[ALAC] GDPR on today's ALAC Agenda
Alan Greenberg
alan.greenberg at mcgill.ca
Tue Mar 27 18:50:01 UTC 2018
Attached and in the body of this message are the
notes for today's discussion of GDPR on the ALAC Call.
-----------------------------
ALAC Meeting 27 March 2018 GDPR Discussion
The ALAC and At-Large are divided on whether the
proposed Interim Model meets the requirements of
the GDPR and specifically whether the rationales
for collecting various data items are specified
in sufficient detail and are sufficiently
compelling. There are also differing views on
whether the transport of data to Registries in
compliance with "thick WHOIS" rules is GDPR
compliant. In the absence of concerns over
privacy, ICANN has previously determined that the
thick WHOIS model is the one that should be used
and we should not re-litigate that here. We have
similarly decided that single points of failure
must be avoided and all data must be escrowed in
case of any of multiple forms of failure. All
data items have proven useful in the past (that
was the result of ICANN's earlier work). Whether
it can be justified in the current situation is the question.
All of these issues will need to be judged by
DPAs and to the extent that they make clear
statements, we will have to abide by them.
The ALAC has the responsibility to look at all
issues from and end-user perspective. We also
have concerns for registrant issues, but where they differ we support users.
1. Must registrars continue to collect the
contact details for administrative and technical
contacts and transmit them to the registry and escrow provider?
2. Should anonymized e-mail addresses should be
substituted for the e-mail addresses for
registrant, administrative, and technical contacts in public WHOIS?
3. Should registries and registries be permitted
to optionally apply the model on a global basis?
4. Should the model apply to contact details
supplied by registrants who are legal persons?
5. Which elements of WHOIS data should be
published in public WHOIS while an accreditation
program for layered/tiered access is being developed?
6. How many levels should the "tiered" access mechanism support?
7. Bulk access should it be allowed?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://atlarge-lists.icann.org/pipermail/alac/attachments/20180327/4d24027b/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: GDPR-20180327.pdf
Type: application/pdf
Size: 64503 bytes
Desc: not available
URL: <http://atlarge-lists.icann.org/pipermail/alac/attachments/20180327/4d24027b/GDPR-20180327.pdf>
More information about the ALAC
mailing list