Re: [gnso-thickwhoispdp-wg] missing recommendation in 7.1
hi Steve i generally try to stay out of the "content" part of the discussion if i can, but i have to admit that it seems quite prudent to do a legal review, along the lines of the one that the sub-team recommended. i don't quite understand the value of doing that review *after* the transition, so i'd just assumed it would come first. i think we could put some speed-pressure on by elevating our language about the urgency of the process to cover both the legal review and the transition. On Sep 20, 2013, at 11:54 AM, "Metalitz, Steven" <met@xxxxxxx> wrote: > So it is now being proposed that an independent legal review before > transition to thick Whois be a consensus policy? > > -----Original Message----- > From: Mike O'Connor [mailto:mike@xxxxxxxxxx] > Sent: Friday, September 20, 2013 12:45 PM > To: Metalitz, Steven > Cc: Avri Doria; Thick Whois > Subject: Re: [gnso-thickwhoispdp-wg] missing recommendation in 7.1 > > hi Steve, > > the "little-r" "big-R" recommendation talk is short hand for the idea that > section 7.1 is where our single actual "recommendation" is -- the > recommendation to require thick whois. > > section 7.3 is "Additional Observations" and is set forth as documentation > for the Council or the staff to take further action if "deemed appropriate > and timely." so putting a recommendation in 7.1 puts it into consensus > policy, putting a recommendation in 7.3 puts in in the "suggestions" pile. > > mikey > > > On Sep 20, 2013, at 11:38 AM, "Metalitz, Steven" <met@xxxxxxx> wrote: > >> Mikey, >> >> I do not share your assumption that the transition to thick Whois must be >> delayed pending a legal review. This is entirely unsupported by the >> findings of our report. >> >> 1. "The WG finds that requiring thick Whois for all gTLD registries does >> not raise data protection issues that are specific to thin v. thick Whois. " >> >> 2. "There are currently issues with respect to privacy related to Whois and >> these will only grow in the future..... None of these issues seem to be >> related to whether a thick or thin Whois model is being used. " >> >> 3. "So although privacy issues may become a substantive issue in the >> future, and should certainly be part of the investigation of a replacement >> for Whois, it is not a reason not to proceed with the PDP WG recommending >> thick Whois for all." >> >> All these quotes are from the conclusion to section 5.5 of our report. I >> believe this text represents a consensus of the participants in the privacy >> subgroup of our WG. Don can confirm or correct this. >> >> I encourage everyone to re-read section 5.5. It makes very clear that, >> based on over a decade of experience with thick gTLD registries, including >> the successful transition of one of the largest gTLD registries from thin to >> thick; the complete absence of any legal challenges during that time period >> to the operation of such registries on privacy grounds;, and the support of >> registrars and registries --- the entities with the greatest incentive to >> take seriously the potential legal exposure involved -- for the thick >> model, that there is no privacy- or data protection-based reason to delay >> adoption and implementation of the thick Whois requirement. >> >> This conclusion reflects the thoroughly discussed and fully negotiated view >> of those who participated actively in this WG over the past year. It >> should not be set aside or undermined at the last minute. >> >> I continue to disagree as well with your point 3 for the reasons already >> thoroughly discussed on this list. >> >> Could you explain what is the difference, in your view, between a "little-r >> recommendation" in section 7.3 and a "big-R recommendation" in section 7.1, >> especially since you propose that both take the form of a statement that "We >> recommend....". >> >> Steve >> -----Original Message----- >> From: owner-gnso-thickwhoispdp-wg@xxxxxxxxx >> [mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Mike O'Connor >> Sent: Friday, September 20, 2013 11:58 AM >> To: Avri Doria >> Cc: Thick Whois >> Subject: Re: [gnso-thickwhoispdp-wg] missing recommendation in 7.1 >> >> i think maybe i need to put all the stuff in one post. >> >> 1) we put a big-R recommendation to do the legal review in 7.1. here's the >> language that Volker proposed with some rough draft "sequence" language in >> brackets. >> >>> We recommend that the ICANN Board request an independent legal review to be >>> undertaken [before transition to thick whois] on the privacy implications >>> of a transfer of registrant data between jurisdictions. >> >> 2) we beef up the body of the report to support that recommendation -- the >> language is already there, i just think it ought to be moved down into a >> more recommendation-focused paragraph. again rough-draft "sequence" >> language in brackets. >> >>> page 30: "Again, these questions must be explored in more depth by ICANN >>> Staff [before transition to thick whois], starting with the General >>> Counsel's Office, and by the community. As an added benefit, analyses >>> concerning change of applicable laws with respect to transition from a thin >>> to a thick environment also may prove valuable in the event of changes in a >>> registry's management, presumably an increasing likelihood given the volume >>> of new gTLDs on the horizon." >> >> 3) we put a version of your little-r recommendation in section 7.3 >> >>> The WG discussed many of the issues involved in moving from having a >>> registration currently governed under the privacy rules by one jurisdiction >>> in a thick whois to another jurisdiction, the jurisdiction of the Registry >>> in a thick whois. The WG did not feel it was competent to fully discuss >>> these privacy issues and was not able to fully separate the privacy issues >>> involved in such a move from the general privacy issues that need to be >>> resolved in Whois. there was also concern with intersection with other >>> related Privacy issues that ICANN currently needs to work on. The Working >>> group therefore makes the following recommendation: >>> >>> . We recommend that the ICANN Board request a GNSO issues report to cover >>> the issue of Privacy as related to WHOIS and other related GNSO policies. >> >> >> >> >> On Sep 20, 2013, at 9:24 AM, Avri Doria <avri@xxxxxxx> wrote: >> >>> >>> Hi, >>> >>> All lovely ideas, but they don't meet the need to put the privacy issues on >>> the front burner. >>> >>> avri >>> >>> On 20 Sep 2013, at 09:24, Mike O'Connor wrote: >>> >>>> [hijacking this thread back to its original topic] >>>> >>>> hi Avri, >>>> >>>> i, for one, think turnabout on the way to consensus is one of the very >>>> best things about ICANN. thanks Avri >>>> >>>> here's language describing that legal review as it stands (this is the >>>> last paragraph of Discussion section of 5.5 Data Protection >>>> >>>> page 30: "Again, these questions must be explored in more depth by ICANN >>>> Staff, starting with the General Counsel's Office, and by the community. >>>> As an added benefit, analyses concerning change of applicable laws with >>>> respect to transition from a thin to a thick environment also may prove >>>> valuable in the event of changes in a registry's management, presumably an >>>> increasing likelihood given the volume of new gTLDs on the horizon." >>>> >>>> i *think* that's the only place it shows up in the current draft, which >>>> means that while we worked hard on the language, it's not really a >>>> recommendation right now and kindof buried down in the details. it's also >>>> vague on the sequencing -- but i have been presuming that the legal review >>>> would have to happen before the conversion and would be comfortable >>>> clarifying that. >>>> >>>> from a report-drafting standpoint if we pursue this direction, i think >>>> we'd want to do a few minor revisions to provide support for that big-R >>>> recommendation that's being proposed. >>>> >>>> - clarify that sequence >>>> >>>> - move that paragraph from the "Discussion" section of 5.5 down to the >>>> "Conclusions" section to provide stronger underpinnings for the >>>> recommendation >>>> >>>> all pretty easy to do from a mechanical report-drafting point of view, if >>>> the group agrees on that approach. >>>> >>>> good work. carry on, >>>> >>>> mikey >>>> >>>> >>>> >>>> >>>> On Sep 19, 2013, at 10:47 AM, Avri Doria <avri@xxxxxxx> wrote: >>>> >>>>> >>>>> Hi, >>>>> >>>>> Forgive me for doing this bit of turnabout: is this legal review >>>>> something that would occur before the thick whois for incumbent >>>>> registries was put into effect? >>>>> >>>>> At first blush, if this was combined with a 7.3. recommendation for a >>>>> full Issues report, I might be able to accept it and convince the NCSG >>>>> that this was a good compromise. >>>>> >>>>> thanks >>>>> >>>>> avri >>>>> >>>>> >>>>> On 19 Sep 2013, at 11:14, Volker Greimann wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> I still find Avri's proposed language too broad, so I tried my hand at a >>>>>> quick rewrite. Probably still needs a little fiddling, but more in the >>>>>> direction what I could support, although putting this into 7.1 is a bit >>>>>> iffy to me. >>>>>> The WG discussed many of the issues involved in moving from having a >>>>>> registration currently governed under the privacy rules by one >>>>>> jurisdiction in a thin whois to another jurisdiction, the jurisdiction >>>>>> of the Registry in a thick whois. The WG