etc.
> >
> > I have asked that this discussion is on the
> wiki so that there is a place for everyone to
> contribute - and I hope you will participate as well.
> >
> > We need agreed principles for the people who
> will sit on the EpDP - which means we need to hear from everyone - you included
> >
> > Holly
> >
> >
> > ----- Original Message -----
> > From:
> > "Tijani BEN JEMAA"
> <<mailto:tijani.benjemaa at benjemaa.com>tijani.benjemaa at benjemaa.com>
> >
> > To:
> > "Jonathan Zuck"
> <<mailto:JZuck at innovatorsnetwork.org>JZuck at innovatorsnetwork.org>
> > Cc:
> >
> "<mailto:h.raiche at internodeon.net>h.raiche at internodeon.net"
> <<mailto:h.raiche at internode.on.net>h.raiche at internode.on.net>,
> "ALAC List"
> <<mailto:alac at atlarge-lists.icann.org>alac at atlarge-lists.icann.org>,
> "A t" <<mailto:staff at atlarge.icann.org>staff at atlarge.icann.org>
> > Sent:
> > Wed, 11 Jul 2018 09:33:16 +0100
> > Subject:
> > Re: [ALAC] Draft Principles for GDPR
> >
> >
> > Good morning everyone,
> >
> > I disagree with this statement Jonathan.
> > The registrants represent the active part of
> the end-users. we are responsible to defend their interest.
> > I have heard such reflection, and it always
> lead to be more aligned with the commercial
> interests. We need to be careful and be always
> for the public interest, not for the political or commercial interests.
> >
> >
> -----------------------------------------------------------------------------
> > Tijani BEN JEMAA
> > Executive Director
> > Mediterranean Federation of Internet Associations (FMAI)
> > Phone: +216 98 330 114
> > +216 52 385 114
> >
> -----------------------------------------------------------------------------
> >
> >
> > Le 10 juil. 2018 Ã 22:27, Jonathan Zuck
> <<mailto:JZuck at innovatorsnetwork.org>JZuck at innovatorsnetwork.org> a écrit :
> >
> > Thanks Holly for getting this started. I
> guess what weâre after are some basic
> principles on our perspective on the GDPR. The
> temp spec is the temp spec so some of this will
> apply for sure, if we reach some consensus on
> these but there are areas that are simply part
> of the law over which we donât have
> influence. A principle might be something like
> >
> >
> > The ALAC feels responsible to
> reprresent the interests of non-registrants
> more so than registrants as they represent the majority of users.
> >
> > Iâm not saying weâve agreed to that but
> thatâs the kind of filter we could send our reps in with?
> >
> > Jonathan
> >
> >
> >
> > From: ALAC
> <<mailto:alac-bounces at atlarge-lists.icann.org>alac-bounces at atlarge-lists.icann.org>
> on behalf of
> "<mailto:h.raiche at internode.on.net>h.raiche at internode.on.net"
> <h.raiche at internode.onnet>
> > Reply-To:
> "<mailto:h.raiche at internode.on.net>h.raiche at internode.on.net"
> <<mailto:h.raiche at internode.on.net>h.raiche at internode.on.net>
> > Date: Tuesday, July 10, 2018 at 5:22 PM
> > To: ALAC List
> <<mailto:alac at atlarge-lists.icann.org>alac at atlarge-lists.icann.org>,
> A t <<mailto:staff at atlarge.icann.org>staff at atlarge.icann.org>
> > Subject: [ALAC] Draft Principles for GDPR
> >
> >
> > Folks
> >
> >
> > Since we all think principles are a good
> idea, I have set down the basics from the
> Temporary Spec - very simplistic, but it's a
> start. What we need now is discussion on the principles.
> >
> >
> > Evin - I'm not sure if you have a new wiki
> page for discussion on the temporary spec, but if not, would you create on.
> >
> >
> > And Olivier - the Temporary Spec necessarily
> will deal with access - at the least, guiding
> principles, so whoever is on the EPDP will have
> some guidance on our red lines on access.
