Agree with Darcy and Chris here. Third Party Privacy Providers not affiliated with the Registrar is the ONLY party who has the real data, and that data MUST be escrowed. We cannot be in a position that when such a privacy provider would go down, we have millions of useless records. Let's eliminate the conditions that currently exist for those privacy provider and make sure this won't happen again: https://en.wikipedia.org/wiki/RegisterFly Talk to you folks tomorrow. Theo On 27-2-2017 19:22, Chris Pelling wrote:
Got to agree with Darcy here.
Surely the "new solution" is only for non affiliated parties, in which case, they through the accreditation agreement setup an IM account similar to a registrar.
Registrar with affiliated PP service that has been disclosed to ICANN
Standard RAA Data Escrow in place that is already working PP service provider that is not affiliated, signs Data escrow agreement as part of the PP accreditation service to provide IM weekly deposits or daily dependant on current RAA guidelines for sizing.
Lets not overcomplicate this :)
Kind regards,
Chris
------------------------------------------------------------------------ *From: *"Darcy Southwell" <darcy.southwell@endurance.com> *To: *gdd-gnso-ppsai-impl@icann.org *Sent: *Monday, 27 February, 2017 18:12:56 *Subject: *Re: [Gdd-gnso-ppsai-impl] Agenda and discussion question for 28 February Privacy/Proxy IRT meeting
I feel like we’re overcomplicating this. If the P/P provider is affiliated with the registrar, there’s no reason for them to “mutually agree” – they are affiliated companies and will have already declared that to ICANN.
*From: *<gdd-gnso-ppsai-impl-bounces@icann.org> on behalf of Amy Bivins <amy.bivins@icann.org> *Reply-To: *<gdd-gnso-ppsai-impl@icann.org> *Date: *Monday, February 27, 2017 at 10:02 AM *To: *"gdd-gnso-ppsai-impl@icann.org" <gdd-gnso-ppsai-impl@icann.org> *Subject: *Re: [Gdd-gnso-ppsai-impl] Agenda and discussion question for 28 February Privacy/Proxy IRT meeting
Hi Darcy and all,
Thanks for your input on this so far.
To clarify—we know that Customer data—data that does not appear in WHOIS but is required to be retained and escrowed by the registrar under the RAA—will be required to be escrowed and retained through this new Accreditation Program’s requirements. We are trying to develop a solution that addresses the issue you identified—ensuring that accredited registrars should not have to duplicate work if they are also accredited providers.
We see two ways to do that: either—
1.The requirement to escrow/retain can always be on the accredited provider, and the existing requirements for registrars with respect to this specific information can be eliminated so that work will not be duplicated--this is what we were attempting to capture in Option 1; or
2.Where a provider is affiliated with a registrar, the provider and registrar could mutually agree that the retention/escrow will continue to be done by the affiliated registrar, as is being done now per the existing RAA requirements (Option 2).
We are not expressing a preference for either alternative and this feedback so far has been very helpful. Does this help to clarify?
Best,
Amy
*From:* gdd-gnso-ppsai-impl-bounces@icann.org [mailto:gdd-gnso-ppsai-impl-bounces@icann.org] *On Behalf Of *Darcy Southwell *Sent:* Monday, February 27, 2017 12:41 PM *To:* gdd-gnso-ppsai-impl@icann.org *Subject:* Re: [Gdd-gnso-ppsai-impl] Agenda and discussion question for 28 February Privacy/Proxy IRT meeting
Thanks, Amy.
I find the second part of item 2 (after the word “so”) to be confusing and inconsistent with the PDP WG’s intent. Depending on what is considered to be “Customer data,” the discussion was never that registrars would no longer have to “retain” or “escrow” such data. Rather the WG’s focus was (as with many other processes that we’ve discussed so far) that accredited registrars should not have to duplicate work if they are also accredited P/P providers. If that’s what we’re trying to address with item #1, then we should probably rework the language a bit. Is there some clarity that can be provided here before our meeting?
Generally speaking, I think item #2 seems at odds with the very concept of an accreditation program.
Thanks,
Darcy
*From: *<gdd-gnso-ppsai-impl-bounces@icann.org <mailto:gdd-gnso-ppsai-impl-bounces@icann.org>> on behalf of Amy Bivins <amy.bivins@icann.org <mailto:amy.bivins@icann.org>> *Reply-To: *<gdd-gnso-ppsai-impl@icann.org <mailto:gdd-gnso-ppsai-impl@icann.org>> *Date: *Friday, February 24, 2017 at 6:14 AM *To: *"gdd-gnso-ppsai-impl@icann.org <mailto:gdd-gnso-ppsai-impl@icann.org>" <gdd-gnso-ppsai-impl@icann.org <mailto:gdd-gnso-ppsai-impl@icann.org>> *Subject: *[Gdd-gnso-ppsai-impl] Agenda and discussion question for 28 February Privacy/Proxy IRT meeting
Hello, All,
I hope you are well! This is a reminder of the Privacy/Proxy Services Accreditation IRT call scheduled for 28 February 2017 at 15:00 UTC. I hope you can attend. Our agenda is fairly short, so the call will likely not last the full 90 minutes.
Attached is a document that includes background material (text of relevant RAA provisions) and a discussion question for the call. I’m repeating the question here for convenience (if you wish to share your thoughts on this before Tuesday, please feel free to do so on the list):
/In light of existing RAA requirements for Registrars’ retention and escrow of Privacy and Proxy Service Customer data, and in light of the discussions during the 24^th January 2017 Privacy/Proxy Implementation Review Team meeting, the ICANN organization should implement data escrow and retention requirements for accredited Privacy and Proxy Service Providers as follows (choose one):/
1./The data escrow and retention requirements for Registrars (with respect to Privacy/Proxy Customer data) should be superseded by new requirements for all accredited Privacy and Proxy Service Providers, so that Registrars would no longer be required to retain or escrow the underlying Customer data associated with Privacy and Proxy Service registrations offered or made available by the Registrar or its affiliates; or/
2./ICANN should permit the Registrar and the accredited Privacy and Proxy Service Provider to choose whether the Registrar or the Provider will be responsible for escrow and retention of Customer data./
In addition to this question, we will also discuss potential topics for our agenda at our half-day meeting at ICANN58.
Best,
Amy
*Amy E. Bivins*
Registrar Policy Services Manager
Registrar Services and Industry Relations
Internet Corporation for Assigned Names and Numbers (ICANN)
Direct: +1 (202) 249-7551
Fax: +1 (202) 789-0104
Email: amy.bivins@icann.org <mailto:amy.bivins@icann.org>
www.icann.org <http://www.icann.org>
_______________________________________________ Gdd-gnso-ppsai-impl mailing list Gdd-gnso-ppsai-impl@icann.org <mailto:Gdd-gnso-ppsai-impl@icann.org> https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl
_______________________________________________ Gdd-gnso-ppsai-impl mailing list Gdd-gnso-ppsai-impl@icann.org https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl
_______________________________________________ Gdd-gnso-ppsai-impl mailing list Gdd-gnso-ppsai-impl@icann.org https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl
_______________________________________________ Gdd-gnso-ppsai-impl mailing list Gdd-gnso-ppsai-impl@icann.org https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl