NCSG approves of the modified language, which is more generic (obligations of regulated entities). But we strongly object to the footnote being included. We have had no opportunity to review the EU NIS Directive legislation and its implications for disclosure or what it might commit ICANN to doing. During the consideration of this we asked for specific examples of what obligations we might be talking about and never got them. It's too late to include this now. We can accept item (iv) without the footnote. ________________________________ From: Gnso-epdp-team <gnso-epdp-team-bounces@icann.org> on behalf of Crossman, Matthew via Gnso-epdp-team <gnso-epdp-team@icann.org> Sent: Monday, July 27, 2020 11:54 AM To: gnso-epdp-team@icann.org <gnso-epdp-team@icann.org> Subject: [Gnso-epdp-team] Requestor Purpose - Rec 7 Hi team, As an update, Margie, Brian, and I worked on a compromise for the Rec 7 language on Requestor Purposes. We agreed on the following edit to 7.1(a): 7.1(a) Requestors MUST submit data disclosure requests for specific purposes such as but not limited to: but not limited to: (i) criminal law enforcement, national or public security, (ii) non law enforcement investigations and civil claims, including, intellectual property infringement and UDRP and URS claims, (iii) consumer protection, abuse prevention, and network security, and (iv) obligations applicable to regulated entities.[1] Requestors MAY also submit data verification requests on the basis of Registered Name Holder (RNH) consent that has been obtained by the Requestor (and is at the sole responsibility of that Requestor), for example to validate the RNH’s claim of ownership of a domain name registration, or contract with the Requestor. (Footnote below) 1 For example, the EU Directive on security of network and information systems (known as the NIS Directive) imposes specific obligations on Digital Service Providers and Operators of Essential Services. With these changes this is no longer a CLW item for the RySG. Let us know if this new language causes any concern for other groups. Thanks, Matt Matthew Crossman | Amazon Corporate Counsel gTLD Registry, IP P: 206-266-1103 | C: 530-574-2956 Email: mmcross@amazon.com<mailto:mmcross@amazon.com> ________________________________ [1] This approach is very similar to the business model ARSI had previously discussed with the Author Central Pro teams for the .AUTHOR TLD.