That is an excellent recap, thanks. However this does not cover the new EU regulations and this is starting to become an issue the further we move in time. Back in the day when I made the legal analysis based on the recommendations, there was not much of an issue. If we as a wholesale Registrar require explicit consent then we actually need to chase down like 400k registrants. Now there are several solutions here. Just thought I point out this possible barrier that might slow down our migration. We'll see what the GNSO comes up with. Thanks, Theo Geurts Fabien Betremieux schreef op 2016-07-08 12:29 AM:
Dear IRT Members,
Please find below the notes Erika Mann referred to in our discussion on 30 June.
Best Regards
-- Fabien Betremieux Sr. Registry Services & Engagement Manager Global Domains Division, ICANN
PRIVACY SHIELD
* Commissioner Ansip and Jourova will explain status to European Commissioners on July 5 * Internal EU Member States adoption under written procedure is expected on July 11 * Austria is still not happy about the agreement and Germany raised new concern but it's expected that Germany will support the agreement * Commissioner Jourova and Pritzker will formally sign on July 12 * Companies can in theory sign on from July 13 although the USG will need until "autumn" to set up the system to allow companies to start self-certifying. Pritzker will give more information on this process on July 12 * "Our legal people would have preferred to spend more time but it is time to conclude." Already three Safe Harbour companies have been fined in Germany * The new adequacy agreement includes a review clause, means that the doc will be a 'living doc'. The EC and USG agreed to further monitor "automated decision making". * The first workshop on implementation of GDPR will be co-hosted with Art 29 and take place on July 26-27. Ansip encouraged industry participation.
* What is new?
* Clarity on Ombudsperson including on its autonomy * USG access to bulk data for national security reasons * Companies' obligation to delete (this was only implicit before * Clear data retention obligations on companies to delete what is not necessary * Clarity on onwards transfer * PS will require strict compliance with self-certification needed annually * Companies can voluntarily provide transparency reports to demonstrate that USG requests are "within limits" * PS' effective redress mechanisms will apply to all transatlantic transfer mechanisms which is even more important given the new Ireland case * Commissioner Jourova expect many thousands of companies to sign on including new ones * The adoption of the PS adequacy decision is not the end. The EC will continue to monitor authorities and companies * PS includes new elements of relevance to the Ireland case, notably the Ombudsperson and independent investigatory authorities in the U.S. Commission expect the USG to present these new features to the Irish High Court * Companies can chose between dispute settlement with European DPAs or arbitration system in the U.S. He strongly encouraged the former.
Link to leaked PS text [1].
Links: ------ [1] https://urldefense.proofpoint.com/v2/url?u=http-3A__www.politico.eu_wp-2Dcontent_uploads_2016_06_Privacy-2Dshield-2Dtext-2Dfor-2Dopinion-2Dand-2Dannexes.pdf&d=CwMFaQ&c=5VD0RTtNlTh3ycd41b3MUw&r=4dtdp_msuCJBqD11_KMJzg&m=2T41VZ0O1X__6axcoUFXjYDQNcPUspTTMpFkI8g7awo&s=KpBg9K02C3hO6s_GmJaLpgjjx8g9PjB3HKZYwRjCLq4&e= _______________________________________________ Gnso-impl-thickwhois-rt mailing list Gnso-impl-thickwhois-rt@icann.org https://mm.icann.org/mailman/listinfo/gnso-impl-thickwhois-rt