[gnso-thickwhoispdp-wg] A way forward?
All, Looking at the different emails that have gone back and forth in the last couple of days / weeks, what if we take a step back and look at the facts: * Thick gTLD registries are in operation for many years * The transition of .org from thin to thick happened without any significant privacy issues being raised * All new gTLD registries will operate under the thick Whois model * Many of the parties directly affected by a requirement for thick Whois are participating in this WG * Public comment forums and public consultations have been held on the proposed recommendation and report * No one has been able to formulate a concrete example / hypothesis of what potential privacy issues may arise as the result of the transition from thin to thick * Most of us are not legal and/or privacy experts, so we may have missed something At the same time: * The WG is recommending that an Implementation Review Team is created to consisting of experts from the parties that will be most affected by this transition, together with ICANN Staff, to work out the details of the implementation & transition plans. * The PDP Manual foresees that 'if the proposed implementation is considered inconsistent with the GNSO Council's recommendations, the GNSO Council may notify the Board and requests that the Board review the proposed implementation. Until the Board has considered the GNSO Council request, ICANN Staff should refrain from implementing the policy'. * The EWG memo on data protection considerations provides concrete legal guidance in relation to transfer of data requirements So how if we would translate all this, taken together with the suggestions that have been raised on the mailing list, into a recommendation along the following lines: The WG recommends that as part of the implementation process due consideration is given to potential privacy issues that may arise from the discussions on the transition from thin to thick Whois, including, for example, guidance on how the long-standing contractual requirement that registrars give notice to, and obtain consent, from each registrant for uses of any personally identifiable data submitted by the registrant should apply to registrations involved in the transition. Should any privacy issues emerge from these transition discussions that were not anticipated by the WG and which would require additional policy consideration, the Implementation Review Team is expected to notify the GNSO Council of these so that appropriate action can be taken. Furthermore, should the WG be of the view that it would be helpful to call this issue out one more time to allow experts to come forward with concrete examples of privacy issues in relation to the transition, you may want to consider asking the Board to call this specific issue out when it notifies the GAC of its intention to consider these recommendations, as well as in the public comment forum that would follow after the adoption of the recommendations by the GNSO Council. This would have as an advantage that any issues raised as a result could be referred back to the GNSO Council / WG before adoption by the ICANN Board. For example: The WG recommends that following the adoption of this report and recommendations by the GNSO Council, the subsequent public comment forum (prior to Board consideration) as well as the notification by the ICANN Board to the GAC, specifically requests input on any considerations related to the transition from thin to thick Whois that would need to be taken into account as part of the implementation process. I hope you consider these suggestions constructive in trying to move forward on our work while at the same time recognising some of the concerns expressed and ensuring that there are fall-back options built into the next steps of the process. I look forward to receiving your feedback. Marika Attachment:
smime.p7s
|