All the points raised have been in discussion in the EWG. Some of the ideas here about treating the access issues have also been introduced. The core idea is that use cases are consistent with safeguarding the stability and security and retention of user confidence in the DNS. Thus any nextgen RDS must, at minumum, meet these obligations even as it addresses the existing vexed disabilities. That said and for clarification, the EWG is generally wary of adopting a coloration that could be construed as promoting implementation schemes or usurping those responsibilities. Rather, its objective is to clearly expound the principles that must undergird the nextgen registration data services and deliver those to the PDP process via the ICANN Board. We are also very keen to ensure clarity of our thinking is communicated, especially for the more controversial issues. So after much argument, a very strong consensus was adopted. We collectively accepted that in instances where details that could reasonably be inferred as design criteria are necessary to full understanding of a proposal, the clarity objective supercede all others. The rationale for an aggregated gTLD registration database rests on five (5) compelling principles: 1. That registration data elements meet defined accuracy standards across all domains 2. That there must be universal access to a small defined core set of data elements for each and every registration 3. That a data privacy regime of sufficient malleability be adopted for implementation in keeping with existing legal privacy frameworks across all domains 4. That access to all other data elements beyond the core set available for universal access be restricted and only allowed based on adjudicated need across all domains 5. An authoritative third party compliance mechanism is enabled to ensure 1 - 4 Now, are there other principles that should be embraced? Maybe. Let us be clear, these are open for revision and extension. Obviously, agency is critical to implementation. I am pleased to see recognized here the distinction between the logical and physical database and, even the likely implementation scenarios surrounding, placement being just one. Yes, cross-border jurisdictional issues and asymmetric privacy regimes in respect of multi-modal access will be impactful and are also critical considerations. Working groups have been raised to 'deep dive' these matters and I'm co-opted to both. We meet in DC Aug 27-30 to advance the work. I am also co-opted -Carlton ============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* ============================= On Sun, Aug 4, 2013 at 8:25 PM, Roberto Gaetano <roberto_gaetano@hotmail.com
wrote:
Holly, This is where the ALAC advice can be different from the WG members' advice. While the WG might be struggling with implementation issues, ALAC, being an advisory body on *policy* and not on *implementation*, shall concentrate on the requirements for the database. In short, we can require that the data shall be retrieved only via the interface. Or set benchmark criteria. I don't believe we can get into geopolitics, and name countries that should not "own" the database. As for the technical solution, whether the database is located in a country that has specific privacy rights prevailing over judge orders, or whether the database is split in parts that are distributed in different countries so that no one country can have the full information on any registrant, that is beyond our mandate. Long story short, I agree with your approach. Cheers, R.
PS: At some point in time we need to deal also with the fact that EU laws prohibit the transfer of personal data outside Europe without the consent of the registrant
-----Messaggio originale----- Da: at-large-bounces@atlarge-lists.icann.org [mailto:at-large- bounces@atlarge-lists.icann.org] Per conto di Holly Raiche Inviato: lunedì 5 agosto 2013 02:37 A: At-Large Worldwide Oggetto: Re: [At-Large] R: Implementing WHOIS Requirements per RAA 2013
Thank you Karl and Roberto for your comments
Roberto, the location of the ARDS is absolutely front and centre as an issue. Some of the immediate comments I heard was to insist the database NOT be located in the US (followed by a long list of other undesirable locations). I would imagine places like Geneva or Brussels (or Finland) would be more easily accepted. But I think the better solution is to describe the venue in terms of strict and enforceable (and enforced) privacy laws. - set benchmark criteria at the least.
Other issues that were discussed on the day included enforcement - by whom (ICANN's compliance department has not covered itself with glory on this one), and defining who can have access to what data.
Holly
On 05/08/2013, at 10:13 AM, Roberto Gaetano wrote:
I can provide one point for thoughts, that ALAC might think to include in the feedback. During the presentation, and in the text of the report, there is a description of how to design access to data in a way that it will be dependent on the rights the accessing entity has. However, there is one entity that might gain full access to all data, and this is the government of the country where the database will be physically located. I had a chat with Michele on this, and he assured me that this is one point that came already out, and will be discussed to find an acceptable solution. I have no clue about the dynamics of the WG, I am sure, knowing Carlton, that our points have been expressed loudly, but maybe a little help from an official ALAC statement can help. Let's put it this way: other constituencies and stakeholder groups will not be shy in making statements that will push further their opinion and needs, beyond what was the acceptable consensus of the WG: why should ALAC avoid providing feedback? Michele is absolutely right when he calls for further input, he knows some will speak up anyway, it is fair if all do. Elaborating on the localization of the database, that we know is an issue, is there something we can suggest? We do not need to provide the technical solution, but can we spell out the requirements for making sure that no specific entity will be more equal than others? Cheers, Roberto
-----Messaggio originale----- Da: at-large-bounces@atlarge-lists.icann.org [mailto:at-large- bounces@atlarge-lists.icann.org] Per conto di Holly Raiche Inviato: domenica 4 agosto 2013 23:08 A: At-Large Worldwide Oggetto: Re: [At-Large] Implementing WHOIS Requirements per RAA 2013
Hi Carlton
Thanks for this.
My one concern about ALAC not developing its own input is that, at the GNSO meeting Evan and I attended (and where Michele presented), he specifically asked, indeed pleaded for feedback from everyone.
I am sure that you will be taking the views that we have discussed to the EWG. But I think my question is whether it would not make sense to have official ALAC input on this particular proposal. It is different enough so that ALAC statements in the past are not applicable to this proposal. And, as the discussion between Garth, you, Evan, Rinalia and I showed in Durban, there are different views on the proposal within ALAC.
For example, should we give the many reforms to the RAA a chance to work first? Should compliance be left to the compliance area within ICANN or to this new proposed ARDS? And what happens to the RAA requirements on verification if the ARDS takes over that function, as well as being the gatekeeper for access to data. It is a new road with much to commend it but, as our discussions showed, some real reservations, and some real differences even within ALAC.
I trust you to reflect those differences, but worry that you don't have official ALAC statements to support what you are saying.
Just please keep us informed of ongoing discussions.
Thanks
Holly
On 05/08/2013, at 6:23 AM, Carlton Samuels wrote:
Hi Holly: I should think not; this was an advisory and in any event, we have spoken often and endorsed the collection of the entire dataset as defined in the specs.
Regarding the EWG work, there was talk of placing an official ALAC response to invitation for comments. Since I'm a member of the EWG, speaking aloud to myself might very well be considered just desserts in some quarters and as such not to be encouraged. So I will exempt myself from that process.
Best, -Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
On Thu, Aug 1, 2013 at 10:46 PM, Holly Raiche <h.raiche@internode.on.net>wrote:
Hi Carlton
It doesn't look like they are looking for any input from anyone - except registrars. Am I right?
And a related question - is ALAC making a statement of the EWG Initial Report. I don't see anything on the policy page, but my understanding was that they were looking for feedback?
Holly On 02/08/2013, at 2:50 AM, Carlton Samuels wrote:
> See the details here: > http://www.icann.org/en/news/announcements/announcement- 31jul13-en.h > tm > > -Carlton > > ============================== > Carlton A Samuels > Mobile: 876-818-1799 > *Strategy, Planning, Governance, Assessment & Turnaround* > ============================= > _______________________________________________ > At-Large mailing list > At-Large@atlarge-lists.icann.org > https://atlarge-lists.icann.org/mailman/listinfo/at-large > > At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org