ALAC Use Cases - Consumer Protection
Dear Team, Please find attached two use cases in relation to consumer protection. Apologies for being late and for any inconvenience this may cause. Best Hadia Eng. Hadia Elminiawi (M.Sc.) Director, DNS-Entrepreneurship Center [Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: https://fbcdn-sphotos-h-a.akamaihd.net/hphotos-ak-ash4/268513_180152888707645_7698168_n.jpg][logo]
Case 2 seems to be a bit far fetched and based on a discussion that has been done to death in various fora and WGs on ICANN previously. Do we really want to continue beating this dead horse? If a user wants to verify a site he wants to do business with, he can check the information on that site or in the SSL Certificate. If neither are present, that should tell any sensible user enough. There is absolutely no need for whois access for this purpose. Case 1 seems to refer to a case that is better handled by LEAs. -- Volker A. Greimann General Counsel and Policy Manager *KEY-SYSTEMS GMBH* T: +49 6894 9396901 M: +49 6894 9396851 F: +49 6894 9396851 W: www.key-systems.net Key-Systems GmbH is a company registered at the local court of Saarbruecken, Germany with the registration no. HR B 18835 CEO: Alexander Siffrin Part of the CentralNic Group PLC (LON: CNIC) a company registered in England and Wales with company number 8576358. <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Virus-free. www.avast.com <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> On Thu, Jul 11, 2019 at 10:26 AM Hadia Abdelsalam Mokhtar EL miniawi < Hadia@tra.gov.eg> wrote:
Dear Team,
Please find attached two use cases in relation to consumer protection. Apologies for being late and for any inconvenience this may cause.
Best
Hadia
Eng. Hadia Elminiawi (M.Sc.)
Director, DNS-Entrepreneurship Center
[image: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: https://fbcdn-sphotos-h-a.akamaihd.net/hphotos-ak-ash4/268513_180152888707645_7698168_n.jpg][image: logo]
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
I agree with Volker; use of registration data is not necessary in the second ALAC use case, and safeguards to prevent abuse would be impossible to put in place. Thanks. Ayden Férdeline ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, 11 July 2019 14:29, Volker Greimann <vgreimann@key-systems.net> wrote:
Case 2 seems to be a bit far fetched and based on a discussion that has been done to death in various fora and WGs on ICANN previously. Do we really want to continue beating this dead horse? If a user wants to verify a site he wants to do business with, he can check the information on that site or in the SSL Certificate. If neither are present, that should tell any sensible user enough. There is absolutely no need for whois access for this purpose.
Case 1 seems to refer to a case that is better handled by LEAs. -- Volker A. Greimann General Counsel and Policy Manager KEY-SYSTEMS GMBH
T: +49 6894 9396901 M: +49 6894 9396851 F: +49 6894 9396851 W: [www.key-systems.net](http://www.key-systems.net/)
Key-Systems GmbH is a company registered at the local court of Saarbruecken, Germany with the registration no. HR B 18835 CEO: Alexander Siffrin
Part of the CentralNic Group PLC (LON: CNIC) a company registered in England and Wales with company number 8576358.
https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail Virus-free. [www.avast.com](https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail)
#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2
On Thu, Jul 11, 2019 at 10:26 AM Hadia Abdelsalam Mokhtar EL miniawi <Hadia@tra.gov.eg> wrote:
Dear Team,
Please find attached two use cases in relation to consumer protection. Apologies for being late and for any inconvenience this may cause.
Best
Hadia
Eng. Hadia Elminiawi (M.Sc.)
