hi all, please find the EPDP update of last week. Happy to answer questions. Best Regards, Rafik
Thanks, Rafik. Have a couple of questions from your update: · What is the deadline for EPDP members to complete the training? · You noted the project is behind, and I see the items highlighted in yellow as “manageable delay/issue.” You agree that these are manageable? I wasn’t sure from your update. Thanks, Darcy From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org> Subject: [council] EPDP Weekly update hi all, please find the EPDP update of last week. Happy to answer questions. Best Regards, Rafik
I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless." Ayden On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com> wrote:
Thanks, Rafik. Have a couple of questions from your update:
· What is the deadline for EPDP members to complete the training?
· You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update.
Thanks,
Darcy
From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org> Subject: [council] EPDP Weekly update
hi all,
please find the EPDP update of last week. Happy to answer questions.
Best Regards,
Rafik
To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September. Best regards, Marika From: council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday, September 11, 2018 at 12:03 To: "darcy.southwell@endurance.com" <darcy.southwell@endurance.com>, 'Rafik Dammak' <rafik.dammak@gmail.com>, 'Council GNSO' <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless." Ayden On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>> wrote: Thanks, Rafik. Have a couple of questions from your update: • What is the deadline for EPDP members to complete the training? • You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update. Thanks, Darcy From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org> Subject: [council] EPDP Weekly update hi all, please find the EPDP update of last week. Happy to answer questions. Best Regards, Rafik
Thank you for the response, Marika. I have shared two emails on the EPDP team list over the past 24 hours regarding the GDPR training, neither of which you responded to. I suspect if you posted this same message there, there would be a high level of disagreement between EPDP members and ICANN org over the approach that you seem to think was endorsed by the EPDP team. Check the transcript. On 7 August I initially requested GDPR training, and a week later, Stephanie Perrin made the request too. As you might recall, the Council also discussed this matter when drafting the charter for the EPDP. The need for training had been raised by Martin, myself, and supported by others. Why, then, was the request only actioned when requested by RySG a month later? It is true that the EPDP team was made aware of the names of two providers on the call of 6 September. We were not, however, consulted on the course itself or its contents, and no details were forthcoming. Again, check the Adobe Connect chat and the questions that were ignored and the short responses given. I personally visited the website of ITgovernance after its name was circulated and no where on the homepage or on their GDPR training page did I find this £20 course. I don’t see it there today either. I saw and continue to see more comprehensive options. We attempted to clarify with ICANN staff that we were getting a course that would offer at least “three-four hours” of training but received no response. Ultimately staff have selected one which is supposed to take 45 minutes but can be breezed through in 15. As for the course being shared with the EPDP team leadership, perhaps that was so, but they did not share it with EPDP members and neither member of the leadership team are themselves GDPR experts. Perhaps they should have consulted with EDPD members before this course was procured. I had actually suggested to the Council liaison that this happen, but it did not. The course is not adequate and should never have been purchased. —Ayden
On 11 Sep 2018, at 20:17, Marika Konings <marika.konings@icann.org> wrote:
To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September.
Best regards,
Marika
From: council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday, September 11, 2018 at 12:03 To: "darcy.southwell@endurance.com" <darcy.southwell@endurance.com>, 'Rafik Dammak' <rafik.dammak@gmail.com>, 'Council GNSO' <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless."
Ayden
On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com> wrote:
Thanks, Rafik. Have a couple of questions from your update:
· What is the deadline for EPDP members to complete the training?
· You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update.
Thanks,
Darcy
From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org> Subject: [council] EPDP Weekly update
hi all,
please find the EPDP update of last week. Happy to answer questions.
Best Regards,
Rafik
Ayden, staff has not selected anything, that is not within our remit. We investigated the options and implemented the option that was selected by the EPDP leadership team. Also note that the request for GDPR training was not confirmed by the EPDP Team until its meeting on 28 August (see action items). Best regards, Marika From: Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday, September 11, 2018 at 12:39 To: Marika Konings <marika.konings@icann.org> Cc: "darcy.southwell@endurance.com" <darcy.southwell@endurance.com>, Rafik Dammak <rafik.dammak@gmail.com>, Council GNSO <council@gnso.icann.org> Subject: [Ext] Re: [council] EPDP Weekly update Thank you for the response, Marika. I have shared two emails on the EPDP team list over the past 24 hours regarding the GDPR training, neither of which you responded to. I suspect if you posted this same message there, there would be a high level of disagreement between EPDP members and ICANN org over the approach that you seem to think was endorsed by the EPDP team. Check the transcript. On 7 August I initially requested GDPR training, and a week later, Stephanie Perrin made the request too. As you might recall, the Council also discussed this matter when drafting the charter for the EPDP. The need for training had been raised by Martin, myself, and supported by others. Why, then, was the request only actioned when requested by RySG a month later? It is true that the EPDP team was made aware of the names of two providers on the call of 6 September. We were not, however, consulted on the course itself or its contents, and no details were forthcoming. Again, check the Adobe Connect chat and the questions that were ignored and the short responses given. I personally visited the website of ITgovernance after its name was circulated and no where on the homepage or on their GDPR training page did I find this £20 course. I don’t see it there today either. I saw and continue to see more comprehensive options. We attempted to clarify with ICANN staff that we were getting a course that would offer at least “three-four hours” of training but received no response. Ultimately staff have selected one which is supposed to take 45 minutes but can be breezed through in 15. As for the course being shared with the EPDP team leadership, perhaps that was so, but they did not share it with EPDP members and neither member of the leadership team are themselves GDPR experts. Perhaps they should have consulted with EDPD members before this course was procured. I had actually suggested to the Council liaison that this happen, but it did not. The course is not adequate and should never have been purchased. —Ayden On 11 Sep 2018, at 20:17, Marika Konings <marika.konings@icann.org<mailto:marika.konings@icann.org>> wrote: To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September. Best regards, Marika From: council <council-bounces@gnso.icann.org<mailto:council-bounces@gnso.icann.org>> on behalf of Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Reply-To: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Date: Tuesday, September 11, 2018 at 12:03 To: "darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>" <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>>, 'Rafik Dammak' <rafik.dammak@gmail.com<mailto:rafik.dammak@gmail.com>>, 'Council GNSO' <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: Re: [council] EPDP Weekly update I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless." Ayden On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>> wrote: Thanks, Rafik. Have a couple of questions from your update: • What is the deadline for EPDP members to complete the training? • You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update. Thanks, Darcy From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: [council] EPDP Weekly update hi all, please find the EPDP update of last week. Happy to answer questions. Best Regards, Rafik
Please can you share the advice that staff provided the leadership team with, in order to evaluate the various options. Thank you. Ayden
On 11 Sep 2018, at 20:49, Marika Konings <marika.konings@icann.org> wrote:
Ayden, staff has not selected anything, that is not within our remit. We investigated the options and implemented the option that was selected by the EPDP leadership team. Also note that the request for GDPR training was not confirmed by the EPDP Team until its meeting on 28 August (see action items).
Best regards,
Marika
From: Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday, September 11, 2018 at 12:39 To: Marika Konings <marika.konings@icann.org> Cc: "darcy.southwell@endurance.com" <darcy.southwell@endurance.com>, Rafik Dammak <rafik.dammak@gmail.com>, Council GNSO <council@gnso.icann.org> Subject: [Ext] Re: [council] EPDP Weekly update
Thank you for the response, Marika. I have shared two emails on the EPDP team list over the past 24 hours regarding the GDPR training, neither of which you responded to. I suspect if you posted this same message there, there would be a high level of disagreement between EPDP members and ICANN org over the approach that you seem to think was endorsed by the EPDP team.
Check the transcript. On 7 August I initially requested GDPR training, and a week later, Stephanie Perrin made the request too. As you might recall, the Council also discussed this matter when drafting the charter for the EPDP. The need for training had been raised by Martin, myself, and supported by others. Why, then, was the request only actioned when requested by RySG a month later?
It is true that the EPDP team was made aware of the names of two providers on the call of 6 September. We were not, however, consulted on the course itself or its contents, and no details were forthcoming. Again, check the Adobe Connect chat and the questions that were ignored and the short responses given. I personally visited the website of ITgovernance after its name was circulated and no where on the homepage or on their GDPR training page did I find this £20 course. I don’t see it there today either. I saw and continue to see more comprehensive options. We attempted to clarify with ICANN staff that we were getting a course that would offer at least “three-four hours” of training but received no response. Ultimately staff have selected one which is supposed to take 45 minutes but can be breezed through in 15.
As for the course being shared with the EPDP team leadership, perhaps that was so, but they did not share it with EPDP members and neither member of the leadership team are themselves GDPR experts. Perhaps they should have consulted with EDPD members before this course was procured. I had actually suggested to the Council liaison that this happen, but it did not.
The course is not adequate and should never have been purchased.
—Ayden
On 11 Sep 2018, at 20:17, Marika Konings <marika.konings@icann.org> wrote:
To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September.
Best regards,
Marika
From: council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday, September 11, 2018 at 12:03 To: "darcy.southwell@endurance.com" <darcy.southwell@endurance.com>, 'Rafik Dammak' <rafik.dammak@gmail.com>, 'Council GNSO' <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless."
Ayden
On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com> wrote:
Thanks, Rafik. Have a couple of questions from your update:
· What is the deadline for EPDP members to complete the training?
· You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update.
Thanks,
Darcy
From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org> Subject: [council] EPDP Weekly update
hi all,
please find the EPDP update of last week. Happy to answer questions.
Best Regards,
Rafik
Hi, We chose training options that could deliver training quickly, provide a product that graduated in complexity over time, and would be flexible/adaptable to meet the audience needs. We are currently about a third of the way through the existing plan and additional lectures can be provided. Attached is the table of options that was developed. Since time is of the essence and we did not want to spend $800 per person without a (time-taking) study to test the quality, we chose the 45-minute option + a session by Becky Burr because it was: a) timely and flexible (Becky can adapt the presentation). It was also considerably cheaper than the IAPP 30-minute option. (Evidently, IAPP does not negotiate the pricing.) As the Charter requires that members possess a working/basic understanding of GDPR. All members must commit to participating in the training selected for the EPDP Team to ensure knowledge adequate to effectively participate in the EPDP. I want to remind that we also have another provision in the charter to get independent experts if deemed necessary to complement what we have in EPDP team. We recommend that we complete the currently plotted course of study. In the meantime, the leadership and support team continues to reach out to experts in the area to augment this training if required. Best, Rafik Le mer. 12 sept. 2018 à 04:03, Ayden Férdeline <icann@ferdeline.com> a écrit :
Please can you share the advice that staff provided the leadership team with, in order to evaluate the various options. Thank you.
