Re: [gnso-thickwhoispdp-wg] missing recommendation in 7.1

[Avri Doria <avri@xxxxxxx>]

Hi,

Thank you so much for you note.  

The evidence was presented by my colleagues Amr and Roy as part of the earlier 
work.  I mostly hung out in the background helping them as needed.    Whether 
this meets your requirements for 3-4k words, I don't t know.

At this point, with that work having been put on the back burner in the 
creation of the final report, I stepped in to try and fix the report before it 
was made final.

Thank you again for your kind words,

avri



On 20 Sep 2013, at 14:09, Rick Wesson wrote:

> I've sat one the side lines for most of this thread. 
> 
> Avri,
> 
> I have reviewed all your comments, however what I am looking for is a much 
> more detailed analysis of your points on privacy. I hear you YELLING at the 
> last minute but your notes don't reflect *any* analysis of thick-whois 
> privacy implications.
> 
> There have been many like you, over the years, that state this is _IMPORTANT_ 
> without framing the issue clearly. 
> 
> I will loudly declare your desires out of scope, without a lengthy analytic 
> post from you on what the issue you have is. Lengthy like 3K-5K words on just 
> WTF you are thinking.
> 
> You want "privacy on the front burner" -- well then you had better educate 
> *all of us* on just what your blocking tactic is to accomplish. We have 
> discussed privacy for well over 10 years, Privacy in the whois is like FTL 
> (faster than light) travel to a physicist.
> 
> Of course privacy is important, its just out of scope, not within our working 
> groups remit. The reason we narrowly define working group charters is so that 
> they can ignore bug problems and solve little ones.
> 
> Avri, stop being disruptive and start pounding out some prose that make 
> sense, privacy isn't going to be solved by us and its an issue that by design 
> was not included within the groups remit.
> 
> so educate me,
> 
> 
> -rick
> 
> 
> 
> 
> 
> On Fri, Sep 20, 2013 at 7:24 AM, Avri Doria <avri@xxxxxxx> wrote:
> 
> Hi,
> 
> All lovely ideas, but they don't meet the need to put the privacy issues on 
> the front burner.
> 
> avri
> 
> On 20 Sep 2013, at 09:24, Mike O'Connor wrote:
> 
> > [hijacking this thread back to its original topic]
> >
> > hi Avri,
> >
> > i, for one, think turnabout on the way to consensus is one of the very best 
> > things about ICANN.  thanks Avri
> >
> > here's language describing that legal review as it stands (this is the last 
> > paragraph of Discussion section of 5.5 Data Protection
> >
> > page 30:  "Again, these questions must be explored in more depth by ICANN 
> > Staff, starting with the General Counsel’s Office, and by the community. As 
> > an added benefit, analyses concerning change of applicable laws with 
> > respect to transition from a thin to a thick environment also may prove 
> > valuable in the event of changes in a registry’s management, presumably an 
> > increasing likelihood given the volume of new gTLDs on the horizon."
> >
> > i *think* that's the only place it shows up in the current draft, which 
> > means that while we worked hard on the language, it's not really a 
> > recommendation right now and kindof buried down in the details.  it's also 
> > vague on the sequencing -- but i have been presuming that the legal review 
> > would have to happen before the conversion and would be comfortable 
> > clarifying that.
> >
> > from a report-drafting standpoint if we pursue this direction, i think we'd 
> > want to do a few minor revisions to provide support for that big-R 
> > recommendation that's being proposed.
> >
> > - clarify that sequence
> >
> > - move that paragraph from the "Discussion" section of 5.5 down to the 
> > "Conclusions" section to provide stronger underpinnings for the 
> > recommendation
> >
> > all pretty easy to do from a mechanical report-drafting point of view, if 
> > the group agrees on that approach.
> >
> > good work.  carry on,
> >
> > mikey
> >
> >
> >
> >
> > On Sep 19, 2013, at 10:47 AM, Avri Doria <avri@xxxxxxx> wrote:
> >
> >>
> >> Hi,
> >>
> >> Forgive me for doing this bit of turnabout: is this legal review something 
> >> that would occur before the thick whois for incumbent registries was put 
> >> into effect?
> >>
> >> At first blush, if this was combined with a 7.3. recommendation for a full 
> >> Issues report, I might be able to accept it and convince the NCSG that 
> >> this was a good compromise.
> >>
> >> thanks
> >>
> >> avri
> >>
> >>
> >> On 19 Sep 2013, at 11:14, Volker Greimann wrote:
> >>
> >>> Hi all,
> >>>
> >>> I still find Avri's proposed language too broad, so I tried my hand at a 