Director, DNS-Entrepreneurship Center
[Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: https://fbcdn-sphotos-h-a.akamaihd.net/hphotos-ak-ash4/268513_180152888707645_7698168_n.jpg][logo]
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Volker, checking the details on the Web site is easier in your country, Germany. There the Telemedia Act requires that a web site owner post a great deal of information that allows a consumer to identify the provider. That includes address, details about the entity’s authorized representative (often the name of a legal person), telephone number and/or email address, details about shares and nominal capital, the company registration number, VAT number, and more. It’s required even if services are offered not in return for payment but if advertisements are used to generate income. But that’s not the law in most of the world, which have no such requirement. The German law seems like a reminder that those engaged in commercial activity are not entitled to anonymity under GDPR. Best, --Greg From: Gnso-epdp-team <gnso-epdp-team-bounces@icann.org> On Behalf Of Volker Greimann Sent: Thursday, July 11, 2019 9:29 AM To: Hadia Abdelsalam Mokhtar EL miniawi <Hadia@tra.gov.eg> Cc: gnso-epdp-team@icann.org Subject: Re: [Gnso-epdp-team] ALAC Use Cases - Consumer Protection Case 2 seems to be a bit far fetched and based on a discussion that has been done to death in various fora and WGs on ICANN previously. Do we really want to continue beating this dead horse? If a user wants to verify a site he wants to do business with, he can check the information on that site or in the SSL Certificate. If neither are present, that should tell any sensible user enough. There is absolutely no need for whois access for this purpose. Case 1 seems to refer to a case that is better handled by LEAs. -- Volker A. Greimann General Counsel and Policy Manager KEY-SYSTEMS GMBH T: +49 6894 9396901 M: +49 6894 9396851 F: +49 6894 9396851 W: <http://www.key-systems.net/> www.key-systems.net Key-Systems GmbH is a company registered at the local court of Saarbruecken, Germany with the registration no. HR B 18835 CEO: Alexander Siffrin Part of the CentralNic Group PLC (LON: CNIC) a company registered in England and Wales with company number 8576358. <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Virus-free. <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> www.avast.com On Thu, Jul 11, 2019 at 10:26 AM Hadia Abdelsalam Mokhtar EL miniawi <Hadia@tra.gov.eg <mailto:Hadia@tra.gov.eg> > wrote: Dear Team, Please find attached two use cases in relation to consumer protection. Apologies for being late and for any inconvenience this may cause. Best Hadia Eng. Hadia Elminiawi (M.Sc.) Director, DNS-Entrepreneurship Center _______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org <mailto:Gnso-epdp-team@icann.org> https://mm.icann.org/mailman/listinfo/gnso-epdp-team _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
But ICANN is not a global consumer protection agency. Whois and the RDS is not a substitute, replacement, or proxy for the work of governments in protecting consumers. As you note Greg, governments can and already do mandate what data must be made available on the websites of entities selling goods or offering services to the general public. Governments can and do educate consumers to deal only with entities they know online and that have complied with the legal requirements of disclosure and presentation within their jurisdiction. It is far outside the scope and mission of ICANN to take on this responsibility too; any use cases not strictly associated with ICANN's mission must, in my view, be thrown out. Ayden Férdeline ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, 11 July 2019 15:25, Greg Aaron <greg@illumintel.com> wrote:
Volker, checking the details on the Web site is easier in your country, Germany. There the Telemedia Act requires that a web site owner post a great deal of information that allows a consumer to identify the provider. That includes address, details about the entity’s authorized representative (often the name of a legal person), telephone number and/or email address, details about shares and nominal capital, the company registration number, VAT number, and more. It’s required even if services are offered not in return for payment but if advertisements are used to generate income.
But that’s not the law in most of the world, which have no such requirement.
The German law seems like a reminder that those engaged in commercial activity are not entitled to anonymity under GDPR.
Best,
--Greg
From: Gnso-epdp-team <gnso-epdp-team-bounces@icann.org> On Behalf Of Volker Greimann Sent: Thursday, July 11, 2019 9:29 AM To: Hadia Abdelsalam Mokhtar EL miniawi <Hadia@tra.gov.eg> Cc: gnso-epdp-team@icann.org Subject: Re: [Gnso-epdp-team] ALAC Use Cases - Consumer Protection
Case 2 seems to be a bit far fetched and based on a discussion that has been done to death in various fora and WGs on ICANN previously. Do we really want to continue beating this dead horse? If a user wants to verify a site he wants to do business with, he can check the information on that site or in the SSL Certificate. If neither are present, that should tell any sensible user enough. There is absolutely no need for whois access for this purpose.
Case 1 seems to refer to a case that is better handled by LEAs.
-- Volker A. Greimann General Counsel and Policy Manager KEY-SYSTEMS GMBH
T: +49 6894 9396901 M: +49 6894 9396851 F: +49 6894 9396851 W: [www.key-systems.net](http://www.key-systems.net/)
Key-Systems GmbH is a company registered at the local court of Saarbruecken, Germany with the registration no. HR B 18835 CEO: Alexander Siffrin
Part of the CentralNic Group PLC (LON: CNIC) a company registered in England and Wales with company number 8576358.
Virus-free. [www.avast.com](https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail)
On Thu, Jul 11, 2019 at 10:26 AM Hadia Abdelsalam Mokhtar EL miniawi <Hadia@tra.gov.eg> wrote:
Dear Team,
Please find attached two use cases in relation to consumer protection. Apologies for being late and for any inconvenience this may cause.
Best
Hadia
Eng. Hadia Elminiawi (M.Sc.)
Director, DNS-Entrepreneurship Center
[Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: https://fbcdn-sphotos-h-a.akamaihd.net/hphotos-ak-ash4/268513_180152888707645_7698168_n.jpg][logo]
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Agree with Ayden. Just because it has been common practice to use gTLD registration data in this manner for the many years during which it was publicly published, doesn’t mean that this is in any way within the scope of ICANN’s mission. Thanks. Amr
On Jul 11, 2019, at 3:41 PM, Ayden Férdeline <icann@ferdeline.com> wrote:
But ICANN is not a global consumer protection agency. Whois and the RDS is not a substitute, replacement, or proxy for the work of governments in protecting consumers. As you note Greg, governments can and already do mandate what data must be made available on the websites of entities selling goods or offering services to the general public. Governments can and do educate consumers to deal only with entities they know online and that have complied with the legal requirements of disclosure and presentation within their jurisdiction. It is far outside the scope and mission of ICANN to take on this responsibility too; any use cases not strictly associated with ICANN's mission must, in my view, be thrown out.
Ayden Férdeline
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, 11 July 2019 15:25, Greg Aaron <greg@illumintel.com> wrote:
Volker, checking the details on the Web site is easier in your country, Germany. There the Telemedia Act requires that a web site owner post a great deal of information that allows a consumer to identify the provider. That includes address, details about the entity’s authorized representative (often the name of a legal person), telephone number and/or email address, details about shares and nominal capital, the company registration number, VAT number, and more. It’s required even if services are offered not in return for payment but if advertisements are used to generate income.
But that’s not the law in most of the world, which have no such requirement.
The German law seems like a reminder that those engaged in commercial activity are not entitled to anonymity under GDPR.
Best,
--Greg
From: Gnso-epdp-team <gnso-epdp-team-bounces@icann.org> On Behalf Of Volker Greimann Sent: Thursday, July 11, 2019 9:29 AM To: Hadia Abdelsalam Mokhtar EL miniawi <Hadia@tra.gov.eg> Cc: gnso-epdp-team@icann.org
Subject: Re: [Gnso-epdp-team] ALAC Use Cases - Consumer Protection
Case 2 seems to be a bit far fetched and based on a discussion that has been done to death in various fora and WGs on ICANN previously. Do we really want to continue beating this dead horse? If a user wants to verify a site he wants to do business with, he can check the information on that site or in the SSL Certificate. If neither are present, that should tell any sensible user enough. There is absolutely no need for whois access for this purpose.
Case 1 seems to refer to a case that is better handled by LEAs.
-- Volker A. Greimann General Counsel and Policy Manager KEY-SYSTEMS GMBH
T: +49 6894 9396901 M: +49 6894 9396851 F: +49 6894 9396851 W: [www.key-systems.net](http://www.key-systems.net/)
Key-Systems GmbH is a company registered at the local court of Saarbruecken, Germany with the registration no. HR B 18835 CEO: Alexander Siffrin
Part of the CentralNic Group PLC (LON: CNIC) a company registered in England and Wales with company number 8576358.
Virus-free. [www.avast.com](https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail)
On Thu, Jul 11, 2019 at 10:26 AM Hadia Abdelsalam Mokhtar EL miniawi <Hadia@tra.gov.eg> wrote:
Dear Team,
Please find attached two use cases in relation to consumer protection. Apologies for being late and for any inconvenience this may cause.