Ayden
On 11 Sep 2018, at 20:49, Marika Konings <marika.konings@icann.org> wrote:
Ayden, staff has not selected anything, that is not within our remit. We investigated the options and implemented the option that was selected by the EPDP leadership team. Also note that the request for GDPR training was not confirmed by the EPDP Team until its meeting on 28 August (see action items).
Best regards,
Marika
*From: *Ayden Férdeline <icann@ferdeline.com> *Reply-To: *Ayden Férdeline <icann@ferdeline.com> *Date: *Tuesday, September 11, 2018 at 12:39 *To: *Marika Konings <marika.konings@icann.org> *Cc: *"darcy.southwell@endurance.com" <darcy.southwell@endurance.com>, Rafik Dammak <rafik.dammak@gmail.com>, Council GNSO < council@gnso.icann.org> *Subject: *[Ext] Re: [council] EPDP Weekly update
Thank you for the response, Marika. I have shared two emails on the EPDP team list over the past 24 hours regarding the GDPR training, neither of which you responded to. I suspect if you posted this same message there, there would be a high level of disagreement between EPDP members and ICANN org over the approach that you seem to think was endorsed by the EPDP team.
Check the transcript. On 7 August I initially requested GDPR training, and a week later, Stephanie Perrin made the request too. As you might recall, the Council also discussed this matter when drafting the charter for the EPDP. The need for training had been raised by Martin, myself, and supported by others. Why, then, was the request only actioned when requested by RySG a month later?
It is true that the EPDP team was made aware of the names of two providers on the call of 6 September. We were not, however, consulted on the course itself or its contents, and no details were forthcoming. Again, check the Adobe Connect chat and the questions that were ignored and the short responses given. I personally visited the website of ITgovernance after its name was circulated and no where on the homepage or on their GDPR training page did I find this £20 course. I don’t see it there today either. I saw and continue to see more comprehensive options. We attempted to clarify with ICANN staff that we were getting a course that would offer at least “three-four hours” of training but received no response. Ultimately staff have selected one which is supposed to take 45 minutes but can be breezed through in 15.
As for the course being shared with the EPDP team leadership, perhaps that was so, but they did not share it with EPDP members and neither member of the leadership team are themselves GDPR experts. Perhaps they should have consulted with EDPD members before this course was procured. I had actually suggested to the Council liaison that this happen, but it did not.
The course is not adequate and should never have been purchased.
—Ayden
On 11 Sep 2018, at 20:17, Marika Konings <marika.konings@icann.org> wrote:
To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September.
Best regards,
Marika
*From: *council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> *Reply-To: *Ayden Férdeline <icann@ferdeline.com> *Date: *Tuesday, September 11, 2018 at 12:03 *To: *"darcy.southwell@endurance.com" <darcy.southwell@endurance.com>, 'Rafik Dammak' <rafik.dammak@gmail.com>, 'Council GNSO' < council@gnso.icann.org> *Subject: *Re: [council] EPDP Weekly update
I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless."
Ayden
On Tue, Sep 11, 2018 at 19:45, Darcy Southwell < darcy.southwell@endurance.com> wrote:
Thanks, Rafik. Have a couple of questions from your update:
· What is the deadline for EPDP members to complete the training?
· You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update.
Thanks, Darcy
*From:* council [mailto:council-bounces@gnso.icann.org <council-bounces@gnso.icann.org>] *On Behalf Of *Rafik Dammak *Sent:* Monday, September 10, 2018 10:31 AM *To:* Council GNSO <council@gnso.icann.org> *Subject:* [council] EPDP Weekly update
hi all,
please find the EPDP update of last week. Happy to answer questions.
Best Regards,
Rafik
A 30-minute course would not have been suitable either, so I am surprised this was even being considered. The EPDP team should have been consulted before this course was selected. We need training that addresses the very real skills gap that has delayed our work over the past few weeks; the 45-minute course that has been made available to us is too generic to be useful, and this should have been obvious to Leadership. —Ayden
On 12 Sep 2018, at 03:28, Rafik Dammak <rafik.dammak@gmail.com> wrote:
Hi,
We chose training options that could deliver training quickly, provide a product that graduated in complexity over time, and would be flexible/adaptable to meet the audience needs. We are currently about a third of the way through the existing plan and additional lectures can be provided.
Attached is the table of options that was developed. Since time is of the essence and we did not want to spend $800 per person without a (time-taking) study to test the quality, we chose the 45-minute option + a session by Becky Burr because it was: a) timely and flexible (Becky can adapt the presentation). It was also considerably cheaper than the IAPP 30-minute option. (Evidently, IAPP does not negotiate the pricing.)
As the Charter requires that members possess a working/basic understanding of GDPR. All members must commit to participating in the training selected for the EPDP Team to ensure knowledge adequate to effectively participate in the EPDP. I want to remind that we also have another provision in the charter to get independent experts if deemed necessary to complement what we have in EPDP team.
We recommend that we complete the currently plotted course of study. In the meantime, the leadership and support team continues to reach out to experts in the area to augment this training if required.
Best,
Rafik
Le mer. 12 sept. 2018 à 04:03, Ayden Férdeline <icann@ferdeline.com> a écrit :
Please can you share the advice that staff provided the leadership team with, in order to evaluate the various options. Thank you.
Ayden
On 11 Sep 2018, at 20:49, Marika Konings <marika.konings@icann.org> wrote:
Ayden, staff has not selected anything, that is not within our remit. We investigated the options and implemented the option that was selected by the EPDP leadership team. Also note that the request for GDPR training was not confirmed by the EPDP Team until its meeting on 28 August (see action items).
Best regards,
Marika
From: Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday, September 11, 2018 at 12:39 To: Marika Konings <marika.konings@icann.org> Cc: "darcy.southwell@endurance.com" <darcy.southwell@endurance.com>, Rafik Dammak <rafik.dammak@gmail.com>, Council GNSO <council@gnso.icann.org> Subject: [Ext] Re: [council] EPDP Weekly update
Thank you for the response, Marika. I have shared two emails on the EPDP team list over the past 24 hours regarding the GDPR training, neither of which you responded to. I suspect if you posted this same message there, there would be a high level of disagreement between EPDP members and ICANN org over the approach that you seem to think was endorsed by the EPDP team.
Check the transcript. On 7 August I initially requested GDPR training, and a week later, Stephanie Perrin made the request too. As you might recall, the Council also discussed this matter when drafting the charter for the EPDP. The need for training had been raised by Martin, myself, and supported by others. Why, then, was the request only actioned when requested by RySG a month later?
It is true that the EPDP team was made aware of the names of two providers on the call of 6 September. We were not, however, consulted on the course itself or its contents, and no details were forthcoming. Again, check the Adobe Connect chat and the questions that were ignored and the short responses given. I personally visited the website of ITgovernance after its name was circulated and no where on the homepage or on their GDPR training page did I find this £20 course. I don’t see it there today either. I saw and continue to see more comprehensive options. We attempted to clarify with ICANN staff that we were getting a course that would offer at least “three-four hours” of training but received no response. Ultimately staff have selected one which is supposed to take 45 minutes but can be breezed through in 15.
As for the course being shared with the EPDP team leadership, perhaps that was so, but they did not share it with EPDP members and neither member of the leadership team are themselves GDPR experts. Perhaps they should have consulted with EDPD members before this course was procured. I had actually suggested to the Council liaison that this happen, but it did not.
The course is not adequate and should never have been purchased.
—Ayden
On 11 Sep 2018, at 20:17, Marika Konings <marika.konings@icann.org> wrote:
To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September.
Best regards,
Marika
From: council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday, September 11, 2018 at 12:03 To: "darcy.southwell@endurance.com" <darcy.southwell@endurance.com>, 'Rafik Dammak' <rafik.dammak@gmail.com>, 'Council GNSO' <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless."
Ayden
On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com> wrote:
Thanks, Rafik. Have a couple of questions from your update:
· What is the deadline for EPDP members to complete the training?
· You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update.
Thanks, Darcy
From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org> Subject: [council] EPDP Weekly update
hi all,
please find the EPDP update of last week. Happy to answer questions.
