Re: [gnso-thickwhoispdp-wg] missing recommendation in 7.1
yep. my bad. i copied from down-thread and picked up the bracketed addition. sorry about that. m On Sep 20, 2013, at 4:44 PM, "Metalitz, Steven" <met@xxxxxxx> wrote: > The existing words do not include the parenthetical [before transition to > Thick Whois]. That is not what the report already says on page 30. > > -----Original Message----- > From: Alan Greenberg [mailto:alan.greenberg@xxxxxxxxx] > Sent: Friday, September 20, 2013 5:01 PM > To: Mike O'Connor > Cc: Metalitz, Steven; Avri Doria; Thick Whois > Subject: Re: [gnso-thickwhoispdp-wg] missing recommendation in 7.1 > > I can live with the existing words (although including them would not have > been my choice). I find the term "legal review" more onerous. But perhaps > that is just me. > > As I said, I cannot believe that the Board will approve it without getting > legal agreement. > > Alan > > At 20/09/2013 02:51 PM, Mike O'Connor wrote: >> hi Alan, >> >> could you expand your reasons for why do you disagree with a >> recommendation for a legal review? >> >> isn't that what the privacy and data protection section of the report >> already says on page >> 30? "Again, these questions must be explored >> in more depth by ICANN Staff [before transition to thick whois], >> starting with the General Counsel's Office, and by the community. As an >> added benefit, analyses concerning change of applicable laws with >> respect to transition from a thin to a thick environment also may prove >> valuable in the event of changes in a registry's management, presumably >> an increasing likelihood given the volume of new gTLDs on the horizon." >> >> thanks, >> >> mikey >> >> On Sep 20, 2013, at 12:58 PM, Alan Greenberg <alan.greenberg@xxxxxxxxx> >> wrote: >> >>> If ICANN feels the need to do a legal review >> prior to implementation, so be it. We have no control over that. But I >> strongly disagree with recommending that. >>> >>> Alan >>> >>> At 20/09/2013 01:04 PM, Mike O'Connor wrote: >>>> hi Steve >>>> >>>> i generally try to stay out of the "content" >> part of the discussion if i can, but i have to admit that it seems >> quite prudent to do a legal review, along the lines of the one that >> the sub-team recommended. i don't quite understand the value of doing >> that review *after* the transition, so i'd just assumed it would come >> first. >>>> >>>> i think we could put some speed-pressure on >> by elevating our language about the urgency of the process to cover >> both the legal review and the transition. >>>> >>>> >>>> On Sep 20, 2013, at 11:54 AM, "Metalitz, Steven" <met@xxxxxxx> wrote: >>>> >>>>> So it is now being proposed that an >> independent legal review before transition to thick Whois be a >> consensus policy? >>>>> >>>>> -----Original Message----- >>>>> From: Mike O'Connor [mailto:mike@xxxxxxxxxx] >>>>> Sent: Friday, September 20, 2013 12:45 PM >>>>> To: Metalitz, Steven >>>>> Cc: Avri Doria; Thick Whois >>>>> Subject: Re: [gnso-thickwhoispdp-wg] missing recommendation in >>>>> 7.1 >>>>> >>>>> hi Steve, >>>>> >>>>> the "little-r" "big-R" recommendation talk >> is short hand for the idea that section 7.1 is where our single actual >> "recommendation" is -- the recommendation to require thick whois. >>>>> >>>>> section 7.3 is "Additional Observations" >> and is set forth as documentation for the Council or the staff to take >> further action if "deemed appropriate and timely." so putting a >> recommendation in 7.1 puts it into consensus policy, putting a >> recommendation in 7.3 puts in in the "suggestions" pile. >>>>> >>>>> mikey >>>>> >>>>> >>>>> On Sep 20, 2013, at 11:38 AM, "Metalitz, Steven" <met@xxxxxxx> wrote: >>>>> >>>>>> Mikey, >>>>>> >>>>>> I do not share your assumption that the >> transition to thick Whois must be delayed >> pending a legal review. This is entirely >> unsupported by the findings of our report. >>>>>> >>>>>> 1. "The WG finds that requiring thick >> Whois for all gTLD registries does not raise data protection issues >> that are specific to thin v. thick Whois. " >>>>>> >>>>>> 2. "There are currently issues with >> respect to privacy related to Whois and these will only grow in the >> future..... None of these issues seem to be related to whether a thick >> or thin Whois model is being used. " >>>>>> >>>>>> 3. "So although privacy issues may >> become a substantive issue in the future, and should certainly be part >> of the investigation of a replacement for