> >>> quick rewrite. Probably still needs a little fiddling, but more in the 
> >>> direction what I could support, although putting this into 7.1 is a bit 
> >>> iffy to me.
> >>> The WG discussed many of the issues involved in moving from having a 
> >>> registration currently governed under the privacy rules by one 
> >>> jurisdiction in a thin whois to another jurisdiction, the jurisdiction of 
> >>> the Registry in a thick whois.  The WG did not feel it was competent to 
> >>> reach a final conclusion on these issues involving international privacy 
> >>> laws.
> >>> The Working group therefore makes the following recommendation:
> >>>
> >>> . We recommend that the ICANN Board
> >>> request an independent legal review to be undertaken on the privacy 
> >>> implications of a transfer of registrant data between jurisdictions.
> >>> Reasons: If we could not find ourselves competent to decide a small 
> >>> matter like the transfer of private data, how can we expect another PDP 
> >>> to tackle an even broader issue of privacy issues surrounding WHOIS in 
> >>> general? For the purposes of this WG, the determination that we were 
> >>> unable to reach a final conclusion on could and should be resolved by 
> >>> independent counsel.
> >>>
> >>> While a new PDP on WHOIS and privacy issues is certainly something worth 
> >>> considering and something I would welcome, I do not feel that this WG 
> >>> needs to make that recommendation as it would be much broader than the 
> >>> smaller issue we were tasked to tackle.
> >>>
> >>> Volker
> >>>
> >>>> Hi,
> >>>>
> >>>> For me this needs to be a Recommendation (7.1, big R), not an extra 
> >>>> consideration.  This issue was within the purview of the group and the 
> >>>> group bailed on it for lack of capability.  Fine, then lets step and 
> >>>> recommend that those that have the capability do so.    In this age of 
> >>>> world attention on privacy issues, I can't beleive we are still dancing 
> >>>> around the point.
> >>>>
> >>>> I am currently working on getting the NCSG to endorse this.  As the 
> >>>> alternate chair of the NCSG Policy committee I beleive this is something 
> >>>> that will be supported by the NCSG.  I will personally submit a minority 
> >>>> position and work to get the NCSG to endorse it, if this recommendation 
> >>>> is not included in 7.1.  For myself at this point, I will reject the 
> >>>> entire report without this, as the report is incomplete without this as 
> >>>> a primary Recommendation.  To my mind NCSG would be shirking it 
> >>>> responsibilities if we let this report go out without such a 
> >>>> recommendation.
> >>>>
> >>>> Incidentally, my impression from the list discussion was that there was 
> >>>> support, but that wording needed changing.  It was changed.
> >>>>
> >>>> I understand that there are those who may be playing divide and conquer 
> >>>> games behind the scenes, claiming that my position will hurt NCSG's 
> >>>> reputation.  I have bcc'e d the NCSG on this note so that they 
> >>>> themselves can determine if it is reputation damaging.  There are others 
> >>>> who are are cynically claiming that I am going against the bottom-up 
> >>>> model by insisting on privacy considerations.  I reject those claims.
> >>>>
> >>>> avri
> >>>>
> >>>>
> >>>>
> >>>> On 19 Sep 2013, at 10:25, Mike O'Connor wrote:
> >>>>
> >>>>
> >>>>> hi all,
> >>>>>
> >>>>> i may have been the culprit here.  Avri, my interpretation of the 
> >>>>> desultory conversation on the list was that there *wasn't* much support 
> >>>>> for the idea.  and then when you didn't show up on last week's call to 
> >>>>> pitch/push it, i forgot to bring it up.  my bad -- sorry about that.
> >>>>>
> >>>>> let's try to have a vigorous conversation about this on the list, and 
> >>>>> drive to a conclusion on the call next week.
> >>>>>
> >>>>> Avri, you and i had a one-to-one email exchange about this and i 
> >>>>> suggested that this recommendation might fit better, and be more widely 
> >>>>> accepted, if it was in the privacy and data protection part of our 
> >>>>> report (Section 7.3).  could you give us an indication of whether 
> >>>>> acceptance of this version of the recommendation is required?  in more 
> >>>>> casual terms, is there any wiggle room here?  i think it would be 
> >>>>> helpful for the rest of the group to know the framework for the 
> >>>>> conversation.
> >>>>>
> >>>>> carry on folks,
> >>>>>
> >>>>> mikey
> >>>>>
> >>>>>
> >>>>> On Sep 18, 2013, at 6:39 PM, Avri Doria
> >>>>> <avri@xxxxxxx>
> >>>>> wrote:
> >>>>>
> >>>>>
> >>>>>> Hi,
> >>>>>>
> >>>>>> I was disappointed to not see the recommendation for the Issues report 