Best Regards,
Rafik
<GDPR Training Options.docx>
Ayden I think your “ask” is at odds with what we discussed at length during the drafting of the ePDP’s charter. There was never any expectation that ICANN would provide and fund the kind of comprehensive and in depth GDPR training that you have been demanding. It is my understanding that it was agreed that a basic course like the one that has been identified be provided. That is being supplemented by Becky Burr. I also note that your posts on the ePDP mailing list go into greater detail about what you expect a course to cover and to be frank I’m amazed you’d think that ICANN would be the venue for this kind of training. (see https://mm.icann.org/pipermail/gnso-epdp-team/2018-September/000328.html ) It was discussed that “basic” training would be provided and I believe that this is being done. Also there is nothing to stop people independently seeking and getting their own supplemental training. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday 11 September 2018 at 19:39 To: Marika Konings <marika.konings@icann.org> Cc: Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update Thank you for the response, Marika. I have shared two emails on the EPDP team list over the past 24 hours regarding the GDPR training, neither of which you responded to. I suspect if you posted this same message there, there would be a high level of disagreement between EPDP members and ICANN org over the approach that you seem to think was endorsed by the EPDP team. Check the transcript. On 7 August I initially requested GDPR training, and a week later, Stephanie Perrin made the request too. As you might recall, the Council also discussed this matter when drafting the charter for the EPDP. The need for training had been raised by Martin, myself, and supported by others. Why, then, was the request only actioned when requested by RySG a month later? It is true that the EPDP team was made aware of the names of two providers on the call of 6 September. We were not, however, consulted on the course itself or its contents, and no details were forthcoming. Again, check the Adobe Connect chat and the questions that were ignored and the short responses given. I personally visited the website of ITgovernance after its name was circulated and no where on the homepage or on their GDPR training page did I find this £20 course. I don’t see it there today either. I saw and continue to see more comprehensive options. We attempted to clarify with ICANN staff that we were getting a course that would offer at least “three-four hours” of training but received no response. Ultimately staff have selected one which is supposed to take 45 minutes but can be breezed through in 15. As for the course being shared with the EPDP team leadership, perhaps that was so, but they did not share it with EPDP members and neither member of the leadership team are themselves GDPR experts. Perhaps they should have consulted with EDPD members before this course was procured. I had actually suggested to the Council liaison that this happen, but it did not. The course is not adequate and should never have been purchased. —Ayden On 11 Sep 2018, at 20:17, Marika Konings <marika.konings@icann.org<mailto:marika.konings@icann.org>> wrote: To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September. Best regards, Marika From: council <council-bounces@gnso.icann.org<mailto:council-bounces@gnso.icann.org>> on behalf of Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Reply-To: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Date: Tuesday, September 11, 2018 at 12:03 To: "darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>" <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>>, 'Rafik Dammak' <rafik.dammak@gmail.com<mailto:rafik.dammak@gmail.com>>, 'Council GNSO' <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: Re: [council] EPDP Weekly update I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless." Ayden On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>> wrote: Thanks, Rafik. Have a couple of questions from your update: • What is the deadline for EPDP members to complete the training? • You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update. Thanks, Darcy From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: [council] EPDP Weekly update hi all, please find the EPDP update of last week. Happy to answer questions. Best Regards, Rafik
Michele, Yes, I think this training is required, because it is not apparent that all members of the EPDP have the appropriate baseline of knowledge of relevant data protection regulations. And this lack of knowledge is delaying the work of the EPDP, increasing its overall cost, and will only expose ICANN org and the contracted parties to harm. Of course "there is nothing to stop people independently seeking and getting their own supplemental training,” but guess what, they’re not - so ICANN needs to provide it. Ayden
On 12 Sep 2018, at 10:49, Michele Neylon - Blacknight <michele@blacknight.com> wrote:
Ayden
I think your “ask” is at odds with what we discussed at length during the drafting of the ePDP’s charter.
There was never any expectation that ICANN would provide and fund the kind of comprehensive and in depth GDPR training that you have been demanding.
It is my understanding that it was agreed that a basic course like the one that has been identified be provided. That is being supplemented by Becky Burr.
I also note that your posts on the ePDP mailing list go into greater detail about what you expect a course to cover and to be frank I’m amazed you’d think that ICANN would be the venue for this kind of training. (seehttps://mm.icann.org/pipermail/gnso-epdp-team/2018-September/000328.html )
It was discussed that “basic” training would be provided and I believe that this is being done. Also there is nothing to stop people independently seeking and getting their own supplemental training.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
From: council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday 11 September 2018 at 19:39 To: Marika Konings <marika.konings@icann.org> Cc: Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
Thank you for the response, Marika. I have shared two emails on the EPDP team list over the past 24 hours regarding the GDPR training, neither of which you responded to. I suspect if you posted this same message there, there would be a high level of disagreement between EPDP members and ICANN org over the approach that you seem to think was endorsed by the EPDP team.
Check the transcript. On 7 August I initially requested GDPR training, and a week later, Stephanie Perrin made the request too. As you might recall, the Council also discussed this matter when drafting the charter for the EPDP. The need for training had been raised by Martin, myself, and supported by others. Why, then, was the request only actioned when requested by RySG a month later?
It is true that the EPDP team was made aware of the names of two providers on the call of 6 September. We were not, however, consulted on the course itself or its contents, and no details were forthcoming. Again, check the Adobe Connect chat and the questions that were ignored and the short responses given. I personally visited the website of ITgovernance after its name was circulated and no where on the homepage or on their GDPR training page did I find this £20 course. I don’t see it there today either. I saw and continue to see more comprehensive options. We attempted to clarify with ICANN staff that we were getting a course that would offer at least “three-four hours” of training but received no response. Ultimately staff have selected one which is supposed to take 45 minutes but can be breezed through in 15.
As for the course being shared with the EPDP team leadership, perhaps that was so, but they did not share it with EPDP members and neither member of the leadership team are themselves GDPR experts. Perhaps they should have consulted with EDPD members before this course was procured. I had actually suggested to the Council liaison that this happen, but it did not.
The course is not adequate and should never have been purchased.
—Ayden
On 11 Sep 2018, at 20:17, Marika Konings <marika.konings@icann.org> wrote:
To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September.
Best regards,
Marika
From: council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday, September 11, 2018 at 12:03 To: "darcy.southwell@endurance.com" <darcy.southwell@endurance.com>, 'Rafik Dammak' <rafik.dammak@gmail.com>, 'Council GNSO' <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless."
Ayden
On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com> wrote:
Thanks, Rafik. Have a couple of questions from your update:
· What is the deadline for EPDP members to complete the training?
· You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update.
Thanks,
Darcy
From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org> Subject: [council] EPDP Weekly update
hi all,
please find the EPDP update of last week. Happy to answer questions.
Best Regards,
Rafik
Ayden ICANN is not a training academy. I also suspect you are confusing people’s lack of understanding with their will to accept reality. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Wednesday 12 September 2018 at 09:56 To: Michele Neylon <michele@blacknight.com> Cc: Marika Konings <marika.konings@icann.org>, Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update Michele, Yes, I think this training is required, because it is not apparent that all members of the EPDP have the appropriate baseline of knowledge of relevant data protection regulations. And this lack of knowledge is delaying the work of the EPDP, increasing its overall cost, and will only expose ICANN org and the contracted parties to harm. Of course "there is nothing to stop people independently seeking and getting their own supplemental training,” but guess what, they’re not - so ICANN needs to provide it. Ayden On 12 Sep 2018, at 10:49, Michele Neylon - Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> wrote: Ayden I think your “ask” is at odds with what we discussed at length during the drafting of the ePDP’s charter. There was never any expectation that ICANN would provide and fund the kind of comprehensive and in depth GDPR training that you have been demanding. It is my understanding that it was agreed that a basic course like the one that has been identified be provided. That is being supplemented by Becky Burr. I also note that your posts on the ePDP mailing list go into greater detail about what you expect a course to cover and to be frank I’m amazed you’d think that ICANN would be the venue for this kind of training. (seehttps://mm.icann.org/pipermail/gnso-epdp-team/2018-September/000328.html ) It was discussed that “basic” training would be provided and I believe that this is being done. Also there is nothing to stop people independently seeking and getting their own supplemental training. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: council <council-bounces@gnso.icann.org<mailto:council-bounces@gnso.icann.org>> on behalf of Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Reply-To: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Date: Tuesday 11 September 2018 at 19:39 To: Marika Konings <marika.konings@icann.org<mailto:marika.konings@icann.org>> Cc: Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: Re: [council] EPDP Weekly update Thank you for the response, Marika. I have shared two emails on the EPDP team list over the past 24 hours regarding the GDPR training, neither of which you responded to. I suspect if you posted this same message there, there would be a high level of disagreement between EPDP members and ICANN org over the approach that you seem to think was endorsed by the EPDP team. Check the transcript. On 7 August I initially requested GDPR training, and a week later, Stephanie Perrin made the request too. As you might recall, the Council also discussed this matter when drafting the charter for the EPDP. The need for training had been raised by Martin, myself, and supported by others. Why, then, was the request only actioned when requested by RySG a month later? It is true that the EPDP team was made aware of the names of two providers on the call of 6 September. We were not, however, consulted on the course itself or its contents, and no details were forthcoming. Again, check the Adobe Connect chat and the questions that were ignored and the short responses given. I personally visited the website of ITgovernance after its name was circulated and no where on the homepage or on their GDPR training page did I find this £20 course. I don’t see it there today either. I saw and continue to see more comprehensive options. We attempted to clarify with ICANN staff that we were getting a course that would offer at least “three-four hours” of training but received no response. Ultimately staff have selected one which is supposed to take 45 minutes but can be breezed through in 15. As for the course being shared with the EPDP team leadership, perhaps that was so, but they did not share it with EPDP members and neither member of the leadership team are themselves GDPR experts. Perhaps they should have consulted with EDPD members before this course was procured. I had actually suggested to the Council liaison that this happen, but it did not. The course is not adequate and should never have been purchased. —Ayden On 11 Sep 2018, at 20:17, Marika Konings <marika.konings@icann.org<mailto:marika.konings@icann.org>> wrote: To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September. Best regards, Marika From: council <council-bounces@gnso.icann.org<mailto:council-bounces@gnso.icann.org>> on behalf of Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Reply-To: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Date: Tuesday, September 11, 2018 at 12:03 To: "darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>" <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>>, 'Rafik Dammak' <rafik.dammak@gmail.com<mailto:rafik.dammak@gmail.com>>, 'Council GNSO' <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: Re: [council] EPDP Weekly update I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless." Ayden On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>> wrote: Thanks, Rafik. Have a couple of questions from your update: • What is the deadline for EPDP members to complete the training? • You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update. Thanks, Darcy From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: [council] EPDP Weekly update hi all, please find the EPDP update of last week. Happy to answer questions. Best Regards, Rafik
Michele, I am aware that “ICANN is not a training academy.” But I do not think it is unreasonable for ICANN org to provide participants in a working group that benefits, primarily, ICANN with a basic degree of training that will assist these participants in going about their work. Most EPDP members do not have a need for the GDPR training, aside from for this one activity that they are doing on an unremunerated basis for the primary benefit of ICANN.
I also suspect you are confusing people’s lack of understanding with their will to accept reality.
I can hardly conclude that they are refusing to accept reality when I know for certain they have not been given sufficient training in how to interpret and apply the GDPR. Ayden
On 12 Sep 2018, at 11:02, Michele Neylon - Blacknight <michele@blacknight.com> wrote:
Ayden
ICANN is not a training academy.
I also suspect you are confusing people’s lack of understanding with their will to accept reality.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
From: Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Wednesday 12 September 2018 at 09:56 To: Michele Neylon <michele@blacknight.com> Cc: Marika Konings <marika.konings@icann.org>, Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
Michele,
Yes, I think this training is required, because it is not apparent that all members of the EPDP have the appropriate baseline of knowledge of relevant data protection regulations.
And this lack of knowledge is delaying the work of the EPDP, increasing its overall cost, and will only expose ICANN org and the contracted parties to harm.