Best
Hadia
Eng. Hadia Elminiawi (M.Sc.)
Director, DNS-Entrepreneurship Center
<image001.jpg><image002.png>
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org
https://mm.icann.org/mailman/listinfo/gnso-epdp-team
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
The first question is whether the proposed use is compatible with GDPR. Cases such as that one are worthy of examination, because the multistakeholder policy development process is to be “used to ascertain the global public interest.” From: Ayden Férdeline <icann@ferdeline.com> Sent: Thursday, July 11, 2019 10:42 AM To: Greg Aaron <greg@illumintel.com> Cc: 'Volker Greimann' <vgreimann@key-systems.net>; 'Hadia Abdelsalam Mokhtar EL miniawi' <Hadia@tra.gov.eg>; gnso-epdp-team@icann.org Subject: Re: [Gnso-epdp-team] ALAC Use Cases - Consumer Protection But ICANN is not a global consumer protection agency. Whois and the RDS is not a substitute, replacement, or proxy for the work of governments in protecting consumers. As you note Greg, governments can and already do mandate what data must be made available on the websites of entities selling goods or offering services to the general public. Governments can and do educate consumers to deal only with entities they know online and that have complied with the legal requirements of disclosure and presentation within their jurisdiction. It is far outside the scope and mission of ICANN to take on this responsibility too; any use cases not strictly associated with ICANN's mission must, in my view, be thrown out. Ayden Férdeline ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, 11 July 2019 15:25, Greg Aaron <greg@illumintel.com> wrote: Volker, checking the details on the Web site is easier in your country, Germany. There the Telemedia Act requires that a web site owner post a great deal of information that allows a consumer to identify the provider. That includes address, details about the entity’s authorized representative (often the name of a legal person), telephone number and/or email address, details about shares and nominal capital, the company registration number, VAT number, and more. It’s required even if services are offered not in return for payment but if advertisements are used to generate income. But that’s not the law in most of the world, which have no such requirement. The German law seems like a reminder that those engaged in commercial activity are not entitled to anonymity under GDPR. Best, --Greg From: Gnso-epdp-team <gnso-epdp-team-bounces@icann.org> On Behalf Of Volker Greimann Sent: Thursday, July 11, 2019 9:29 AM To: Hadia Abdelsalam Mokhtar EL miniawi <Hadia@tra.gov.eg> Cc: gnso-epdp-team@icann.org Subject: Re: [Gnso-epdp-team] ALAC Use Cases - Consumer Protection Case 2 seems to be a bit far fetched and based on a discussion that has been done to death in various fora and WGs on ICANN previously. Do we really want to continue beating this dead horse? If a user wants to verify a site he wants to do business with, he can check the information on that site or in the SSL Certificate. If neither are present, that should tell any sensible user enough. There is absolutely no need for whois access for this purpose. Case 1 seems to refer to a case that is better handled by LEAs. -- Volker A. Greimann General Counsel and Policy Manager KEY-SYSTEMS GMBH T: +49 6894 9396901 M: +49 6894 9396851 F: +49 6894 9396851 W: <http://www.key-systems.net/> www.key-systems.net Key-Systems GmbH is a company registered at the local court of Saarbruecken, Germany with the registration no. HR B 18835 CEO: Alexander Siffrin Part of the CentralNic Group PLC (LON: CNIC) a company registered in England and Wales with company number 8576358. <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Virus-free. <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> www.avast.com On Thu, Jul 11, 2019 at 10:26 AM Hadia Abdelsalam Mokhtar EL miniawi <Hadia@tra.gov.eg <mailto:Hadia@tra.gov.eg> > wrote: Dear Team, Please find attached two use cases in relation to consumer protection. Apologies for being late and for any inconvenience this may cause. Best Hadia Eng. Hadia Elminiawi (M.Sc.) Director, DNS-Entrepreneurship Center _______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org <mailto:Gnso-epdp-team@icann.org> https://mm.icann.org/mailman/listinfo/gnso-epdp-team _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
