Anne, First, let me state that the notations in the chart are meant to guide the discussions that take place on the call. So, if you listen to the call, you will hear the context of that statement which is very different than your interpretation of the shorthand notes in the chart. So here is what I said on the call as I described the comment from NABP. The NABP comment pointed out that if you look at the implementation of the Safeguards, you will notice that the contractual provisions in the Registry Agreement do not required Registries to necessarily enforce the safeguards, but rather merely require that the Registry put in its registry-registrar agreements provisions that pass through certain obligations. For example, look at the following example from a Registry Agreement: “Registry Operators will include a provision in their Registry-Registrar Agreements that requires registrars to include in their Registration Agreements a provision requiring that registrants who collect and maintain sensitive health and financial data implement reasonable and appropriate security measures commensurate with the offering of those services, as defined by applicable law.” If you read it carefully, you will see that there is only an obligation for the Registry to put a provision in its RRA that Registrars flow through a requirement that registrants who collect certain information implement appropriate safeguard measures. Thus, if a Registry has that provision in its Registry-Registrar Agreement, it is deemed compliant even if the registry discovers that a registrant is not complying with the requirement. There is No obligation for the registry to actually enforce that reasonable safeguards are in place by a registrant. I hope that clears things up. [cid:image002.png@01D6B433.E333C180] Jeffrey J. Neuman Founder & CEO JJN Solutions, LLC p: +1.202.549.5079 E: jeff@jjnsolutions.com<mailto:jeff@jjnsolutions.com> http://jjnsolutions.com From: Aikman-Scalese, Anne <AAikman@lrrc.com> Sent: Thursday, November 5, 2020 6:06 PM To: Jeff Neuman <jeff@jjnsolutions.com> Cc: gnso-newgtld-wg@icann.org Subject: RE: [Gnso-newgtld-wg] Consolidated list of materials for WG Member review Jeff, I am sorry I was not able to attend the WG meeting last night. I had a question about the note from Leadership in relation to the Base Registry Agreement in relation to Safeguards. Public comment asked about enforcement of Safeguards and the Leadership note was to the effect you did not believe that Safeguards needed to be enforced and so that didn’t need to be in the Base Registry Agreement? Could you please explain this by reply all? Thank you, Anne Anne E. Aikman-Scalese Of Counsel 520.629.4428 office 520.879.4725 fax AAikman@lrrc.com<mailto:AAikman@lrrc.com> _____________________________ [cid:image003.png@01D6B432.C2E09170] Lewis Roca Rothgerber Christie LLP One South Church Avenue, Suite 2000 Tucson, Arizona 85701-1611 lrrc.com<http://lrrc.com/> [cid:image004.jpg@01D6B432.C2E09170] Because what matters to you, matters to us.™ ________________________________ This message and any attachments are intended only for the use of the individual or entity to which they are addressed. If the reader of this message or an attachment is not the intended recipient or the employee or agent responsible for delivering the message or attachment to the intended recipient you are hereby notified that any dissemination, distribution or copying of this message or any attachment is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the sender. The information transmitted in this message and any attachments may be privileged, is intended only for the personal and confidential use of the intended recipients, and is covered by the Electronic Communications Privacy Act, 18 U.S.C. §2510-2521.