Of course "there is nothing to stop people independently seeking and getting their own supplemental training,” but guess what, they’re not - so ICANN needs to provide it.
Ayden
On 12 Sep 2018, at 10:49, Michele Neylon - Blacknight <michele@blacknight.com> wrote:
Ayden
I think your “ask” is at odds with what we discussed at length during the drafting of the ePDP’s charter.
There was never any expectation that ICANN would provide and fund the kind of comprehensive and in depth GDPR training that you have been demanding.
It is my understanding that it was agreed that a basic course like the one that has been identified be provided. That is being supplemented by Becky Burr.
I also note that your posts on the ePDP mailing list go into greater detail about what you expect a course to cover and to be frank I’m amazed you’d think that ICANN would be the venue for this kind of training. (seehttps://mm.icann.org/pipermail/gnso-epdp-team/2018-September/000328.html )
It was discussed that “basic” training would be provided and I believe that this is being done. Also there is nothing to stop people independently seeking and getting their own supplemental training.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
From: council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday 11 September 2018 at 19:39 To: Marika Konings <marika.konings@icann.org> Cc: Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
Thank you for the response, Marika. I have shared two emails on the EPDP team list over the past 24 hours regarding the GDPR training, neither of which you responded to. I suspect if you posted this same message there, there would be a high level of disagreement between EPDP members and ICANN org over the approach that you seem to think was endorsed by the EPDP team.
Check the transcript. On 7 August I initially requested GDPR training, and a week later, Stephanie Perrin made the request too. As you might recall, the Council also discussed this matter when drafting the charter for the EPDP. The need for training had been raised by Martin, myself, and supported by others. Why, then, was the request only actioned when requested by RySG a month later?
It is true that the EPDP team was made aware of the names of two providers on the call of 6 September. We were not, however, consulted on the course itself or its contents, and no details were forthcoming. Again, check the Adobe Connect chat and the questions that were ignored and the short responses given. I personally visited the website of ITgovernance after its name was circulated and no where on the homepage or on their GDPR training page did I find this £20 course. I don’t see it there today either. I saw and continue to see more comprehensive options. We attempted to clarify with ICANN staff that we were getting a course that would offer at least “three-four hours” of training but received no response. Ultimately staff have selected one which is supposed to take 45 minutes but can be breezed through in 15.
As for the course being shared with the EPDP team leadership, perhaps that was so, but they did not share it with EPDP members and neither member of the leadership team are themselves GDPR experts. Perhaps they should have consulted with EDPD members before this course was procured. I had actually suggested to the Council liaison that this happen, but it did not.
The course is not adequate and should never have been purchased.
—Ayden
On 11 Sep 2018, at 20:17, Marika Konings <marika.konings@icann.org> wrote:
To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September.
Best regards,
Marika
From: council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday, September 11, 2018 at 12:03 To: "darcy.southwell@endurance.com" <darcy.southwell@endurance.com>, 'Rafik Dammak' <rafik.dammak@gmail.com>, 'Council GNSO' <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless."
Ayden
On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com> wrote:
Thanks, Rafik. Have a couple of questions from your update:
· What is the deadline for EPDP members to complete the training?
· You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update.
Thanks,
Darcy
From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org> Subject: [council] EPDP Weekly update
hi all,
please find the EPDP update of last week. Happy to answer questions.
Best Regards,
Rafik
Ayden We aren’t going to agree on this. I think you are being completely unreasonable in your expectations and that what you are demanding of ICANN is not in line with what we on Council had agreed to. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Wednesday 12 September 2018 at 10:24 To: Michele Neylon <michele@blacknight.com> Cc: Marika Konings <marika.konings@icann.org>, Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update Michele, I am aware that “ICANN is not a training academy.” But I do not think it is unreasonable for ICANN org to provide participants in a working group that benefits, primarily, ICANN with a basic degree of training that will assist these participants in going about their work. Most EPDP members do not have a need for the GDPR training, aside from for this one activity that they are doing on an unremunerated basis for the primary benefit of ICANN. I also suspect you are confusing people’s lack of understanding with their will to accept reality. I can hardly conclude that they are refusing to accept reality when I know for certain they have not been given sufficient training in how to interpret and apply the GDPR. Ayden On 12 Sep 2018, at 11:02, Michele Neylon - Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> wrote: Ayden ICANN is not a training academy. I also suspect you are confusing people’s lack of understanding with their will to accept reality. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Reply-To: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Date: Wednesday 12 September 2018 at 09:56 To: Michele Neylon <michele@blacknight.com<mailto:michele@blacknight.com>> Cc: Marika Konings <marika.konings@icann.org<mailto:marika.konings@icann.org>>, Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: Re: [council] EPDP Weekly update Michele, Yes, I think this training is required, because it is not apparent that all members of the EPDP have the appropriate baseline of knowledge of relevant data protection regulations. And this lack of knowledge is delaying the work of the EPDP, increasing its overall cost, and will only expose ICANN org and the contracted parties to harm. Of course "there is nothing to stop people independently seeking and getting their own supplemental training,” but guess what, they’re not - so ICANN needs to provide it. Ayden On 12 Sep 2018, at 10:49, Michele Neylon - Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> wrote: Ayden I think your “ask” is at odds with what we discussed at length during the drafting of the ePDP’s charter. There was never any expectation that ICANN would provide and fund the kind of comprehensive and in depth GDPR training that you have been demanding. It is my understanding that it was agreed that a basic course like the one that has been identified be provided. That is being supplemented by Becky Burr. I also note that your posts on the ePDP mailing list go into greater detail about what you expect a course to cover and to be frank I’m amazed you’d think that ICANN would be the venue for this kind of training. (seehttps://mm.icann.org/pipermail/gnso-epdp-team/2018-September/000328.html ) It was discussed that “basic” training would be provided and I believe that this is being done. Also there is nothing to stop people independently seeking and getting their own supplemental training. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: council <council-bounces@gnso.icann.org<mailto:council-bounces@gnso.icann.org>> on behalf of Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Reply-To: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Date: Tuesday 11 September 2018 at 19:39 To: Marika Konings <marika.konings@icann.org<mailto:marika.konings@icann.org>> Cc: Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: Re: [council] EPDP Weekly update Thank you for the response, Marika. I have shared two emails on the EPDP team list over the past 24 hours regarding the GDPR training, neither of which you responded to. I suspect if you posted this same message there, there would be a high level of disagreement between EPDP members and ICANN org over the approach that you seem to think was endorsed by the EPDP team. Check the transcript. On 7 August I initially requested GDPR training, and a week later, Stephanie Perrin made the request too. As you might recall, the Council also discussed this matter when drafting the charter for the EPDP. The need for training had been raised by Martin, myself, and supported by others. Why, then, was the request only actioned when requested by RySG a month later? It is true that the EPDP team was made aware of the names of two providers on the call of 6 September. We were not, however, consulted on the course itself or its contents, and no details were forthcoming. Again, check the Adobe Connect chat and the questions that were ignored and the short responses given. I personally visited the website of ITgovernance after its name was circulated and no where on the homepage or on their GDPR training page did I find this £20 course. I don’t see it there today either. I saw and continue to see more comprehensive options. We attempted to clarify with ICANN staff that we were getting a course that would offer at least “three-four hours” of training but received no response. Ultimately staff have selected one which is supposed to take 45 minutes but can be breezed through in 15. As for the course being shared with the EPDP team leadership, perhaps that was so, but they did not share it with EPDP members and neither member of the leadership team are themselves GDPR experts. Perhaps they should have consulted with EDPD members before this course was procured. I had actually suggested to the Council liaison that this happen, but it did not. The course is not adequate and should never have been purchased. —Ayden On 11 Sep 2018, at 20:17, Marika Konings <marika.konings@icann.org<mailto:marika.konings@icann.org>> wrote: To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September. Best regards, Marika From: council <council-bounces@gnso.icann.org<mailto:council-bounces@gnso.icann.org>> on behalf of Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Reply-To: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Date: Tuesday, September 11, 2018 at 12:03 To: "darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>" <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>>, 'Rafik Dammak' <rafik.dammak@gmail.com<mailto:rafik.dammak@gmail.com>>, 'Council GNSO' <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: Re: [council] EPDP Weekly update I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless." Ayden On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>> wrote: Thanks, Rafik. Have a couple of questions from your update: • What is the deadline for EPDP members to complete the training? • You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update. Thanks, Darcy From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: [council] EPDP Weekly update hi all, please find the EPDP update of last week. Happy to answer questions. Best Regards, Rafik
We can agree to disagree then. But I am still going to call it now: the inadequacy of the training provided will contribute to the overall failure of this EPDP. It will not be the only factor, but it will be one that was within our control to correct. Ayden
On 12 Sep 2018, at 11:31, Michele Neylon - Blacknight <michele@blacknight.com> wrote:
Ayden
We aren’t going to agree on this.
I think you are being completely unreasonable in your expectations and that what you are demanding of ICANN is not in line with what we on Council had agreed to.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
From: Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Wednesday 12 September 2018 at 10:24 To: Michele Neylon <michele@blacknight.com> Cc: Marika Konings <marika.konings@icann.org>, Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
Michele,
I am aware that “ICANN is not a training academy.”
But I do not think it is unreasonable for ICANN org to provide participants in a working group that benefits, primarily, ICANN with a basic degree of training that will assist these participants in going about their work.
Most EPDP members do not have a need for the GDPR training, aside from for this one activity that they are doing on an unremunerated basis for the primary benefit of ICANN.
I also suspect you are confusing people’s lack of understanding with their will to accept reality.
I can hardly conclude that they are refusing to accept reality when I know for certain they have not been given sufficient training in how to interpret and apply the GDPR.
Ayden
On 12 Sep 2018, at 11:02, Michele Neylon - Blacknight <michele@blacknight.com> wrote:
Ayden
ICANN is not a training academy.
I also suspect you are confusing people’s lack of understanding with their will to accept reality.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
From: Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Wednesday 12 September 2018 at 09:56 To: Michele Neylon <michele@blacknight.com> Cc: Marika Konings <marika.konings@icann.org>, Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
Michele,
Yes, I think this training is required, because it is not apparent that all members of the EPDP have the appropriate baseline of knowledge of relevant data protection regulations.
And this lack of knowledge is delaying the work of the EPDP, increasing its overall cost, and will only expose ICANN org and the contracted parties to harm.