This discussion seems to be closely related to how we handle the natural/legal persons distinction. I see no legitimate use case here in cases of natural persons and noncommercial registrations. As a related observation, it has also been proven through prior studies by the Expert Working Group that very few people rely on Whois for identifying the provider of online services. They use other mechanisms for the most part. Note also that if an online site is suspected of fraud or other criminal or civil violations, then an LEA should be and will be able to look at the redacted data under another use case. --MM From: Gnso-epdp-team <gnso-epdp-team-bounces@icann.org> On Behalf Of Greg Aaron Sent: Thursday, July 11, 2019 10:25 AM To: 'Volker Greimann' <vgreimann@key-systems.net>; 'Hadia Abdelsalam Mokhtar EL miniawi' <Hadia@tra.gov.eg> Cc: gnso-epdp-team@icann.org Subject: Re: [Gnso-epdp-team] ALAC Use Cases - Consumer Protection Volker, checking the details on the Web site is easier in your country, Germany. There the Telemedia Act requires that a web site owner post a great deal of information that allows a consumer to identify the provider. That includes address, details about the entity’s authorized representative (often the name of a legal person), telephone number and/or email address, details about shares and nominal capital, the company registration number, VAT number, and more. It’s required even if services are offered not in return for payment but if advertisements are used to generate income. But that’s not the law in most of the world, which have no such requirement. The German law seems like a reminder that those engaged in commercial activity are not entitled to anonymity under GDPR. Best, --Greg From: Gnso-epdp-team <gnso-epdp-team-bounces@icann.org> On Behalf Of Volker Greimann Sent: Thursday, July 11, 2019 9:29 AM To: Hadia Abdelsalam Mokhtar EL miniawi <Hadia@tra.gov.eg> Cc: gnso-epdp-team@icann.org Subject: Re: [Gnso-epdp-team] ALAC Use Cases - Consumer Protection Case 2 seems to be a bit far fetched and based on a discussion that has been done to death in various fora and WGs on ICANN previously. Do we really want to continue beating this dead horse? If a user wants to verify a site he wants to do business with, he can check the information on that site or in the SSL Certificate. If neither are present, that should tell any sensible user enough. There is absolutely no need for whois access for this purpose. Case 1 seems to refer to a case that is better handled by LEAs. -- Volker A. Greimann General Counsel and Policy Manager KEY-SYSTEMS GMBH T: +49 6894 9396901 M: +49 6894 9396851 F: +49 6894 9396851 W: www.key-systems.net<http://www.key-systems.net/> Key-Systems GmbH is a company registered at the local court of Saarbruecken, Germany with the registration no. HR B 18835 CEO: Alexander Siffrin Part of the CentralNic Group PLC (LON: CNIC) a company registered in England and Wales with company number 8576358. [Image removed by sender. https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animated-no-repeat-v1.gif]<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Virus-free. www.avast.com<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> On Thu, Jul 11, 2019 at 10:26 AM Hadia Abdelsalam Mokhtar EL miniawi <Hadia@tra.gov.eg<mailto:Hadia@tra.gov.eg>> wrote: Dear Team, Please find attached two use cases in relation to consumer protection. Apologies for being late and for any inconvenience this may cause. Best Hadia Eng. Hadia Elminiawi (M.Sc.) Director, DNS-Entrepreneurship Center [Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: https://fbcdn-sphotos-h-a.akamaihd.net/hphotos-ak-ash4/268513_180152888707645_7698168_n.jpg][logo] _______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org<mailto:Gnso-epdp-team@icann.org> https://mm.icann.org/mailman/listinfo/gnso-epdp-team _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Hi Greg, I agree and isn't that (putting contact information on the website) a great model for websites actively engaging in commerce? The German law is based on EU regulations so the basic premise applies in all of Europe. Just because other countries do not have such a legal requirement also does not prohibit website operators from putting up that information voluntarily. Putting that information on the website rather than a service half the internet knows nothing about also seems to be the more sensible solution. Maybe it is time for a grand information campaign for the rest of the world: "Don't buy from unknown operators! Only trust websites with contact information!" And no, your premise is incorrect: Commercial actors are also entitled to the same level of protection