Whois, it is not a reason >> not to proceed with the PDP WG recommending thick Whois for all." >>>>>> >>>>>> All these quotes are from the conclusion >> to section 5.5 of our report. I believe this text represents a >> consensus of the participants in the privacy subgroup of our WG. Don >> can confirm or correct this. >>>>>> >>>>>> I encourage everyone to re-read section >> 5.5. It makes very clear that, based on over a decade of experience >> with thick gTLD registries, including the successful transition of one >> of the largest gTLD registries from thin to thick; the complete >> absence of any legal challenges during that time period to the >> operation of such registries on privacy grounds;, and the support of >> registrars and registries --- the entities with the greatest incentive >> to take seriously the potential legal >> exposure involved -- for the thick >> model, that there is no privacy- or data protection-based reason to >> delay adoption and implementation of the thick Whois requirement. >>>>>> >>>>>> This conclusion reflects the thoroughly >> discussed and fully negotiated view of those who participated actively >> in this WG over the >> past year. It should not be set aside or undermined at the last minute. >>>>>> >>>>>> I continue to disagree as well with your >> point 3 for the reasons already thoroughly discussed on this list. >>>>>> >>>>>> Could you explain what is the difference, >> in your view, between a "little-r >> recommendation" in section 7.3 and a "big-R recommendation" in section >> 7.1, especially since you propose that both take the form of a >> statement that "We recommend....". >>>>>> >>>>>> Steve >>>>>> -----Original Message----- >>>>>> From: >> owner-gnso-thickwhoispdp-wg@xxxxxxxxx >> [mailto:owner-gnso-thickwhoispdp-wg@xxxxxxxxx] On Behalf Of Mike >> O'Connor >>>>>> Sent: Friday, September 20, 2013 11:58 AM >>>>>> To: Avri Doria >>>>>> Cc: Thick Whois >>>>>> Subject: Re: [gnso-thickwhoispdp-wg] missing recommendation in >>>>>> 7.1 >>>>>> >>>>>> i think maybe i need to put all the stuff in one post. >>>>>> >>>>>> 1) we put a big-R recommendation to do >> the legal review in 7.1. here's the language that Volker proposed >> with some rough draft "sequence" language in brackets. >>>>>> >>>>>>> We recommend that the ICANN Board >> request an independent legal review to be undertaken [before >> transition to thick whois] on the privacy implications of a transfer >> of registrant data between jurisdictions. >>>>>> >>>>>> 2) we beef up the body of the report to >> support that recommendation -- the language is already there, i just >> think it ought to be moved down into a more recommendation-focused >> paragraph. again rough-draft "sequence" language in brackets. >>>>>> >>>>>>> page 30: "Again, these questions must >> be explored in more depth by ICANN Staff [before transition to thick >> whois], starting with the General Counsel's Office, and by the >> community. As an added benefit, analyses concerning change of >> applicable laws with respect to transition from a thin to a thick >> environment also may prove valuable in the event of changes in a >> registry's management, presumably an increasing likelihood given the >> volume of new gTLDs on the horizon." >>>>>> >>>>>> 3) we put a version of your little-r recommendation in section >>>>>> 7.3 >>>>>> >>>>>>> The WG discussed many of the issues >> involved in moving from having a registration currently governed under >> the privacy rules by one jurisdiction in a thick whois to another >> jurisdiction, the jurisdiction of the Registry in a thick whois. The >> WG did not feel it was competent to fully discuss these privacy issues >> and was not able to fully separate the privacy issues involved in such >> a move from the general privacy issues that need to be resolved in >> Whois. there was also concern with intersection with other related >> Privacy issues that ICANN currently needs to work on. The Working >> group therefore makes the following recommendation: >>>>>>> >>>>>>> . We recommend that the ICANN Board >> request a GNSO issues report to cover the issue of Privacy as related >> to WHOIS and other related GNSO policies. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Sep 20, 2013, at 9:24 AM, Avri Doria <avri@xxxxxxx> wrote: >>>>>> >>>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> All lovely ideas, but they don't meet >> the need to put the privacy issues on the front burner. >>>>>>> >>>>>>> avri >>>>>>> >>>>>>> On 20 Sep 2013, at 09:24, Mike O'Connor wrote: >>>>>>> >>>>>>>> [hijacking this thread back to its original topic] >>>>>>>> >>>>>>>> hi Avri, >>>>>>>> >>>>>>>> i, for one, think turnabout on the way >> to consensus is one of the very best things about ICANN. thanks Avri >>>>>>>> >>>>>>>> here's language describing that legal >> review as it stands (this is the last paragraph of Discussion section >> of 5.5 Data Protection >>>>>>>> >>>>>>>> page 30: "Again, these questions must >> be explored in more depth by ICANN Staff, starting with the General >> Counsel's Office, and by the community. As an added benefit, analyses >> concerning change of applicable laws with respect to transition from a >> thin to a thick environment also may prove valuable in the event of >> changes in a registry's management, presumably an increasing >> likelihood given the volume of new gTLDs on the horizon." >>>>>>>> >>>>>>>> i *think* that's the only place it >> shows up in the current draft, which means that while we worked hard >> on the language, it's not really a recommendation right now and kindof >> buried down in the details. it's also vague on the sequencing -- but >> i have been presuming that the legal review would have to happen >> before the conversion and would be comfortable clarifying that. >>>>>>>> >>>>>>>> from a report-drafting standpoint if we >> pursue this direction, i think we'd want to do a few minor revisions >> to provide support for that big-R recommendation that's being >> proposed. >>>>>>>> >>>>>>>> - clarify that sequence >>>>>>>> >>>>>>>> - move that paragraph from the >> "Discussion" section of 5.5 down to the "Conclusions" section to >> provide stronger underpinnings for the recommendation >>>>>>>> >>>>>>>> all pretty easy to do from a mechanical >> report-drafting point of view, if the group agrees on that approach. >>>>>>>> >>>>>>>> good work. carry on, >>>>>>>> >>>>>>>> mikey >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On Sep 19, 2013, at 10:47 AM, Avri Doria <avri@xxxxxxx> wrote: >>>>>>>> >>>>>>>>> >>>>>>>>> Hi, >>>>>>>>> >>>>>>>>> Forgive me for doing this bit of >> turnabout: is this legal review something that would occur before the >> thick whois for incumbent registries was put into effect? >>>>>>>>> >>>>>>>>> At first blush, if this was combined >> with a 7.3. recommendation for a full Issues report, I might be able >> to accept it and convince the NCSG that this was a good compromise. >>>>>>>>> >>>>>>>>> thanks >>>>>>>>> >>>>>>>>> avri >>>>>>>>> >>>>>>>>> >>>>>>>>> On 19 Sep 2013, at 11:14, Volker Greimann wrote: >>>>>>>>> >>>>>>>>>> Hi all, >>>>>>>>>> >>>>>>>>>> I still find Avri's proposed language >> too broad, so I tried my hand at a quick rewrite. Probably still needs >> a little fiddling, but more in the direction what I could support, >> although putting this into 7.1 is a bit iffy to me. >>>>>>>>>> The WG discussed many of the issues >> involved in moving from having a registration currently governed under >> the privacy rules by one jurisdiction in a thin whois to another >> jurisdiction, the jurisdiction of the Registry in a thick whois. The >> WG did not feel it was competent to reach a final conclusion on these >> issues involving international privacy laws. >>>>>>>>>> The Working group therefore makes the following recommendation: >>>>>>>>>> >>>>>>>>>> . We recommend that the ICANN Board request an independent >>>>>>>>>> legal review >> to be undertaken on the privacy implications of a transfer of >> registrant data between jurisdictions. >>>>>>>>>> Reasons: If we could not find >> ourselves competent to decide a small matter like the transfer of >> private data, how can we expect another PDP to tackle an even broader >> issue of privacy issues surrounding WHOIS in general? For the purposes >> of this WG, the determination that we were unable to reach a final >> conclusion on could and should be resolved by independent counsel. >>>>>>>>>> >>>>>>>>>> While a new PDP on WHOIS and privacy >> issues is certainly something worth considering and something I would >> welcome, I do not feel that this WG needs to make that recommendation >> as it would be much broader than the smaller issue we were tasked to tackle. >>>>>>>>>> >>>>>>>>>> Volker >>>>>>>>>> >>>>>>>>>>> Hi, >>>>>>>>>>> >>>>>>>>>>> For me this needs to be a >> Recommendation (7.1, big R), not an extra consideration. This issue >> was within the purview of the group and the group bailed on it for >> lack