Dear Bastiaan, all

Thanks Alan (and Haidia?) for this draft, 

On the geographic differentiation am more inclined towards maintaining our request for it to be discussed at phase2. During the early discussion of phase 1,  a few members of the ePDP including (ALAC) made an attempt to push for a scenario where we use this opportunity to address (or provide a foundation for) a system that will not only address GDPR but also address other privacy related laws that may spring up from other parts of the world. There was a significant push back from the contracted side (including NCSG) strongly(and rightly so) insisting that this was an exercise solely meant for GDPR. I then wonder why the ePDP would want to apply the GDPR globally when it in "theory/practice" does not "protect/affect" the global users.

So I think and believe that we still need to make that distinction and differentiation. If that differentiation exist then it will be easier to evaluate the effect of GDPR with regards to data of users "protected" by it and those who are not and perhaps it will help appreciate the good/bad of the GDPR syndrome. An attempt to apply a regional policy to global users should not be supported by ALAC.

That said, I will suggest that the security point being enumerated under the geographic differentiation(from the moreover paragraph) should perhaps be assigned a sub heading as it's an important point that needs to be maintained even if we decide not to keep the geographic differentiation concern.

Regards
PS: Unless otherwise stated, my views here are always as an end user and not representative of the views of any other hats I may wear.
Sent from my mobile
Kindly excuse brevity and typos

On Thu, 4 Apr 2019, 09:06 Bastiaan Goslings, <bastiaan.goslings@ams-ix.net> wrote:
Thanks a lot, Alan - your and Hadia’s efforts are much appreciated

(I was not on yesterday’s CPWG call so do not know how this was discussed)

It might not come as a surprise, but I do not agree with the advice on ‘Geographic Differentiation’. Both when it comes to the framing/introduction as well as the conclusion. I do not have time to elaborate on this know, but happy to do so later - in the meantime see my previous comments.

I can agree with the 'Thick WHOIS’ concerns - the part on 'Legal/Natural Person Differentiation' seems redundant to me though, this is already covered by rec#17: 'The EPDP Team will determine and resolve the Legal vs. Natural issue in Phase 2’

cheers
Bastiaan



***  Please note that this communication is confidential, legally privileged, and subject to a disclaimer: https://www.ams-ix.net/ams/email-disclaimer  ***




> On 3 Apr 2019, at 15:59, Alan Greenberg <alan.greenberg@mcgill.ca> wrote:
>
> Please find attached a draft of the ALAC Advice to the Board related to the EPDP.
>
> Note that the highlighting (inadvertantly missing in the third case) gives two alternative pheasings to be discussed.
>
> Hadia has reviewed it and supports it.
>
> Alan
> --
> Sent from my mobile. Please excuse brevity and typos.
> <Advice-DRAFT-v01.docx>_______________________________________________
> CPWG mailing list
> CPWG@icann.org
> https://mm.icann.org/mailman/listinfo/cpwg
> _______________________________________________
> registration-issues-wg mailing list
> registration-issues-wg@atlarge-lists.icann.org
> https://mm.icann.org/mailman/listinfo/registration-issues-wg

_______________________________________________
CPWG mailing list
CPWG@icann.org
https://mm.icann.org/mailman/listinfo/cpwg