under the GDPR. It is just that a seperate legal requirement exists to put certain information in a certain place. But that requirement does not affect non-EU operators, who remain entitled to the same protections under the GDPR as non-commercial operators are. I would also advise against going down the well-travelled path of "commercial vs non-commercial domains" again. We will just waste a lot of time and will likely come down along the same results that the GNSO community has come down on again and again and again: "Let's not!" Domain names by their nature are in and of themselves neither commercial nor non-commercial. It is the websites and other uses that can make them either, but that status may change depending on use, jurisdiction and over time. Hence the data should be connected to the use, not the domain itself. -- Volker A. Greimann General Counsel and Policy Manager *KEY-SYSTEMS GMBH* T: +49 6894 9396901 M: +49 6894 9396851 F: +49 6894 9396851 W: www.key-systems.net Key-Systems GmbH is a company registered at the local court of Saarbruecken, Germany with the registration no. HR B 18835 CEO: Alexander Siffrin Part of the CentralNic Group PLC (LON: CNIC) a company registered in England and Wales with company number 8576358. <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Virus-free. www.avast.com <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> On Thu, Jul 11, 2019 at 4:25 PM Greg Aaron <greg@illumintel.com> wrote:
Volker, checking the details on the Web site is easier in your country, Germany. There the Telemedia Act requires that a web site owner post a great deal of information that allows a consumer to identify the provider. That includes address, details about the entity’s authorized representative (often the name of a legal person), telephone number and/or email address, details about shares and nominal capital, the company registration number, VAT number, and more. It’s required even if services are offered not in return for payment but if advertisements are used to generate income.
But that’s not the law in most of the world, which have no such requirement.
The German law seems like a reminder that those engaged in commercial activity are not entitled to anonymity under GDPR.
Best,
--Greg
*From:* Gnso-epdp-team <gnso-epdp-team-bounces@icann.org> *On Behalf Of *Volker Greimann *Sent:* Thursday, July 11, 2019 9:29 AM *To:* Hadia Abdelsalam Mokhtar EL miniawi <Hadia@tra.gov.eg> *Cc:* gnso-epdp-team@icann.org *Subject:* Re: [Gnso-epdp-team] ALAC Use Cases - Consumer Protection
Case 2 seems to be a bit far fetched and based on a discussion that has been done to death in various fora and WGs on ICANN previously. Do we really want to continue beating this dead horse? If a user wants to verify a site he wants to do business with, he can check the information on that site or in the SSL Certificate. If neither are present, that should tell any sensible user enough. There is absolutely no need for whois access for this purpose.
Case 1 seems to refer to a case that is better handled by LEAs.
-- Volker A. Greimann General Counsel and Policy Manager *KEY-SYSTEMS GMBH*
T: +49 6894 9396901 M: +49 6894 9396851 F: +49 6894 9396851 W: www.key-systems.net
Key-Systems GmbH is a company registered at the local court of Saarbruecken, Germany with the registration no. HR B 18835 CEO: Alexander Siffrin
Part of the CentralNic Group PLC (LON: CNIC) a company registered in England and Wales with company number 8576358.
[image: https://ipmcdn.avast.com/images/icons/icon-envelope-tick-round-orange-animat...] <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Virus-free. www.avast.com <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
On Thu, Jul 11, 2019 at 10:26 AM Hadia Abdelsalam Mokhtar EL miniawi < Hadia@tra.gov.eg> wrote:
Dear Team,
Please find attached two use cases in relation to consumer protection. Apologies for being late and for any inconvenience this may cause.
Best
Hadia
Eng. Hadia Elminiawi (M.Sc.)
Director, DNS-Entrepreneurship Center
[image: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: Description: https://fbcdn-sphotos-h-a.akamaihd.net/hphotos-ak-ash4/268513_180152888707645_7698168_n.jpg][image: logo]
_______________________________________________ Gnso-epdp-team mailing list Gnso-epdp-team@icann.org https://mm.icann.org/mailman/listinfo/gnso-epdp-team _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
participants (6)
-
Amr Elsadr -
Ayden Férdeline -
Greg Aaron -
Hadia Abdelsalam Mokhtar EL miniawi -
Mueller, Milton L -
Volker Greimann