Of course "there is nothing to stop people independently seeking and getting their own supplemental training,” but guess what, they’re not - so ICANN needs to provide it.
Ayden
On 12 Sep 2018, at 10:49, Michele Neylon - Blacknight <michele@blacknight.com> wrote:
Ayden
I think your “ask” is at odds with what we discussed at length during the drafting of the ePDP’s charter.
There was never any expectation that ICANN would provide and fund the kind of comprehensive and in depth GDPR training that you have been demanding.
It is my understanding that it was agreed that a basic course like the one that has been identified be provided. That is being supplemented by Becky Burr.
I also note that your posts on the ePDP mailing list go into greater detail about what you expect a course to cover and to be frank I’m amazed you’d think that ICANN would be the venue for this kind of training. (seehttps://mm.icann.org/pipermail/gnso-epdp-team/2018-September/000328.html )
It was discussed that “basic” training would be provided and I believe that this is being done. Also there is nothing to stop people independently seeking and getting their own supplemental training.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
From: council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday 11 September 2018 at 19:39 To: Marika Konings <marika.konings@icann.org> Cc: Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
Thank you for the response, Marika. I have shared two emails on the EPDP team list over the past 24 hours regarding the GDPR training, neither of which you responded to. I suspect if you posted this same message there, there would be a high level of disagreement between EPDP members and ICANN org over the approach that you seem to think was endorsed by the EPDP team.
Check the transcript. On 7 August I initially requested GDPR training, and a week later, Stephanie Perrin made the request too. As you might recall, the Council also discussed this matter when drafting the charter for the EPDP. The need for training had been raised by Martin, myself, and supported by others. Why, then, was the request only actioned when requested by RySG a month later?
It is true that the EPDP team was made aware of the names of two providers on the call of 6 September. We were not, however, consulted on the course itself or its contents, and no details were forthcoming. Again, check the Adobe Connect chat and the questions that were ignored and the short responses given. I personally visited the website of ITgovernance after its name was circulated and no where on the homepage or on their GDPR training page did I find this £20 course. I don’t see it there today either. I saw and continue to see more comprehensive options. We attempted to clarify with ICANN staff that we were getting a course that would offer at least “three-four hours” of training but received no response. Ultimately staff have selected one which is supposed to take 45 minutes but can be breezed through in 15.
As for the course being shared with the EPDP team leadership, perhaps that was so, but they did not share it with EPDP members and neither member of the leadership team are themselves GDPR experts. Perhaps they should have consulted with EDPD members before this course was procured. I had actually suggested to the Council liaison that this happen, but it did not.
The course is not adequate and should never have been purchased.
—Ayden
On 11 Sep 2018, at 20:17, Marika Konings <marika.konings@icann.org> wrote:
To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September.
Best regards,
Marika
From: council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday, September 11, 2018 at 12:03 To: "darcy.southwell@endurance.com" <darcy.southwell@endurance.com>, 'Rafik Dammak' <rafik.dammak@gmail.com>, 'Council GNSO' <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless."
Ayden
On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com> wrote:
Thanks, Rafik. Have a couple of questions from your update:
· What is the deadline for EPDP members to complete the training?
· You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update.
Thanks,
Darcy
From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org> Subject: [council] EPDP Weekly update
hi all,
please find the EPDP update of last week. Happy to answer questions.
Best Regards,
Rafik
Ayden What was agreed was for “basic” training. What you’ve been demanding goes way beyond that. And I completely disagree with you trying to blame this on any potential failure of the ePDP. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Wednesday 12 September 2018 at 10:36 To: Michele Neylon <michele@blacknight.com> Cc: Marika Konings <marika.konings@icann.org>, Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update We can agree to disagree then. But I am still going to call it now: the inadequacy of the training provided will contribute to the overall failure of this EPDP. It will not be the only factor, but it will be one that was within our control to correct. Ayden On 12 Sep 2018, at 11:31, Michele Neylon - Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> wrote: Ayden We aren’t going to agree on this. I think you are being completely unreasonable in your expectations and that what you are demanding of ICANN is not in line with what we on Council had agreed to. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Reply-To: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Date: Wednesday 12 September 2018 at 10:24 To: Michele Neylon <michele@blacknight.com<mailto:michele@blacknight.com>> Cc: Marika Konings <marika.konings@icann.org<mailto:marika.konings@icann.org>>, Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: Re: [council] EPDP Weekly update Michele, I am aware that “ICANN is not a training academy.” But I do not think it is unreasonable for ICANN org to provide participants in a working group that benefits, primarily, ICANN with a basic degree of training that will assist these participants in going about their work. Most EPDP members do not have a need for the GDPR training, aside from for this one activity that they are doing on an unremunerated basis for the primary benefit of ICANN. I also suspect you are confusing people’s lack of understanding with their will to accept reality. I can hardly conclude that they are refusing to accept reality when I know for certain they have not been given sufficient training in how to interpret and apply the GDPR. Ayden On 12 Sep 2018, at 11:02, Michele Neylon - Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> wrote: Ayden ICANN is not a training academy. I also suspect you are confusing people’s lack of understanding with their will to accept reality. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Reply-To: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Date: Wednesday 12 September 2018 at 09:56 To: Michele Neylon <michele@blacknight.com<mailto:michele@blacknight.com>> Cc: Marika Konings <marika.konings@icann.org<mailto:marika.konings@icann.org>>, Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: Re: [council] EPDP Weekly update Michele, Yes, I think this training is required, because it is not apparent that all members of the EPDP have the appropriate baseline of knowledge of relevant data protection regulations. And this lack of knowledge is delaying the work of the EPDP, increasing its overall cost, and will only expose ICANN org and the contracted parties to harm. Of course "there is nothing to stop people independently seeking and getting their own supplemental training,” but guess what, they’re not - so ICANN needs to provide it. Ayden On 12 Sep 2018, at 10:49, Michele Neylon - Blacknight <michele@blacknight.com<mailto:michele@blacknight.com>> wrote: Ayden I think your “ask” is at odds with what we discussed at length during the drafting of the ePDP’s charter. There was never any expectation that ICANN would provide and fund the kind of comprehensive and in depth GDPR training that you have been demanding. It is my understanding that it was agreed that a basic course like the one that has been identified be provided. That is being supplemented by Becky Burr. I also note that your posts on the ePDP mailing list go into greater detail about what you expect a course to cover and to be frank I’m amazed you’d think that ICANN would be the venue for this kind of training. (seehttps://mm.icann.org/pipermail/gnso-epdp-team/2018-September/000328.html ) It was discussed that “basic” training would be provided and I believe that this is being done. Also there is nothing to stop people independently seeking and getting their own supplemental training. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: council <council-bounces@gnso.icann.org<mailto:council-bounces@gnso.icann.org>> on behalf of Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Reply-To: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Date: Tuesday 11 September 2018 at 19:39 To: Marika Konings <marika.konings@icann.org<mailto:marika.konings@icann.org>> Cc: Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: Re: [council] EPDP Weekly update Thank you for the response, Marika. I have shared two emails on the EPDP team list over the past 24 hours regarding the GDPR training, neither of which you responded to. I suspect if you posted this same message there, there would be a high level of disagreement between EPDP members and ICANN org over the approach that you seem to think was endorsed by the EPDP team. Check the transcript. On 7 August I initially requested GDPR training, and a week later, Stephanie Perrin made the request too. As you might recall, the Council also discussed this matter when drafting the charter for the EPDP. The need for training had been raised by Martin, myself, and supported by others. Why, then, was the request only actioned when requested by RySG a month later? It is true that the EPDP team was made aware of the names of two providers on the call of 6 September. We were not, however, consulted on the course itself or its contents, and no details were forthcoming. Again, check the Adobe Connect chat and the questions that were ignored and the short responses given. I personally visited the website of ITgovernance after its name was circulated and no where on the homepage or on their GDPR training page did I find this £20 course. I don’t see it there today either. I saw and continue to see more comprehensive options. We attempted to clarify with ICANN staff that we were getting a course that would offer at least “three-four hours” of training but received no response. Ultimately staff have selected one which is supposed to take 45 minutes but can be breezed through in 15. As for the course being shared with the EPDP team leadership, perhaps that was so, but they did not share it with EPDP members and neither member of the leadership team are themselves GDPR experts. Perhaps they should have consulted with EDPD members before this course was procured. I had actually suggested to the Council liaison that this happen, but it did not. The course is not adequate and should never have been purchased. —Ayden On 11 Sep 2018, at 20:17, Marika Konings <marika.konings@icann.org<mailto:marika.konings@icann.org>> wrote: To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September. Best regards, Marika From: council <council-bounces@gnso.icann.org<mailto:council-bounces@gnso.icann.org>> on behalf of Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Reply-To: Ayden Férdeline <icann@ferdeline.com<mailto:icann@ferdeline.com>> Date: Tuesday, September 11, 2018 at 12:03 To: "darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>" <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>>, 'Rafik Dammak' <rafik.dammak@gmail.com<mailto:rafik.dammak@gmail.com>>, 'Council GNSO' <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: Re: [council] EPDP Weekly update I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless." Ayden On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>> wrote: Thanks, Rafik. Have a couple of questions from your update: • What is the deadline for EPDP members to complete the training? • You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update. Thanks, Darcy From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: [council] EPDP Weekly update hi all, please find the EPDP update of last week. Happy to answer questions. Best Regards, Rafik
Yes, we had agreed on basic training and in our discussions had spoke of it being of a minimum duration of three to four hours. It was implied that the training would be relevant, tailored to the needs of the EPDP team, and of high quality. We had not agreed on a 45-minute course that can be breezed through in 15-minutes and which contains little substance. It surprises me that you think this course will be of value to the EPDP team in any way. Ayden
On 12 Sep 2018, at 11:45, Michele Neylon - Blacknight <michele@blacknight.com> wrote:
Ayden
What was agreed was for “basic” training.
What you’ve been demanding goes way beyond that.
And I completely disagree with you trying to blame this on any potential failure of the ePDP.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
From: Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Wednesday 12 September 2018 at 10:36 To: Michele Neylon <michele@blacknight.com> Cc: Marika Konings <marika.konings@icann.org>, Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
We can agree to disagree then.
But I am still going to call it now: the inadequacy of the training provided will contribute to the overall failure of this EPDP.
It will not be the only factor, but it will be one that was within our control to correct.