> >
> >
> > So please everyone - comments
> >
> >
> > Thanks
> >
> >
> > Holly
> >
> >
> > Temporary Specification for gTLD Registration Data
> >
> >
> >
> >
> > Principles for requirements to replace the RAA/Registry Requirements
> >
> > (within the context of compliance with the GDPR)
> >
> >
> >
> > Purpose of Collection of Data
> >
> > Quoting from the Temporary Spec which is quoting from the ICCANN Bylaws:
> >
> >
> > purpose is to coordinate the bottom-up,
> multistakeholder development and implementation
> of policies â[f]or which uniform or
> coordinated resolution is reasonably necessary
> to facilitate the openness, interoperability,
> resilience, security and/or stability of the
> DNS including, with respect to gTLD registrars and registriesâ
> >
> >
> > Purpose includes
> >
> > · ô° resolution of disputes
> regarding the registration of domain names (as
> opposed to the use of such domain names, but
> including where such policies take into account use of the domain names);
> >
> >
> > · ô° maintenance of and access to
> accurate and up-to-date information concerning
> registered names and name servers;
> >
> >
> > · ô° procedures to avoid disruptions
> of domain name registrations due to suspension
> or termination of operations by a registry
> operator or a registrar (e.g., escrow); and
> >
> >
> > · ô° the transfer of registration
> data upon a change in registrar sponsoring one or more registered names.
> >
> >
> >
> >
> >
> > the Bylaws specifically obligate ICANN, in
> carrying out its mandate, to âadequately
> address issues of competition, consumer
> protection, security, stability and resiliency,
> malicious abuse issues, sovereignty concerns, and rights protectionâ
> >
> >
> >
> >
> > Geographic Coverage of EPDP Outcome:
> >
> > · Apply globally or
> >
> >
> >
> > · Apply only to European Economic Area (the coverage of the GD
> > R) and otherwise lesser requirements (existing RAA requirements?)
> >
> >
> >
> >
> > Data Collected
> >
> > · âThick Whoisâ bassed on the
> differing uses of the data is listed in the purpose above â OR
> >
> >
> >
> > · Some lesser amount of information
> >
> >
> >
> >
> > Consent
> >
> > · Registrants must be told, at the time
> of collection, what personal information is
> collected, why the collection is necessary to
> achieve the purposes, who will have access and
> in what circumstances access will be given to
> what information, and all circumstances in
> which the data will be transferred (to
> Registry, Escrow) and where heldThey must also
> be told their consent can be withdrawn at any
> time (and consequences of withdrawal) and how to withdraw consent
> >
> >
> >
> >
> > Access to Data Tiered access (largely what
> is in the Techniccal Specification)
> >
> > · Applies to all Registrants naturaal or corporate persons
> >
> >
> >
> > · Information generally publicly available
> >
> >
> >
> > o Registrant name
> >
> >
> >
> > o Anonymised email or other anonymous contact means
> >
> >
> >
> > · Access to other personal information â
> >
> >
> >
> > o Only to accredited entities (not individuals) >
> >
> >
> > o Only in specific circumstances that warrant access
> >
> >
> >
> >
> >
> >
> > _______________________________________________
> > ALAC mailing list
> > <mailto:ALAC at atlarge-lists.icann.org>ALAC at atlarge-lists.icann.org
> > https://atlarge-lists.icann.org/mailman/listinfo/alac
> >
> > At-Large Online: <http://www.atlarge.icann.org>http://www.atlarge.icann.org
> > ALAC Working Wiki:
> <https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)>https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)
> >
> > _______________________________________________
> > ALAC mailing list
> > <mailto:ALAC at atlarge-lists.icann.org>ALAC at atlarge-lists.icann.org
> > https://atlarge-lists.icann.org/mailman/listinfo/alac
> >
> > At-Large Online: <http://www.atlarge.icann.org>http://www.atlarge.icann.org
> > ALAC Working Wiki:
> <https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)>https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)
>
>_______________________________________________
>ALAC mailing list
><mailto:ALAC at atlarge-lists.icann.org>ALAC at atlarge-lists.icann.org
>https://atlarge-lists.icann.org/mailman/listinfo/alac
>
>At-Large Online: <http://www.atlarge.icann.org>http://www.atlarge.icann.org
>ALAC Working Wiki:
><https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)>https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)
>
>_______________________________________________
>ALAC mailing list
>ALAC at atlarge-lists.icann.org
>https://atlarge-lists.icann.org/mailman/listinfo/alac
>
>At-Large Online: http://www.atlarge.icann.org
>ALAC Working Wiki:
>https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALAC)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://atlarge-lists.icann.org/pipermail/alac/attachments/20180711/32d85678/attachment.html>
More information about the ALAC
mailing list