Dear Kurt and team, We appreciate the time and effort that has gone into the crafting of the letter to the EDPB; however, we strongly suggest we do not engage the EDPB at this time for the following reasons: 1) The letter essentially requests the EDPB to serve as a consultant to the ePDP from whom we are requesting legal advice (and in some instances on relatively straightforward interpretations of basic concepts of the law). They are not going to resolve these issues, and may instead focus on the fact that there remain major misunderstandings as to the law. If we require a legal analysis of the interim report, we should engage a lawyer/law firm, as has been repeatedly suggested. 2) The initial report does not present for review any concrete policy. Instead it is a discordant document filled with tentative suggestions and polarised arguments. The EDPB will not look favorably on a request to review this collection of our divergent views on the application of the data protection principles, which could burn much needed political capital when the time comes to request their definitive position on our final (or close to final) recommendations. Ultimately, we do not disagree that EDPB engagement is critical, and indeed the EPDP charter suggests submission at this point; however, the effort should be coordinated in a more formal manner, and only when we have something more cohesive and final to present (such that they are able and willing to review and comment within the scope of their official responsibilities and capacity). At a minimum, perhaps we should attempt to formally follow up with the authors of previous advice to ICANN? Kind regards, Alan Woods (On behalf of the CPH) On Tue 27 Nov 2018 at 15:01, Plaut, Diane <Diane.Plaut@corsearch.com> wrote:
Agreed Thomas, I too have read it and think it needs further work. I have started making suggested edits through redline and we can begin to share and discuss.
Diane
*Diane Plaut*
General Counsel and Privacy Officer
[image: cid:image001.png@01D3CA70.18FC1D40]
Direct +1 646-899-2806 diane.plaut@corsearch.com
220 West 42nd Street, 11th Floor, New York, NY 10036, United States www.corsearch.com
Join Corsearch on Twitter <https://twitter.com/corsearch> Linkedin <https://www.linkedin.com/company/2593860/> Trademarks + Brands <http://trademarksandbrands.corsearch.com/>
Customer Service/Platform Support: 1 800 SEARCH1™ (1 800 732 7241) Corsearch.USCustomerService@corsearch.com
*Confidentiality Notice:* This email and its attachments (if any) contain confidential information of the sender. The information is intended only for the use by the direct addressees of the original sender of this email. If you are not an intended recipient of the original sender (or responsible for delivering the message to such person), you are hereby notified that any review, disclosure, copying, distribution or the taking of any action in reliance of the contents of and attachments to this email is strictly prohibited. If you have received this email in error, please immediately notify the sender at the address shown herein and permanently delete any copies of this email (digital or paper) in your possession.
*From: *Gnso-epdp-team <gnso-epdp-team-bounces@icann.org> on behalf of Thomas Rickert <epdp@gdpr.ninja> *Date: *Tuesday, November 27, 2018 at 2:58 PM *To: *Kurt Pritz <kurt@kjpritz.com> *Cc: *"gnso-epdp-team@icann.org" <gnso-epdp-team@icann.org> *Subject: *Re: [Gnso-epdp-team] Draft Letter to EDPB
Hi Kurt, I really enjoyed the „time off“, but unfortunately it was not without GDPR, but GDPR for clients and not for the EPDP :-).
Thanks for sharing the draft letter. I think it is a good starting point for a discussion, but I would not endorse sending it in its current form for two reasons:
1. We should discuss as a team what areas we want to get input on.
The „legal basis for escrow“ point - to me - is not relevant enough to bother the EDPB with. I would rather bring purpose 2 and the question of a joint controller scenario to the attention of the EDPB.
2. We need to write more
We need to offer more background information to the EDPB. On natural vs. legal or the designation of third parties, we really need to put flesh to the bones and describe both the operational realities as well as the legal implications for the different scenarios more. The EDPB needs to be fed with all information relevant to their decision. We cannot expect them to know things or do research.
Best, Thomas
Am 26.11.2018 um 23:55 schrieb Kurt Pritz <kurt@kjpritz.com>:
Hi Everyone:
I hope you all had a good break from GDPR.
Among our next steps is to send a letter to the European Data Protection Board with our questions. After reviewing the questions as posed in the Initial Report, I thought that some background, clarification and additional detail were required so that the EDPB is better able to understand our questions and is also better able to provide helpful responses. In collaboration with the Support team, we drafted the attached letter that we intend to send onto the EDPB shortly. As the EDPB meets monthly and their next meeting is next week, it is important that we send our questions as soon as possible.
Thanks in advance for taking time to read and consider this.
Best regards,
Kurt
<Letter EDPB - 26 Nov 2018(clean).docx>
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team _______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team
-- [image: Donuts Inc.] <http://donuts.domains> Alan Woods Senior Compliance & Policy Manager, Donuts Inc. ------------------------------ The Victorians, 15-18 Earlsfort Terrace Dublin 2, County Dublin Ireland <https://www.facebook.com/donutstlds> <https://twitter.com/DonutsInc> <https://www.linkedin.com/company/donuts-inc> Please NOTE: This electronic message, including any attachments, may include privileged, confidential and/or inside information owned by Donuts Inc. . Any distribution or use of this communication by anyone other than the intended recipient(s) is strictly prohibited and may be unlawful. If you are not the intended recipient, please notify the sender by replying to this message and then delete it from your system. Thank you.