Ayden
On 12 Sep 2018, at 11:31, Michele Neylon - Blacknight <michele@blacknight.com> wrote:
Ayden
We aren’t going to agree on this.
I think you are being completely unreasonable in your expectations and that what you are demanding of ICANN is not in line with what we on Council had agreed to.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
From: Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Wednesday 12 September 2018 at 10:24 To: Michele Neylon <michele@blacknight.com> Cc: Marika Konings <marika.konings@icann.org>, Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
Michele,
I am aware that “ICANN is not a training academy.”
But I do not think it is unreasonable for ICANN org to provide participants in a working group that benefits, primarily, ICANN with a basic degree of training that will assist these participants in going about their work.
Most EPDP members do not have a need for the GDPR training, aside from for this one activity that they are doing on an unremunerated basis for the primary benefit of ICANN.
I also suspect you are confusing people’s lack of understanding with their will to accept reality.
I can hardly conclude that they are refusing to accept reality when I know for certain they have not been given sufficient training in how to interpret and apply the GDPR.
Ayden
On 12 Sep 2018, at 11:02, Michele Neylon - Blacknight <michele@blacknight.com> wrote:
Ayden
ICANN is not a training academy.
I also suspect you are confusing people’s lack of understanding with their will to accept reality.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
From: Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Wednesday 12 September 2018 at 09:56 To: Michele Neylon <michele@blacknight.com> Cc: Marika Konings <marika.konings@icann.org>, Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
Michele,
Yes, I think this training is required, because it is not apparent that all members of the EPDP have the appropriate baseline of knowledge of relevant data protection regulations.
And this lack of knowledge is delaying the work of the EPDP, increasing its overall cost, and will only expose ICANN org and the contracted parties to harm.
Of course "there is nothing to stop people independently seeking and getting their own supplemental training,” but guess what, they’re not - so ICANN needs to provide it.
Ayden
On 12 Sep 2018, at 10:49, Michele Neylon - Blacknight <michele@blacknight.com> wrote:
Ayden
I think your “ask” is at odds with what we discussed at length during the drafting of the ePDP’s charter.
There was never any expectation that ICANN would provide and fund the kind of comprehensive and in depth GDPR training that you have been demanding.
It is my understanding that it was agreed that a basic course like the one that has been identified be provided. That is being supplemented by Becky Burr.
I also note that your posts on the ePDP mailing list go into greater detail about what you expect a course to cover and to be frank I’m amazed you’d think that ICANN would be the venue for this kind of training. (seehttps://mm.icann.org/pipermail/gnso-epdp-team/2018-September/000328.html )
It was discussed that “basic” training would be provided and I believe that this is being done. Also there is nothing to stop people independently seeking and getting their own supplemental training.
Regards
Michele
--
Mr Michele Neylon
Blacknight Solutions
Hosting, Colocation & Domains
Intl. +353 (0) 59 9183072
Direct Dial: +353 (0)59 9183090
Personal blog: https://michele.blog/
Some thoughts: https://ceo.hosting/
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845
From: council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday 11 September 2018 at 19:39 To: Marika Konings <marika.konings@icann.org> Cc: Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
Thank you for the response, Marika. I have shared two emails on the EPDP team list over the past 24 hours regarding the GDPR training, neither of which you responded to. I suspect if you posted this same message there, there would be a high level of disagreement between EPDP members and ICANN org over the approach that you seem to think was endorsed by the EPDP team.
Check the transcript. On 7 August I initially requested GDPR training, and a week later, Stephanie Perrin made the request too. As you might recall, the Council also discussed this matter when drafting the charter for the EPDP. The need for training had been raised by Martin, myself, and supported by others. Why, then, was the request only actioned when requested by RySG a month later?
It is true that the EPDP team was made aware of the names of two providers on the call of 6 September. We were not, however, consulted on the course itself or its contents, and no details were forthcoming. Again, check the Adobe Connect chat and the questions that were ignored and the short responses given. I personally visited the website of ITgovernance after its name was circulated and no where on the homepage or on their GDPR training page did I find this £20 course. I don’t see it there today either. I saw and continue to see more comprehensive options. We attempted to clarify with ICANN staff that we were getting a course that would offer at least “three-four hours” of training but received no response. Ultimately staff have selected one which is supposed to take 45 minutes but can be breezed through in 15.
As for the course being shared with the EPDP team leadership, perhaps that was so, but they did not share it with EPDP members and neither member of the leadership team are themselves GDPR experts. Perhaps they should have consulted with EDPD members before this course was procured. I had actually suggested to the Council liaison that this happen, but it did not.
The course is not adequate and should never have been purchased.
—Ayden
On 11 Sep 2018, at 20:17, Marika Konings <marika.konings@icann.org> wrote:
To provide some context as Council members consider Ayden's input, a request was made by the RySG, and supported by the EPDP Team, for GDPR training. Several suggestions were made for possible training providers by EPDP Team members. Staff gathered input on these options, including costs and content covered, which was subsequently shared with the EPDP Team leadership who recommended moving forward with the training provided by IT governance (one of the providers recommended by one of the EPDP Team members) followed by a Q & A session with Becky Burr that will allow for members to put forward any additional questions they may have. The recommended approach was shared with the EPDP Team during its meeting on 6 September during which no objections were raised, following which the training was procured and distributed to members, alternates and liaisons. The Q & A session with Becky is scheduled for Wednesday 19 September.
Best regards,
Marika
From: council <council-bounces@gnso.icann.org> on behalf of Ayden Férdeline <icann@ferdeline.com> Reply-To: Ayden Férdeline <icann@ferdeline.com> Date: Tuesday, September 11, 2018 at 12:03 To: "darcy.southwell@endurance.com" <darcy.southwell@endurance.com>, 'Rafik Dammak' <rafik.dammak@gmail.com>, 'Council GNSO' <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update
I encourage members of the Council to research the £20 ($25), 45-minute GDPR course that EPDP members have been offered, and to evaluate whether you think this will leave the EPDP team on the right footing to develop a policy that does expose ICANN org and the contracted parties to unwanted liabilities. It is my humble view that the training is inadequate and not suitable for our purposes. The course was procured without EPDP team consultation and is intended for frontline individual contributors who occasionally come across personal data, not for those designing a policy or system. I think ICANN org has done us a great disservice in procuring this course. It’s not disappointing; I think the more accurate descriptor would be "reckless."
Ayden
On Tue, Sep 11, 2018 at 19:45, Darcy Southwell <darcy.southwell@endurance.com> wrote:
Thanks, Rafik. Have a couple of questions from your update:
· What is the deadline for EPDP members to complete the training?
· You noted the project is behind, and I see the items highlighted in yellow as "manageable delay/issue." You agree that these are manageable? I wasn’t sure from your update.
Thanks,
Darcy
From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org> Subject: [council] EPDP Weekly update
hi all,
please find the EPDP update of last week. Happy to answer questions.
Best Regards,
Rafik
Hi all, I have joined a couple of the recent EPDP WG calls as an observer, and I have a few observations and questions we should consider. From a Council “process management” perspective, these are intended to be constructive in the hopes of ensuring success of the EPDP: * Following the Triage exercise, the EPDP working group does not appear to be working toward answering the questions contained in the Charter in a systematic way. What was the decision process behind not following the Charter questions? When will the group return to the Charter questions? * What does the WG leadership see as the ultimate outcome of this EPDP, and what do we as Council expect the deliverable to be? Rather than focusing on the gating questions enumerated in the Charter, the WG has been engaged in a Temp Spec red-lining exercise. Is our expected deliverable a list of policy recommendations or a revised version of the Temporary Specification? Or both? We should all be clear on the expected deliverable. * After 12 meetings and the Triage process, there doesn’t appear to be much progress toward consensus. It seems that different groups keep restating their positions with little variation when it comes to discussing purposes. Does leadership have a plan for breaking through this and moving the ball forward? Do we as Council need to provide additional guidance or clarification? * Noting that the discussion on many calls seems to meander, it might be helpful for leadership and staff to identify a goal or goals that the day’s discussion is meant to achieve, and to communicate such goal(s) to the WG prior to the call along with the agenda. * Have leadership and staff developed a plan for how to structure the face-to-face meeting in Los Angeles later this month? Thanks, and I welcome further discussion on this. I know the WG leadership and staff and members/alternates are all working hard under very compressed timelines, so we should look for opportunities to help focus and streamline the work without interfering in the substantive discussions. Regards, Keith From: council <council-bounces@gnso.icann.org> On Behalf Of Darcy Southwell Sent: Tuesday, September 11, 2018 1:46 PM To: rafik.dammak@gmail.com; 'Council GNSO' <council@gnso.icann.org> Subject: [EXTERNAL] Re: [council] EPDP Weekly update Thanks, Rafik. Have a couple of questions from your update: * What is the deadline for EPDP members to complete the training? * You noted the project is behind, and I see the items highlighted in yellow as “manageable delay/issue.” You agree that these are manageable? I wasn’t sure from your update. Thanks, Darcy From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: [council] EPDP Weekly update hi all, please find the EPDP update of last week. Happy to answer questions. Best Regards, Rafik
Thanks, Keith. Excellent questions. To follow up on Keith’s points, is there a plan to have a facilitator attend the face to face in Los Angeles? We’ve known from the beginning that this EPDP is a heavy lift. A facilitator could prove useful in assisting with consensus building, especially in a face-to-face setting. Thanks, Darcy From: Drazek, Keith [mailto:kdrazek@verisign.com] Sent: Tuesday, September 11, 2018 3:06 PM To: darcy.southwell@endurance.com; rafik.dammak@gmail.com; council@gnso.icann.org Subject: RE: [council] EPDP Weekly update Hi all, I have joined a couple of the recent EPDP WG calls as an observer, and I have a few observations and questions we should consider. From a Council “process management” perspective, these are intended to be constructive in the hopes of ensuring success of the EPDP: * Following the Triage exercise, the EPDP working group does not appear to be working toward answering the questions contained in the Charter in a systematic way. What was the decision process behind not following the Charter questions? When will the group return to the Charter questions? * What does the WG leadership see as the ultimate outcome of this EPDP, and what do we as Council expect the deliverable to be? Rather than focusing on the gating questions enumerated in the Charter, the WG has been engaged in a Temp Spec red-lining exercise. Is our expected deliverable a list of policy recommendations or a revised version of the Temporary Specification? Or both? We should all be clear on the expected deliverable. * After 12 meetings and the Triage process, there doesn’t appear to be much progress toward consensus. It seems that different groups keep restating their positions with little variation when it comes to discussing purposes. Does leadership have a plan for breaking through this and moving the ball forward? Do we as Council need to provide additional guidance or clarification? * Noting that the discussion on many calls seems to meander, it might be helpful for leadership and staff to identify a goal or goals that the day’s discussion is meant to achieve, and to communicate such goal(s) to the WG prior to the call along with the agenda. * Have leadership and staff developed a plan for how to structure the face-to-face meeting in Los Angeles later this month? Thanks, and I welcome further discussion on this. I know the WG leadership and staff and members/alternates are all working hard under very compressed timelines, so we should look for opportunities to help focus and streamline the work without interfering in the substantive discussions. Regards, Keith From: council <council-bounces@gnso.icann.org <mailto:council-bounces@gnso.icann.org> > On Behalf Of Darcy Southwell Sent: Tuesday, September 11, 2018 1:46 PM To: rafik.dammak@gmail.com <mailto:rafik.dammak@gmail.com> ; 'Council GNSO' <council@gnso.icann.org <mailto:council@gnso.icann.org> > Subject: [EXTERNAL] Re: [council] EPDP Weekly update Thanks, Rafik. Have a couple of questions from your update: · What is the deadline for EPDP members to complete the training? · You noted the project is behind, and I see the items highlighted in yellow as “manageable delay/issue.” You agree that these are manageable? I wasn’t sure from your update. Thanks, Darcy From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org <mailto:council@gnso.icann.org> > Subject: [council] EPDP Weekly update hi all, please find the EPDP update of last week. Happy to answer questions. Best Regards, Rafik
Hi Darcy, thanks, yes, there is a plan to have a facilitator attending the F2F meeting in LA and helping us there. Best, Rafik Le mer. 12 sept. 2018 à 08:14, Darcy Southwell < darcy.southwell@endurance.com> a écrit :
Thanks, Keith. Excellent questions. To follow up on Keith’s points, is there a plan to have a facilitator attend the face to face in Los Angeles? We’ve known from the beginning that this EPDP is a heavy lift. A facilitator could prove useful in assisting with consensus building, especially in a face-to-face setting.