did not feel it was competent >>>>>> to reach a final conclusion on these issues involving international >>>>>> privacy laws. >>>>>> The Working group therefore makes the following recommendation: >>>>>> >>>>>> . We recommend that the ICANN Board >>>>>> request an independent legal review to be undertaken on the privacy >>>>>> implications of a transfer of registrant data between jurisdictions. >>>>>> Reasons: If we could not find ourselves competent to decide a small >>>>>> matter like the transfer of private data, how can we expect another PDP >>>>>> to tackle an even broader issue of privacy issues surrounding WHOIS in >>>>>> general? For the purposes of this WG, the determination that we were >>>>>> unable to reach a final conclusion on could and should be resolved by >>>>>> independent counsel. >>>>>> >>>>>> While a new PDP on WHOIS and privacy issues is certainly something worth >>>>>> considering and something I would welcome, I do not feel that this WG >>>>>> needs to make that recommendation as it would be much broader than the >>>>>> smaller issue we were tasked to tackle. >>>>>> >>>>>> Volker >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> For me this needs to be a Recommendation (7.1, big R), not an extra >>>>>>> consideration. This issue was within the purview of the group and the >>>>>>> group bailed on it for lack of capability. Fine, then lets step and >>>>>>> recommend that those that have the capability do so. In this age of >>>>>>> world attention on privacy issues, I can't beleive we are still dancing >>>>>>> around the point. >>>>>>> >>>>>>> I am currently working on getting the NCSG to endorse this. As the >>>>>>> alternate chair of the NCSG Policy committee I beleive this is >>>>>>> something that will be supported by the NCSG. I will personally submit >>>>>>> a minority position and work to get the NCSG to endorse it, if this >>>>>>> recommendation is not included in 7.1. For myself at this point, I >>>>>>> will reject the entire report without this, as the report is incomplete >>>>>>> without this as a primary Recommendation. To my mind NCSG would be >>>>>>> shirking it responsibilities if we let this report go out without such >>>>>>> a recommendation. >>>>>>> >>>>>>> Incidentally, my impression from the list discussion was that there was >>>>>>> support, but that wording needed changing. It was changed. >>>>>>> >>>>>>> I understand that there are those who may be playing divide and conquer >>>>>>> games behind the scenes, claiming that my position will hurt NCSG's >>>>>>> reputation. I have bcc'e d the NCSG on this note so that they >>>>>>> themselves can determine if it is reputation damaging. There are >>>>>>> others who are are cynically claiming that I am going against the >>>>>>> bottom-up model by insisting on privacy considerations. I reject those >>>>>>> claims. >>>>>>> >>>>>>> avri >>>>>>> >>>>>>> >>>>>>> >>>>>>> On 19 Sep 2013, at 10:25, Mike O'Connor wrote: >>>>>>> >>>>>>> >>>>>>>> hi all, >>>>>>>> >>>>>>>> i may have been the culprit here. Avri, my interpretation of the >>>>>>>> desultory conversation on the list was that there *wasn't* much >>>>>>>> support for the idea. and then when you didn't show up on last week's >>>>>>>> call to pitch/push it, i forgot to bring it up. my bad -- sorry about >>>>>>>> that. >>>>>>>> >>>>>>>> let's try to have a vigorous conversation about this on the list, and >>>>>>>> drive to a conclusion on the call next week. >>>>>>>> >>>>>>>> Avri, you and i had a one-to-one email exchange about this and i >>>>>>>> suggested that this recommendation might fit better, and be more >>>>>>>> widely accepted, if it was in the privacy and data protection part of >>>>>>>> our report (Section 7.3). could you give us an indication of whether >>>>>>>> acceptance of this version of the recommendation is required? in more >>>>>>>> casual terms, is there any wiggle room here? i think it would be >>>>>>>> helpful for the rest of the group to know the framework for the >>>>>>>> conversation. >>>>>>>> >>>>>>>> carry on folks, >>>>>>>> >>>>>>>> mikey >>>>>>>> >>>>>>>> >>>>>>>> On Sep 18, 2013, at 6:39 PM, Avri Doria >>>>>>>> <avri@xxxxxxx> >>>>>>>> wrote: >>>>>>>> >>>>>>>> >>>>>>>>> Hi, >>>>>>>>> >>>>>>>>> I was disappointed to not see the recommendation for the Issues >>>>>>>>> report included in 7.1. I thought we had discussed it on this list >>>>>>>>> and thee had been little opposition, though there was some. I cannot >>>>>>>>> support this report with a strong recommendation for follow on work >>>>>>>>> on the Privacy issues. And, contrary to what others may beleive, I >>>>>>>>> do not see any such work currently ongoing in ICANN. I think it i s >>>>>>>>> unfortunate that we keep pushing off this work and are not willing to >>>>>>>>> face it directly. I beleive I have the support of others in the >>>>>>>>> NCSG, though the content of a minority statement has yet to be >>>>>>>>> decided on. >>>>>>>>> >>>>>>>>> While still somewhat inadequate, I am ready to argue for going along >>>>>>>>> with consensus on this document if the following is included in 7.1: >>>>>>>>> >>>>>>>>> >>>>>>>>> The WG discussed many of the issues involved in moving from having a >>>>>>>>> registration currently governed under the privacy rules by one >>>>>>>>> jurisdiction in a thick whois to another jurisdiction, the >>>>>>>>> jurisdiction of the Registry in a thick whois. The WG did not feel >>>>>>>>> it was competent to fully discuss these privacy issues and was not >>>>>>>>> able to fully separate the privacy issues involved in such a move >>>>>>>>> from the general privacy issues that need to be resolved in Whois. >>>>>>>>> there was also concern with intersection with other related Privacy >>>>>>>>> issues that ICANN currently needs to work on. The Working group >>>>>>>>> therefore makes the following recommendation: >>>>>>>>> >>>>>>>>> . We recommend that the ICANN Board request a GNSO issues report to >>>>>>>>> cover the issue of Privacy as related to WHOIS and other related GNSO >>>>>>>>> policies. >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> Thanks >>>>>>>>> >>>>>>>>> avri >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> PHONE: 651-647-6109, FAX: 866-280-2356, WEB: >>>>>>>> www.haven2.com >>>>>>>> , HANDLE: OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.) >>>>>>>> >>>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung. >>>>>> >>>>>> Mit freundlichen Grüßen, >>>>>> >>>>>> Volker A. Greimann >>>>>> - Rechtsabteilung - >>>>>> >>>>>> Key-Systems GmbH >>>>>> Im Oberen Werk 1 >>>>>> 66386 St. Ingbert >>>>>> Tel.: +49 (0) 6894 - 9396 901 >>>>>> Fax.: +49 (0) 6894 - 9396 851 >>>>>> Email: >>>>>> vgreimann@xxxxxxxxxxxxxxx >>>>>> >>>>>> >>>>>> Web: >>>>>> www.key-systems.net / www.RRPproxy.net >>>>>> www.domaindiscount24.com / www.BrandShelter.com >>>>>> >>>>>> >>>>>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook: >>>>>> >>>>>> www.facebook.com/KeySystems >>>>>> www.twitter.com/key_systems >>>>>> >>>>>> >>>>>> Geschäftsführer: Alexander Siffrin >>>>>> Handelsregister Nr.: HR B 18835 - Saarbruecken >>>>>> Umsatzsteuer ID.: DE211006534 >>>>>> >>>>>> Member of the KEYDRIVE GROUP >>>>>> >>>>>> www.keydrive.lu >>>>>> >>>>>> >>>>>> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen >>>>>> Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder >>>>>> Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese >>>>>> Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns >>>>>> per E-Mail oder telefonisch in Verbindung zu setzen. >>>>>> >>>>>> -------------------------------------------- >>>>>> >>>>>> Should you have any further questions, please do not hesitate to contact >>>>>> us. >>>>>> >>>>>> Best regards, >>>>>> >>>>>> Volker A. Greimann >>>>>> - legal department - >>>>>> >>>>>> Key-Systems GmbH >>>>>> Im Oberen Werk 1 >>>>>> 66386 St. Ingbert >>>>>> Tel.: +49 (0) 6894 - 9396 901 >>>>>> Fax.: +49 (0) 6894 - 9396 851 >>>>>> Email: >>>>>> vgreimann@xxxxxxxxxxxxxxx >>>>>> >>>>>> >>>>>> Web: >>>>>> www.key-systems.net / www.RRPproxy.net >>>>>> www.domaindiscount24.com / www.BrandShelter.com >>>>>> >>>>>> >>>>>> Follow us on Twitter or join our fan community on Facebook and stay >>>>>> updated: >>>>>> >>>>>> www.facebook.com/KeySystems >>>>>> www.twitter.com/key_systems >>>>>> >>>>>> >>>>>> CEO: Alexander Siffrin >>>>>> Registration No.: HR B 18835 - Saarbruecken >>>>>> V.A.T. ID.: DE211006534 >>>>>> >>>>>> Member of the KEYDRIVE GROUP >>>>>> >>>>>> www.keydrive.lu >>>>>> >>>>>> >>>>>> This e-mail and its attachments is intended only for the person to whom >>>>>> it is addressed. Furthermore it is not permitted to publish any content >>>>>> of this email. You must not use, disclose, copy, print or rely on this >>>>>> e-mail. If an addressing or transmission error has misdirected this >>>>>> e-mail, kindly notify the author by replying to this e-mail or >>>>>> contacting us by telephone. >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>> >>>> >>>> PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com, HANDLE: >>>> OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.) >>>> >>> >>> >> >> >> PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com, HANDLE: >> OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.) >> > > > PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com, HANDLE: > OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.) > PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com, HANDLE: OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.) Attachment:
smime.p7s
|