Dear Colleagues:

 

Thank you for your attendance and participation on this week’s Privacy/Proxy IRT call. If you were unable to attend, I encourage you to review the recording and materials posted on the wiki, https://community.icann.org/display/IRT/12+December+2017.

 

The IRT is making its way through the attached Issues List, and I updated the Issues List to reflect Tuesday’s discussion. 

 

On our next call on Tuesday, 19 December, we will discuss the issue of data collection, retention, escrow, GDPR concerns, etc., which is next on the Issues List.  Provided we conclude the discussion of data collection, we will continue to work our way through the issues list in order.

 

Please provide any additional input you have on the topics discussed on Tuesday (summary provided below) no later than next Friday, 23 December.

 

Summary of today’s topics, questions and action items (updated issues list, with complete IRT input, attached):

 

  1. Definitional Concerns
    1. The IRT members on the call seem to be in agreement that the PPAA definitions that match RAA definitions should not be changed. Specifically, these definitions include:
      1. gTLD Zone-File Data (section 1.13)
      2. Personal Data (section 1.19)
      3. Provider Approval (section 1.21)
      4. Registered Name (section 1.24)
      5. Registered Name Holder (section 1.25)
      6. Reseller (section 1.33)
      7. Registered name is “sponsored” (section 1.36)

 

    1. The IRT members on the call expressed no objections to these definitions:
      1. Person (section 1.18)
      2. Registration Data Directory Service (section 1.28)

 

    1. The following definitions require further discussion and/or amendment:

 

      1. Affiliated Provider (Section 1.4) (Please see my email of 13 December for further information.)

 

      1. Customer; Privacy Service; Proxy Service (Section 1.8; 1.22; 1.24) – The definition of customer was added for the sake of clarity and consistency since the terms beneficial user, customer, licensee, and underlying registrant were not used consistently in the Final Report.  The definition of Customer is also cross-referenced in the definition of Privacy Service and Proxy Service; accordingly, these definitions are not an exact match of the Final Report/Privacy/Proxy Specification.  Some IRT members expressed concerns with the removal of the term beneficial user, as there was a reason this term was used.  No one on the call expressed the particular reason and/or difference between these termsWe are seeking additional feedback on the specific difference and/or concern between customer, beneficial user, underlying registrant, and licensee.  It would also be helpful if you could propose definitions of licensee/beneficial user if you believe we need to add more definitions than Customer.

 

      1. Law Enforcement Authority (Section 1.16): IRT feedback: The language re: applicable jurisdiction should be looked at in conjunction with the LEA Framework to specify that the provider may have obligations outside the PPAA, and this definition does not negate that.

 

      1. Service Provider (Section 1.37): Change all references from Provider to Service Provider for consistency with the defined term.

 

      1. Working Group (Section 1.43): There seems to be some disagreement regarding who should comprise the Working Group – if it should just be Service Providers, or if it should include a cross-section of the community.  Additionally, a few IRT members suggested deleting the phrase, “provided, that, if the Generic Names Supporting Organization (the “GNSO”) forms a stakeholder group for Service Providers (the “Provider Stakeholder Group”), then following the date of the formation of the Provider Stakeholder Group, the Provider Stakeholder Group shall appoint the representatives of the Service

Providers and other members of the community to constitute the Working Group. The Working Group will serve as a working group to consult on amendments to the Service Provider Agreements (excluding bilateral amendments pursuant to Section 6.9).”

 

Additional IRT Feedback is requested on the definitions of Affiliated Provider, Customer, Law Enforcement Authority, Privacy Provider, Proxy Provider, and Working Group.

 

  1. Drafting Concerns
    1. Sections 2.3.2 and 2.3.3 General Obligations of ICANN– no IRT members on the call expressed concerns with this section.
    2. Section 2.4 Use of ICANN-accredited Providers – IRT member (Margie Milam) suggestion: “intends to abide” is weak language – consider redrafting to “shall abide” or “shall reasonably abide”
    3. Section 3.1 General Obligations of Service Provider – IRT members recommend keeping WILL, instead of MAY, in the provision: During the Term of this Agreement, [Service] Provider agrees that it will provide the Services in accordance with this Agreement

 

As always, if you would like to raise any other issues or feedback, please feel free to send to the list at any time. 

 

I look forward to Tuesday’s call, where we will continue working our way through the issues list. 

 

Kind regards, 

 

Caitlin