Thanks, Darcy
*From:* Drazek, Keith [mailto:kdrazek@verisign.com] *Sent:* Tuesday, September 11, 2018 3:06 PM *To:* darcy.southwell@endurance.com; rafik.dammak@gmail.com; council@gnso.icann.org *Subject:* RE: [council] EPDP Weekly update
Hi all,
I have joined a couple of the recent EPDP WG calls as an observer, and I have a few observations and questions we should consider. From a Council “process management” perspective, these are intended to be constructive in the hopes of ensuring success of the EPDP:
- Following the Triage exercise, the EPDP working group does not appear to be working toward answering the questions contained in the Charter in a systematic way. What was the decision process behind not following the Charter questions? When will the group return to the Charter questions?
- What does the WG leadership see as the ultimate outcome of this EPDP, and what do we as Council expect the deliverable to be? Rather than focusing on the gating questions enumerated in the Charter, the WG has been engaged in a Temp Spec red-lining exercise. Is our expected deliverable a list of policy recommendations or a revised version of the Temporary Specification? Or both? We should all be clear on the expected deliverable.
- After 12 meetings and the Triage process, there doesn’t appear to be much progress toward consensus. It seems that different groups keep restating their positions with little variation when it comes to discussing purposes. Does leadership have a plan for breaking through this and moving the ball forward? Do we as Council need to provide additional guidance or clarification?
- Noting that the discussion on many calls seems to meander, it might be helpful for leadership and staff to identify a goal or goals that the day’s discussion is meant to achieve, and to communicate such goal(s) to the WG prior to the call along with the agenda.
- Have leadership and staff developed a plan for how to structure the face-to-face meeting in Los Angeles later this month?
Thanks, and I welcome further discussion on this. I know the WG leadership and staff and members/alternates are all working hard under very compressed timelines, so we should look for opportunities to help focus and streamline the work without interfering in the substantive discussions.
Regards,
Keith
*From:* council <council-bounces@gnso.icann.org> *On Behalf Of *Darcy Southwell *Sent:* Tuesday, September 11, 2018 1:46 PM *To:* rafik.dammak@gmail.com; 'Council GNSO' <council@gnso.icann.org> *Subject:* [EXTERNAL] Re: [council] EPDP Weekly update
Thanks, Rafik. Have a couple of questions from your update:
· What is the deadline for EPDP members to complete the training?
· You noted the project is behind, and I see the items highlighted in yellow as “manageable delay/issue.” You agree that these are manageable? I wasn’t sure from your update.
Thanks,
Darcy
*From:* council [mailto:council-bounces@gnso.icann.org <council-bounces@gnso.icann.org>] *On Behalf Of *Rafik Dammak *Sent:* Monday, September 10, 2018 10:31 AM *To:* Council GNSO <council@gnso.icann.org> *Subject:* [council] EPDP Weekly update
hi all,
please find the EPDP update of last week. Happy to answer questions.
Best Regards,
Rafik
It looks like this is going ahead with CBI (https://www.cbi.org/facilitation-and-mediation/) being contracted for the upcoming meeting -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ https://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: council <council-bounces@gnso.icann.org> on behalf of Rafik Dammak <rafik.dammak@gmail.com> Date: Thursday 13 September 2018 at 07:02 To: Darcy Southwell <darcy.southwell@endurance.com> Cc: Council GNSO <council@gnso.icann.org> Subject: Re: [council] EPDP Weekly update Hi Darcy, thanks, yes, there is a plan to have a facilitator attending the F2F meeting in LA and helping us there. Best, Rafik Le mer. 12 sept. 2018 à 08:14, Darcy Southwell <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>> a écrit : Thanks, Keith. Excellent questions. To follow up on Keith’s points, is there a plan to have a facilitator attend the face to face in Los Angeles? We’ve known from the beginning that this EPDP is a heavy lift. A facilitator could prove useful in assisting with consensus building, especially in a face-to-face setting. Thanks, Darcy From: Drazek, Keith [mailto:kdrazek@verisign.com<mailto:kdrazek@verisign.com>] Sent: Tuesday, September 11, 2018 3:06 PM To: darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>; rafik.dammak@gmail.com<mailto:rafik.dammak@gmail.com>; council@gnso.icann.org<mailto:council@gnso.icann.org> Subject: RE: [council] EPDP Weekly update Hi all, I have joined a couple of the recent EPDP WG calls as an observer, and I have a few observations and questions we should consider. From a Council “process management” perspective, these are intended to be constructive in the hopes of ensuring success of the EPDP: * Following the Triage exercise, the EPDP working group does not appear to be working toward answering the questions contained in the Charter in a systematic way. What was the decision process behind not following the Charter questions? When will the group return to the Charter questions? * What does the WG leadership see as the ultimate outcome of this EPDP, and what do we as Council expect the deliverable to be? Rather than focusing on the gating questions enumerated in the Charter, the WG has been engaged in a Temp Spec red-lining exercise. Is our expected deliverable a list of policy recommendations or a revised version of the Temporary Specification? Or both? We should all be clear on the expected deliverable. * After 12 meetings and the Triage process, there doesn’t appear to be much progress toward consensus. It seems that different groups keep restating their positions with little variation when it comes to discussing purposes. Does leadership have a plan for breaking through this and moving the ball forward? Do we as Council need to provide additional guidance or clarification? * Noting that the discussion on many calls seems to meander, it might be helpful for leadership and staff to identify a goal or goals that the day’s discussion is meant to achieve, and to communicate such goal(s) to the WG prior to the call along with the agenda. * Have leadership and staff developed a plan for how to structure the face-to-face meeting in Los Angeles later this month? Thanks, and I welcome further discussion on this. I know the WG leadership and staff and members/alternates are all working hard under very compressed timelines, so we should look for opportunities to help focus and streamline the work without interfering in the substantive discussions. Regards, Keith From: council <council-bounces@gnso.icann.org<mailto:council-bounces@gnso.icann.org>> On Behalf Of Darcy Southwell Sent: Tuesday, September 11, 2018 1:46 PM To: rafik.dammak@gmail.com<mailto:rafik.dammak@gmail.com>; 'Council GNSO' <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: [EXTERNAL] Re: [council] EPDP Weekly update Thanks, Rafik. Have a couple of questions from your update: • What is the deadline for EPDP members to complete the training? • You noted the project is behind, and I see the items highlighted in yellow as “manageable delay/issue.” You agree that these are manageable? I wasn’t sure from your update. Thanks, Darcy From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: [council] EPDP Weekly update hi all, please find the EPDP update of last week. Happy to answer questions. Best Regards, Rafik
Hi Keith, thanks for the comments and suggestions, I am responding to the extent of possible and quickly. I put Kurt in cc as he can add more comments to some of them as they seem addressed to EPDP leadership. Le mer. 12 sept. 2018 à 04:05, Drazek, Keith <kdrazek@verisign.com> a écrit :
Hi all,
I have joined a couple of the recent EPDP WG calls as an observer, and I have a few observations and questions we should consider. From a Council “process management” perspective, these are intended to be constructive in the hopes of ensuring success of the EPDP:
- Following the Triage exercise, the EPDP working group does not appear to be working toward answering the questions contained in the Charter in a systematic way. What was the decision process behind not following the Charter questions? When will the group return to the Charter questions?
I think that was not clear and missing from our side, but the thinking from leadership and support staff is to use the "Discussion Summary Index" to include the charter questions and the relevant temp spec sections in same place. The idea is that through updates to the temp spec, the charter questions will be answered using the rationale for the changes for that purpose.
- What does the WG leadership see as the ultimate outcome of this EPDP, and what do we as Council expect the deliverable to be? Rather than focusing on the gating questions enumerated in the Charter, the WG has been engaged in a Temp Spec red-lining exercise. Is our expected deliverable a list of policy recommendations or a revised version of the Temporary Specification? Or both? We should all be clear on the expected deliverable.
it is likely to be both redlines and policy recommendations. The aim would be to get the EPDP team to agree on the outcome from this effort and being clear about that. I concurr with you that we have to be more clear about the expected deliverable and I know that some SGs already raised those questions.
