Hi Amy and colleagues,

 

I believe that I volunteered on last Thursday’s call to suggest possible language for two items in the PPAA discussed on the call (these arose out of edits proposed by Volker and my responses thereto).

 

A.       Regarding specification 8, I agreed with Volker that this detailed specification is unnecessary and also noted that its provisions seem inapplicable to those Providers not subject to the jurisdiction of the EU.  I suggested instead, building on Volker’s comments,  that this specification be converted to a certification by the Provider of its compliance with all applicable laws with regard to data processing under the Agreement (which for many Providers would of course include the GDPR).  The simplest path  for making this change would be drop Specification 8 altogether and  add a provision to the compliance certificate (Specification 7) as follows (I suggest as the second paragraph with the remaining paragraphs renumbered) :

 

2.  Remains in compliance with applicable laws concerning the processing of Personal Data pursuant to this Agreement, including any responsibilities to ICANN arising under such applicable laws;

 

As discussed on the call, such a certification would provide a basis for ICANN compliance action (including de-accreditation) if in fact the data processing activities of a Provider subject to GDPR transgressed that legislation, without cluttering the PPAA with provisions not applicable to all Providers. 

 

(I also would note one needed copy edit in Specification 7:  in the existing paragraph 2 the reference to “registrar” should be “Provider”.) 

 

Amy, since you indicated that it was ICANN Legal that was insisting on the inclusion of Specification 8, can you ask them to review and respond to this proposed change prior to (or during) our call next Thursday?

 

B.       Paragraph 3.3 of the PPAA:  Volker indicated a willingness to consider a revision to this provision, which he had called for dropping altogether. I suggest that it be revised as follows (add text in italics, delete text in [brackets]):  

 

Rights in Data. Provider does not disclaim rights in the data elements listed

in Sections 3.3.1 through 3.3.4 concerning active Registered Names for which it

provides the Services, and agrees to grant non-exclusive, irrevocable, royalty-free

licenses to make use of and disclose such data elements for the purpose of Disclosure or Publication pursuant to this Agreement, or of providing

a service or services (such as a Registration Data Directory Service) to the extent that it provides [providing]

interactive, query-based public access.   

 

The first change is to accommodate disclosure or publication of data (as discussed in my dialogue with Volker) and the second is intended to dispel any impression that the Provider is responsible for an RDDS that provides interactive query-based access. It simply provides the basis for a license to the Registrar to the extent that it continues to provide such a service, for instance, in the case of non-Personal Data elements in the registration data of a legal person registrant, or in the case of a registration not subject to GDPR.

 

I solicit the reaction of Volker or any other IRT member to this suggestion. 

 

Steve Metalitz

 

 

 

Dear Colleagues,

 

Thanks for your active participation on today’s PP IRT call. If you didn’t attend, I encourage you to review the materials and recording, which are available on the wiki, https://community.icann.org/display/IRT/6+Sept+2018+Meeting.

 

Notes and Action Items

1. The first item on today’s agenda was a discussion of the feedback and comments from some members of the IRT that the current RDDS environment might signal a need to consult with the GNSO Council about the status of the PP IRT’s work. IRT members were asked whether they believe questions exist that should be taken to the Council and, if so, what the questions are. IRT members are encouraged to review the recording to hear their all positions raised on this item.
   1. Action Item 1: If any IRT member believes that one or more Policy issues have arisen that should be referred to the GNSO Council, the member is requested to clearly identify that question on the list no later than the end of the day on Friday.
   2. Action Item 2: IRT members are requested to provide feedback on any issues raised via the list.
   3. Action Item 3: IRT members are also invited to, either instead of writing to the list or as a supplement, indicate their position on whether or not they believe a Policy issue has arisen that should be escalated to the Council, by participating in this poll: https://www.surveymonkey.com/r/8MW2JMM Please complete the poll by the end of this week. I will circulate the results of the poll on Monday. The poll results will be considered along with feedback received on the list and the call.
   4. If the results of the poll and continued discussion on the list this week indicate that there is a likely consensus to escalate one or more issues to the Council, this potential course of action will be continued to be explored next week. If not, we will continue to work to finalize the PPAA in preparation for public comment.
2. PPAA Markup
   1. We began reviewing the PPAA markup, and will continue reviewing next week.
   2. Action Item: IRT members are invited to continue reviewing the markup and provide any additional feedback on the document no later than end of day Monday for discussion on Thursday’s call.
   3. Action Item: I will consult with Legal about points raised on the call, for discussion next week.

 

Best,

Amy

 

Amy E. Bivins

Registrar Services and Engagement Senior Manager

Registrar Services and Industry Relations

Internet Corporation for Assigned Names and Numbers (ICANN)

Direct: +1 (202) 249-7551

Fax:  +1 (202) 789-0104

Email: amy.bivins@icann.org

www.icann.org