of capability. Fine, then lets step and recommend that those >> that have the >> capability do so. In this age of world >> attention on privacy issues, I can't beleive we are still dancing >> around the point. >>>>>>>>>>> >>>>>>>>>>> I am currently working on getting >> the NCSG to endorse this. As the alternate chair of the NCSG Policy >> committee I beleive this is something that will be supported by the >> NCSG. I will personally submit a minority position and work to get >> the NCSG to endorse it, if this recommendation is not included in 7.1. >> For myself at this point, I will reject the entire report without >> this, as the report is incomplete without this as a primary >> Recommendation. To my mind NCSG would be shirking it responsibilities >> if we let this report go out without such a recommendation. >>>>>>>>>>> >>>>>>>>>>> Incidentally, my impression from the >> list discussion was that there was support, but that wording needed >> changing. It was changed. >>>>>>>>>>> >>>>>>>>>>> I understand that there are those >> who may be playing divide and conquer games behind the scenes, >> claiming that my position will hurt NCSG's reputation. I have bcc'e d >> the NCSG on this note so that they themselves can determine if it is >> reputation damaging. There are others who are are cynically claiming >> that I am going against the bottom-up model by insisting on privacy >> considerations. I reject those claims. >>>>>>>>>>> >>>>>>>>>>> avri >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On 19 Sep 2013, at 10:25, Mike O'Connor wrote: >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>> hi all, >>>>>>>>>>>> >>>>>>>>>>>> i may have been the culprit >> here. Avri, my interpretation of the desultory conversation on the >> list was that there >> *wasn't* much support for the idea. and then when you didn't show up >> on last week's call to pitch/push it, i forgot to bring it up. my bad >> -- sorry about that. >>>>>>>>>>>> >>>>>>>>>>>> let's try to have a vigorous >> conversation about this on the list, and drive to a conclusion on the >> call next week. >>>>>>>>>>>> >>>>>>>>>>>> Avri, you and i had a one-to-one >> email exchange about this and i suggested that this recommendation >> might fit better, and be more widely accepted, if it was in the >> privacy and data protection part of our report (Section 7.3). could >> you give us an indication of whether acceptance of this version of the >> recommendation is required? in more casual terms, is there any wiggle >> room here? i think it would be helpful for the rest of the group to >> know the framework for the conversation. >>>>>>>>>>>> >>>>>>>>>>>> carry on folks, >>>>>>>>>>>> >>>>>>>>>>>> mikey >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> On Sep 18, 2013, at 6:39 PM, Avri Doria <avri@xxxxxxx> >>>>>>>>>>>> wrote: >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>>> Hi, >>>>>>>>>>>>> >>>>>>>>>>>>> I was disappointed to not see the >> recommendation for the Issues report included >> in 7.1. I thought we had discussed it on >> this list and thee had been little opposition, >> though there was some. I cannot support this >> report with a strong recommendation for follow >> on work on the Privacy issues. And, contrary >> to what others may beleive, I do not see any >> such work currently ongoing in ICANN. I think >> it i s unfortunate that we keep pushing off >> this work and are not willing to face it >> directly. I beleive I have the support of >> others in the NCSG, though the content of a >> minority statement has yet to be decided on. >>>>>>>>>>>>> >>>>>>>>>>>>> While still somewhat inadequate, I >> am ready to argue for going along with >> consensus on this document if the following is included in 7.1: >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> The WG discussed many of the >> issues involved in moving from having a >> registration currently governed under the >> privacy rules by one jurisdiction in a thick >> whois to another jurisdiction, the jurisdiction >> of the Registry in a thick whois. The WG did >> not feel it was competent to fully discuss >> these privacy issues and was not able to fully >> separate the privacy issues involved in such a >> move from the general privacy issues that need >> to be resolved in Whois. there was also >> concern with intersection with other related >> Privacy issues that ICANN currently needs to >> work on. The Working group therefore makes the following recommendation: >>>>>>>>>>>>> >>>>>>>>>>>>> . We recommend that the ICANN >> Board request a GNSO issues report to cover the >> issue of Privacy as related to WHOIS and other related GNSO policies. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Thanks >>>>>>>>>>>>> >>>>>>>>>>>>> avri >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> PHONE: 651-647-6109, FAX: 866-280-2356, WEB: >>>>>>>>>>>> www.haven2.com >>>>>>>>>>>> , HANDLE: OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.) >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung. >>>>>>>>>> >>>>>>>>>> Mit freundlichen Grüßen, >>>>>>>>>> >>>>>>>>>> Volker A. Greimann >>>>>>>>>> - Rechtsabteilung - >>>>>>>>>> >>>>>>>>>> Key-Systems GmbH >>>>>>>>>> Im Oberen Werk 1 >>>>>>>>>> 66386 St. Ingbert >>>>>>>>>> Tel.: +49 (0) 6894 - 9396 901 >>>>>>>>>> Fax.: +49 (0) 6894 - 9396 851 >>>>>>>>>> Email: >>>>>>>>>> vgreimann@xxxxxxxxxxxxxxx >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Web: >>>>>>>>>> www.key-systems.net / www.RRPproxy.net >>>>>>>>>> www.domaindiscount24.com / www.BrandShelter.com >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook: >>>>>>>>>> >>>>>>>>>> www.facebook.com/KeySystems >>>>>>>>>> www.twitter.com/key_systems >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Geschäftsführer: Alexander Siffrin >>>>>>>>>> Handelsregister Nr.: HR B 18835 - Saarbruecken >>>>>>>>>> Umsatzsteuer ID.: DE211006534 >>>>>>>>>> >>>>>>>>>> Member of the KEYDRIVE GROUP >>>>>>>>>> >>>>>>>>>> www.keydrive.lu >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Der Inhalt dieser Nachricht ist >> vertraulich und nur für den angegebenen >> Empfänger bestimmt. Jede Form der Kenntnisgabe, >> Veröffentlichung oder Weitergabe an Dritte >> durch den Empfänger ist unzulässig. Sollte >> diese Nachricht nicht für Sie bestimmt sein, so >> bitten wir Sie, sich mit uns per E-Mail oder >> telefonisch in Verbindung zu setzen. >>>>>>>>>> >>>>>>>>>> -------------------------------------------- >>>>>>>>>> >>>>>>>>>> Should you have any further >> questions, please do not hesitate to contact us. >>>>>>>>>> >>>>>>>>>> Best regards, >>>>>>>>>> >>>>>>>>>> Volker A. Greimann >>>>>>>>>> - legal department - >>>>>>>>>> >>>>>>>>>> Key-Systems GmbH >>>>>>>>>> Im Oberen Werk 1 >>>>>>>>>> 66386 St. Ingbert >>>>>>>>>> Tel.: +49 (0) 6894 - 9396 901 >>>>>>>>>> Fax.: +49 (0) 6894 - 9396 851 >>>>>>>>>> Email: >>>>>>>>>> vgreimann@xxxxxxxxxxxxxxx >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Web: >>>>>>>>>> www.key-systems.net / www.RRPproxy.net >>>>>>>>>> www.domaindiscount24.com / www.BrandShelter.com >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Follow us on Twitter or join our fan >> community on Facebook and stay updated: >>>>>>>>>> >>>>>>>>>> www.facebook.com/KeySystems >>>>>>>>>> www.twitter.com/key_systems >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> CEO: Alexander Siffrin >>>>>>>>>> Registration No.: HR B 18835 - Saarbruecken >>>>>>>>>> V.A.T. ID.: DE211006534 >>>>>>>>>> >>>>>>>>>> Member of the KEYDRIVE GROUP >>>>>>>>>> >>>>>>>>>> www.keydrive.lu >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> This e-mail and its attachments is >> intended only for the person to whom it is >> addressed. Furthermore it is not permitted to >> publish any content of this email. You must not >> use, disclose, copy, print or rely on this >> e-mail. If an addressing or transmission error >> has misdirected this e-mail, kindly notify the >> author by replying to this e-mail or contacting us by telephone. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> PHONE: 651-647-6109, FAX: 866-280-2356, >> WEB: www.haven2.com, HANDLE: OConnorStP (ID for >> Twitter, Facebook, LinkedIn, etc.) >>>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> PHONE: 651-647-6109, FAX: 866-280-2356, >> WEB: www.haven2.com, HANDLE: OConnorStP (ID for >> Twitter, Facebook, LinkedIn, etc.) >>>>>> >>>>> >>>>> >>>>> PHONE: 651-647-6109, FAX: 866-280-2356, >> WEB: www.haven2.com, HANDLE: OConnorStP (ID for >> Twitter, Facebook, LinkedIn, etc.) >>>>> >>>> >>>> >>>> PHONE: 651-647-6109, FAX: 866-280-2356, WEB: >> www.haven2.com, HANDLE: OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.) >>>> >>>> >>> >> >> >> PHONE: 651-647-6109, FAX: 866-280-2356, WEB: >> www.haven2.com, HANDLE: OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.) >> >> > > PHONE: 651-647-6109, FAX: 866-280-2356, WEB: www.haven2.com, HANDLE: OConnorStP (ID for Twitter, Facebook, LinkedIn, etc.) Attachment:
smime.p7s
|