> >>>>>> included in 7.1.    I thought we had discussed it on this list and 
> >>>>>> thee had been little opposition, though there was some.  I cannot 
> >>>>>> support this report with a strong recommendation for follow on work on 
> >>>>>> the Privacy issues.  And, contrary to what others may beleive, I do 
> >>>>>> not see any such work currently ongoing in ICANN.  I think it i s 
> >>>>>> unfortunate that we keep pushing off this work and are not willing to 
> >>>>>> face it directly.  I beleive I have the support of others in the NCSG, 
> >>>>>> though the content of a minority statement has yet to be decided on.
> >>>>>>
> >>>>>> While still somewhat inadequate, I am ready to argue for going along 
> >>>>>> with consensus on this document if the following is included in 7.1:
> >>>>>>
> >>>>>>
> >>>>>> The WG  discussed many of the issues involved in moving from having a 
> >>>>>> registration currently governed under the privacy rules by one 
> >>>>>> jurisdiction in a thick whois to another jurisdiction, the 
> >>>>>> jurisdiction of the Registry in a thick whois.  The WG did not feel it 
> >>>>>> was competent to fully discuss these privacy issues and was not able 
> >>>>>> to fully separate the privacy issues involved in such a move from the 
> >>>>>> general privacy issues that need to be resolved in Whois.  there was 
> >>>>>> also concern with intersection with other related Privacy issues that 
> >>>>>> ICANN currently needs to work on.  The Working group therefore makes 
> >>>>>> the following recommendation:
> >>>>>>
> >>>>>> . We recommend that the ICANN Board request a GNSO issues report to 
> >>>>>> cover the issue of Privacy as related to WHOIS and other related GNSO 
> >>>>>> policies.
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>> Thanks
> >>>>>>
> >>>>>> avri
> >>>>>>
> >>>>>>
> >>>>>>
> >>>>>
> >>>>> PHONE: 651-647-6109, FAX: 866-280-2356, WEB:
> >>>>> www.haven2.com
> >>>>> , HANDLE: OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.)
> >>>>>
> >>>>>
> >>>>
> >>>
> >>>
> >>> --
> >>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
> >>>
> >>> Mit freundlichen Grüßen,
> >>>
> >>> Volker A. Greimann
> >>> - Rechtsabteilung -
> >>>
> >>> Key-Systems GmbH
> >>> Im Oberen Werk 1
> >>> 66386 St. Ingbert
> >>> Tel.: +49 (0) 6894 - 9396 901
> >>> Fax.: +49 (0) 6894 - 9396 851
> >>> Email:
> >>> vgreimann@xxxxxxxxxxxxxxx
> >>>
> >>>
> >>> Web:
> >>> www.key-systems.net / www.RRPproxy.net
> >>> www.domaindiscount24.com / www.BrandShelter.com
> >>>
> >>>
> >>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
> >>>
> >>> www.facebook.com/KeySystems
> >>> www.twitter.com/key_systems
> >>>
> >>>
> >>> Geschäftsführer: Alexander Siffrin
> >>> Handelsregister Nr.: HR B 18835 - Saarbruecken
> >>> Umsatzsteuer ID.: DE211006534
> >>>
> >>> Member of the KEYDRIVE GROUP
> >>>
> >>> www.keydrive.lu
> >>>
> >>>
> >>> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen 
> >>> Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder 
> >>> Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese 
> >>> Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns 
> >>> per E-Mail oder telefonisch in Verbindung zu setzen.
> >>>
> >>> --------------------------------------------
> >>>
> >>> Should you have any further questions, please do not hesitate to contact 
> >>> us.
> >>>
> >>> Best regards,
> >>>
> >>> Volker A. Greimann
> >>> - legal department -
> >>>
> >>> Key-Systems GmbH
> >>> Im Oberen Werk 1
> >>> 66386 St. Ingbert
> >>> Tel.: +49 (0) 6894 - 9396 901
> >>> Fax.: +49 (0) 6894 - 9396 851
> >>> Email:
> >>> vgreimann@xxxxxxxxxxxxxxx
> >>>
> >>>
> >>> Web:
> >>> www.key-systems.net / www.RRPproxy.net
> >>> www.domaindiscount24.com / www.BrandShelter.com
> >>>
> >>>
> >>> Follow us on Twitter or join our fan community on Facebook and stay 
> >>> updated:
> >>>
> >>> www.facebook.com/KeySystems
> >>> www.twitter.com/key_systems
> >>>
> >>>
> >>> CEO: Alexander Siffrin
> >>> Registration No.: HR B 18835 - Saarbruecken
> >>> V.A.T. ID.: DE211006534
> >>>
> >>> Member of the KEYDRIVE GROUP
> >>>
> >>> www.keydrive.lu
> >>>
> >>>
> >>> This e-mail and its attachments is intended only for the person to whom 
> >>> it is addressed. Furthermore it is not permitted to publish any content 
> >>> of this email. You must not use, disclose, copy, print or rely on this 
> >>> e-mail. If an addressing or transmission error has misdirected this 
> >>> e-mail, kindly notify the author by replying to this e-mail or contacting 
> >>> us by telephone.
> >>>
> >>>
> >>>
> >>>
> >>
> >>
> >
> >
> > PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com, HANDLE: 
> > OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.)
> >
> 
> 
>