[At-Large] Data Protection directives need to include Data Transparency directives.

gtheo gtheo at xs4all.nl
Wed Aug 22 07:42:30 UTC 2018


A good read might be to check how the DPA's worldwide view this subject 
and it touches upon some of the issues you raise.
https://www.datenschutz-berlin.de/pdf/publikationen/working-paper/2017/2017-IWGDPT_Working_Paper_WHOIS_ICANN-en.pdf

Best regards,

Theo Geurts







sivasubramanian muthusamy schreef op 2018-08-22 12:06 AM:
> Hello,
> 
> (I sent the following message as comments on an epdp Report on
> Temporary Specification for gTLD registration data. But this is more
> of a comment on Data Protection regulation in general, so copied to
> the Internet Policy list)
> 
> In Data Protection terminology, "Personal data" is more of a generic
> or 'loose' term that applies both to individual and business data. In
> DNS, Registration Data does not make any distinction between
> individual registrants and business registrants whose web space is for
> some form of (e)commerce activity. While there is a need for privacy
> of personal data of individual registrants, the opposite, need for
> greater transparency, may be required in the case of data related to
> any form of commercial, perhaps even Government and non Government web
> spaces.
> 
> The rationale is that the online presence of small and large
> businesses alike are often short of information pertaining to physical
> location, names of functionaries, officials or the person in-charge.
> A Phone company does not have listed phone number, an email company
> does not have a visible email addresses ! This is part of a pattern of
> multiple players transacting business online from a carefully guarded
> climate of "do-not-reply" email accounts, phones without a call back
> number, answering machines, conveniently assisted by BPO
> intermediaries who keep the consumer at an unapproachable distance. A
> hotel reservation portal or a small shop online transacts business
> online without allowing the consumer the ability to reach them for
> various reasons.
> 
> Limiting access to Registration data indiscriminately and only for
> 'legitimate uses' may perpetuate this trend of inaccessibility of
> business entities,  widen the disconnect between business and consumer
> with the effect that multiple commercial registrants would continue to
> design their online presence to transact business without due
> accountability. The section  4.4.2, Lawfulness & Purposes of
> Processing gTLD Registration Data as written, might have the
> unintended consequence of perpetuating unhealthy protection for
> segments that actually require information disclosure and
> transparency. How the DNS will make such a distinction is another
> question.
> 
> Does GDPR make such a distinction?
> 
> Sivasubramanian M
> 
> Sivasubramanian M [1]
> twitter.com/shivaindia [2]
> 
> Links:
> ------
> [1] https://www.facebook.com/sivasubramanian.muthusamy
> [2] http://twitter.com/shivaindia
> _______________________________________________
> At-Large mailing list
> At-Large at atlarge-lists.icann.org
> https://atlarge-lists.icann.org/mailman/listinfo/at-large
> 
> At-Large Official Site: http://atlarge.icann.org


More information about the At-Large mailing list