Dear Marika and team, After much deliberation by the teams noting Thomas' comment relating to Roles and Responsibilities, I am blatantly using this as a segue: we do have a specific comment to make on the "Processing Activities & Responsible Parties document". The CPH have jointly outlined some concerns outlined in these comments. Apologies for the delay, but all these issues demand careful though and there are many such demands on us all at this moment (I fully appreciate on you guys too .. so again very sorry!) Kind regards, Alan Woods [image: Donuts Inc.] <http://donuts.domains> Alan Woods Senior Compliance & Policy Manager, Donuts Inc. ------------------------------ The Victorians, 15-18 Earlsfort Terrace Dublin 2, County Dublin Ireland <https://www.facebook.com/donutstlds> <https://twitter.com/DonutsInc> <https://www.linkedin.com/company/donuts-inc> Please NOTE: This electronic message, including any attachments, may include privileged, confidential and/or inside information owned by Donuts Inc. . Any distribution or use of this communication by anyone other than the intended recipient(s) is strictly prohibited and may be unlawful. If you are not the intended recipient, please notify the sender by replying to this message and then delete it from your system. Thank you. On Mon, Nov 5, 2018 at 4:24 PM Thomas Rickert <epdp@gdpr.ninja> wrote:
Hi Marika, May I ask for an additional point to be added to the agenda?
It is relating to the responsibilities of the parties. Looking at all the work sheets, there are a few processing activities, for which the parties are not joint controllers, but where we have controller-processor relationships. I am not sure this is the best possible outcome and I would like to have a discussion about streamlining this. In my view, it is possible to make more points part of the joint controller situation and take care of the responsibilities in the joint controller agreement by allocating responsibilities to specific parties and add indemnification clauses to get to the intended results.
Also, it is difficult to work on the draft report and provide input while work books and other input is not yet stable. Can we please get more time to review a stable version of the draft initial report?
Best, Thomas
Am 05.11.2018 um 17:05 schrieb Marika Konings <marika.konings@icann.org>:
Dear All,
Please find below the proposed agenda for the next EPDP Team meeting which is scheduled for Tuesday 5 November at 14.00 UTC. In relation to agenda item 4, please review the following and provide your feedback on the mailing list to help inform the discussion.
- *Technical contact consent*
In relation to the data elements that are optional to provide for the Registered Name Holder (RNH), the following language was added to the preliminary recommendation to reflect that the registrar may not have a direct contractual relationship with the data subject whose information is provided by the RNH: *If the Registered Name Holder elects to provide contact information for a technical contact who does not have a direct contractual relationship with the registrar, the registrar is required to redact or obtain all necessary consent from the technical contact prior to publication.* However, noting that it is currently not proposed that technical contact information would be published, we would suggest making the following update: *If the Registered Name Holder elects to provide contact information for a technical contact who does not have a direct contractual relationship with the registrar, the registrar is required to redact or obtain all necessary consent from the technical contact prior to publication any disclosure.*
*Question for the EPDP Team*: are you comfortable with the inclusion of this revised language as part of preliminary recommendation #10? If not, please provide your rationale and proposed changes / edits prior to the meeting.
- *Data retention*
This recommendation is derived from Data Elements Workbook A. Are there any concerns about this recommendation? *The EPDP Team recommends that Registrars are required to retain the herein-specified data elements for a period of one year following the life of the registration. This retention period conforms to the specific statute of limitations within the Transfer Dispute Resolution Policy (“TDRP”). Other relevant parties, including Registries, escrow providers and ICANN Compliance, have separate retention periods less than or equal to one year accordingly and in line with the GDPR requirements.*
*Question for the EPDP Team: *are you comfortable with the inclusion of this preliminary recommendation? If not, please provide your rationale and proposed changes / edits prior to the meeting.
Note that in relation to small team #1 and #2 discussions, the leadership team will be putting forward a proposed path forward shortly.
Best regards,
Caitlin, Berry and Marika
*EPDP Meeting #23 Agenda* Tuesday, 5 November 2018
1. Roll Call & SOI Updates (5 minutes) 2. Welcome and Updates from EPDP Team Chair (5 minutes)
1. Proposed approach for reviewing and finalizing the Initial Report 2. Update on F2F planning 3. Proposed next steps in relation to small team #1 and #2 language for inclusion in the Initial Report 4. Review of outstanding action items 5. Other updates, if applicable
1. Review of outstanding items for Initial Report and proposed approach
Objective of discussion:
1. Confirm list of outstanding items to be considered in relation to Initial Report and approach for addressing these
1. Review outstanding issues punch list (to be circulated) 2. Confirm approach for addressing these 3. Confirm next steps, if any
1. Commence addressing outstanding items
1. Technical contact redaction – any concerns in relation to proposed language for inclusion in the Initial Report? 2. Data retention – any concerns in relation to proposed language for inclusion in the Initial Report? 3. Confirm next steps, if any
1. Wrap and confirm next meeting to be scheduled for Thursday 8 November at 14.00 UTC. 1. Confirm action items 2. Confirm questions for ICANN Org, if any
*Marika Konings* *Vice President, Policy Development Support – GNSO, Internet Corporation for Assigned Names and Numbers (ICANN) * *Email: marika.konings@icann.org <marika.konings@icann.org> *
*Follow the GNSO via Twitter @ICANN_GNSO* *Find out more about the GNSO by taking our interactive courses <https://urldefense.proofpoint.com/v2/url?u=http-3A__learn.icann.org_courses_...> and visiting the GNSO Newcomer pages <https://urldefense.proofpoint.com/v2/url?u=http-3A__gnso.icann.org_sites_gns...>. *
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team