I am generally in support of this, but I question the term "grounded
in legal bases". It this the legal basis in reference to GDPR
(ie that there needs to be a legitimate demonstrable need to access
otherwise private information). Or a legal basis as in reference to law
enforcement having a right to demand certain information.
I can accept the former (if it is made clear), but not the latter.
ICANN's Mission-defined interest in ensuring that security and stability
of the DNS (and by implication, the trusted nature of the DNS) may create
a need for cybersecurity workers to have access to certain data, but
there is no LAW that gives them that right.
Alan
At 11/09/2018 04:33 PM, Alex Deacon wrote:
Hi All,
As you know a group of us has been working to recommend an update to
Section 4.4.8 of the temp spec.
While we haven't come to full agreement on the update, we are pretty
close and wanted to share the current/tentative output of the volunteer
team with the broader team.
- 4.4.8 Supporting a framework that enables
identification of third-parties with legitimate interests grounded in
legal bases, and providing these third-parties with access to
Registration Data relevant to addressing specific issues involving domain
name registrations related to consumer protection, investigation of
cybercrime, DNS abuse and intellectual property protection.
The non-bold text was suggested by Amr/NCSG and the added bold
text was an updated suggested by me/IPC and supported by the BC.
Giving it a re-read again today I think additional word-smithing could be
warranted, but for now I will resist and step away and let others share
their thoughts.
Alex
--
___________
Alex Deacon
Cole Valley Consulting
alex@colevalleyconsulting.com
+1.415.488.6009
_______________________________________________
Gnso-epdp-team mailing list
Gnso-epdp-team@icann.org
https://mm.icann.org/mailman/listinfo/gnso-epdp-team