- After 12 meetings and the Triage process, there doesn’t appear to be much progress toward consensus. It seems that different groups keep restating their positions with little variation when it comes to discussing purposes. Does leadership have a plan for breaking through this and moving the ball forward? Do we as Council need to provide additional guidance or clarification?
I think the council guidance to the EPDP leadership is important and helpful. We suggested a new approach to manage our calls with aim to get things done and everyone focused on the same goal than getting the same arguments/positions rehashed. Other approaches are under discussion or to be discussed to use them to make more steady progress.
- Noting that the discussion on many calls seems to meander, it might be helpful for leadership and staff to identify a goal or goals that the day’s discussion is meant to achieve, and to communicate such goal(s) to the WG prior to the call along with the agenda.
that is something we are working toward as the number of calls left is limited. We are currently discussing changes on the agenda and stating goals and deliverables for each topic in order to steer the deliberations. I understand that messaging and communciation have to be improved in order to get all EPDP members understand what we are trying to achieve and have everyone on board.
- Have leadership and staff developed a plan for how to structure the face-to-face meeting in Los Angeles later this month?
we are working on that currently and aiming to share details with EPDP team asap.
Thanks, and I welcome further discussion on this. I know the WG leadership and staff and members/alternates are all working hard under very compressed timelines, so we should look for opportunities to help focus and streamline the work without interfering in the substantive discussions.
as you can see from my responses, we got several actions to take and are being work out. We are aware about the issues and shortcomings and trying to fix them. I personally welcome those suggestions and comments. This EPDP is an experiment for PDP 3.0 and we have to make it successful. The weekly report will include more details. I may send more later on depending on the ongoing discussions. Best, Rafik
*From:* council <council-bounces@gnso.icann.org> *On Behalf Of *Darcy Southwell *Sent:* Tuesday, September 11, 2018 1:46 PM *To:* rafik.dammak@gmail.com; 'Council GNSO' <council@gnso.icann.org> *Subject:* [EXTERNAL] Re: [council] EPDP Weekly update
Thanks, Rafik. Have a couple of questions from your update:
- What is the deadline for EPDP members to complete the training? - You noted the project is behind, and I see the items highlighted in yellow as “manageable delay/issue.” You agree that these are manageable? I wasn’t sure from your update.
Thanks,
Darcy
*From:* council [mailto:council-bounces@gnso.icann.org <council-bounces@gnso.icann.org>] *On Behalf Of *Rafik Dammak *Sent:* Monday, September 10, 2018 10:31 AM *To:* Council GNSO <council@gnso.icann.org> *Subject:* [council] EPDP Weekly update
hi all,
please find the EPDP update of last week. Happy to answer questions.
Best Regards,
Rafik
Hi Rafik, Thank you for your response to my observations and questions, and thanks for your hard work as Council liaison and Vice Chair. As you know, as managers of this expedited PDP process, we need to make sure Council receives early warning of any potential issues or road blocks. I encourage you and Kurt to proactively communicate with Council when faced with impediments to the success of the ePDP. I have some follow up thoughts to your responses: * In creating the charter, the drafting team recognized the complexity of what the working group was being asked to do and the tight timeframe involved, and so deliberately laid out the charter questions in the mission and scope section to guide the working group through the questions it would need to answer and the steps it would need to follow to develop consensus policy recommendations to address the temporary specification. * Am I correct in understanding your response that the leadership team and support staff have made the decision not to follow the path laid out in the charter? It appears, instead, that the working group is going through and deliberating on each section of the temporary specification which, as you put it, is likely to product both redlines and policy recommendations. * You referenced the “Discussion Summary Index” found on the working group wiki page (https://community.icann.org/display/EOTSFGRD/c.+Temporary+Specification+Disc...). While these documents contain the temporary specification language, relevant advice from DPA/EDPB correspondence, input from the triage exercise and a mapping to related charter question(s), it is not clear how those summaries are being used to help guide the group toward consensus. * Noting the work and project plan on the working group wiki page (https://community.icann.org/pages/viewpage.action?pageId=88574682), I’d like to understand the rationale behind deliberating section by section through the temporary specification instead of following the charter questions. Finally, I am concerned with the part of your response where you say the working group still needs to figure out what the outcome of the EPDP should be. How can the group organize its work if they do not know what they are working towards as a deliverable? I’d appreciate an update to Council from you or Kurt on this matter specifically. Thanks and regards, Keith From: Rafik Dammak <rafik.dammak@gmail.com> Sent: Tuesday, September 11, 2018 8:32 PM To: Drazek, Keith <kdrazek@verisign.com> Cc: Darcy Southwell <darcy.southwell@endurance.com>; Council GNSO <council@gnso.icann.org>; Kurt Pritz <kurt@kjpritz.com> Subject: [EXTERNAL] Re: [council] EPDP Weekly update Hi Keith, thanks for the comments and suggestions, I am responding to the extent of possible and quickly. I put Kurt in cc as he can add more comments to some of them as they seem addressed to EPDP leadership. Le mer. 12 sept. 2018 à 04:05, Drazek, Keith <kdrazek@verisign.com<mailto:kdrazek@verisign.com>> a écrit : Hi all, I have joined a couple of the recent EPDP WG calls as an observer, and I have a few observations and questions we should consider. From a Council “process management” perspective, these are intended to be constructive in the hopes of ensuring success of the EPDP: * Following the Triage exercise, the EPDP working group does not appear to be working toward answering the questions contained in the Charter in a systematic way. What was the decision process behind not following the Charter questions? When will the group return to the Charter questions? I think that was not clear and missing from our side, but the thinking from leadership and support staff is to use the "Discussion Summary Index" to include the charter questions and the relevant temp spec sections in same place. The idea is that through updates to the temp spec, the charter questions will be answered using the rationale for the changes for that purpose. * What does the WG leadership see as the ultimate outcome of this EPDP, and what do we as Council expect the deliverable to be? Rather than focusing on the gating questions enumerated in the Charter, the WG has been engaged in a Temp Spec red-lining exercise. Is our expected deliverable a list of policy recommendations or a revised version of the Temporary Specification? Or both? We should all be clear on the expected deliverable. it is likely to be both redlines and policy recommendations. The aim would be to get the EPDP team to agree on the outcome from this effort and being clear about that. I concurr with you that we have to be more clear about the expected deliverable and I know that some SGs already raised those questions. * After 12 meetings and the Triage process, there doesn’t appear to be much progress toward consensus. It seems that different groups keep restating their positions with little variation when it comes to discussing purposes. Does leadership have a plan for breaking through this and moving the ball forward? Do we as Council need to provide additional guidance or clarification? I think the council guidance to the EPDP leadership is important and helpful. We suggested a new approach to manage our calls with aim to get things done and everyone focused on the same goal than getting the same arguments/positions rehashed. Other approaches are under discussion or to be discussed to use them to make more steady progress. * Noting that the discussion on many calls seems to meander, it might be helpful for leadership and staff to identify a goal or goals that the day’s discussion is meant to achieve, and to communicate such goal(s) to the WG prior to the call along with the agenda. that is something we are working toward as the number of calls left is limited. We are currently discussing changes on the agenda and stating goals and deliverables for each topic in order to steer the deliberations. I understand that messaging and communciation have to be improved in order to get all EPDP members understand what we are trying to achieve and have everyone on board. * Have leadership and staff developed a plan for how to structure the face-to-face meeting in Los Angeles later this month? we are working on that currently and aiming to share details with EPDP team asap. Thanks, and I welcome further discussion on this. I know the WG leadership and staff and members/alternates are all working hard under very compressed timelines, so we should look for opportunities to help focus and streamline the work without interfering in the substantive discussions. as you can see from my responses, we got several actions to take and are being work out. We are aware about the issues and shortcomings and trying to fix them. I personally welcome those suggestions and comments. This EPDP is an experiment for PDP 3.0 and we have to make it successful. The weekly report will include more details. I may send more later on depending on the ongoing discussions. Best, Rafik From: council <council-bounces@gnso.icann.org<mailto:council-bounces@gnso.icann.org>> On Behalf Of Darcy Southwell Sent: Tuesday, September 11, 2018 1:46 PM To: rafik.dammak@gmail.com<mailto:rafik.dammak@gmail.com>; 'Council GNSO' <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: [EXTERNAL] Re: [council] EPDP Weekly update Thanks, Rafik. Have a couple of questions from your update: •••••••• What is the deadline for EPDP members to complete the training? •••••••• You noted the project is behind, and I see the items highlighted in yellow as “manageable delay/issue.” You agree that these are manageable? I wasn’t sure from your update. Thanks, Darcy From: council [mailto:council-bounces@gnso.icann.org] On Behalf Of Rafik Dammak Sent: Monday, September 10, 2018 10:31 AM To: Council GNSO <council@gnso.icann.org<mailto:council@gnso.icann.org>> Subject: [council] EPDP Weekly update hi all, please find the EPDP update of last week. Happy to answer questions. Best Regards, Rafik
Hi Darcy, Thanks for the comments. Le mer. 12 sept. 2018 à 02:45, Darcy Southwell < darcy.southwell@endurance.com> a écrit :
Thanks, Rafik. Have a couple of questions from your update:
· What is the deadline for EPDP members to complete the training?
it is the 17th September so members can be ready for the call with Becky in the 18th September
· You noted the project is behind, and I see the items highlighted in yellow as “manageable delay/issue.” You agree that these are manageable? I wasn’t sure from your update.
for triage we were behind but it should be shared soon. yes, I am monitoring them more closely and the color change in the update for this week will depend on the outcomes of calls and actions taken by team and/or leadership. The amber color is enough to give heads-up about possible issue. I will add more notes to explain the rationale for the color to be more explicit and add more nuance. Best, Rafik
*From:* council [mailto:council-bounces@gnso.icann.org] *On Behalf Of *Rafik Dammak *Sent:* Monday, September 10, 2018 10:31 AM *To:* Council GNSO <council@gnso.icann.org> *Subject:* [council] EPDP Weekly update
hi all,
please find the EPDP update of last week. Happy to answer questions.
Best Regards,
Rafik
participants (6)
-
Ayden Férdeline -
Darcy Southwell -
Drazek, Keith -
Marika Konings -
Michele Neylon - Blacknight -
Rafik Dammak