Good morning All,
Here are my summaries.
Privacy and Proxy
Services
P/P services should remain available to registrants irrespective
of their status as commercial or non-commercial organizations or as
individuals. Further, P/P registrations should not be limited to private
individuals who use their domains for non-commercial purposes....
P/P customer data is to be validated and
verified in a manner consistent with the requirements outlined in the WHOIS
Accuracy Program Specification of the 2013 RAA
Presentation-EWG-Final Presentation-23jun14
EWG’s Final
Report
•Details a proposed next-generation Registration
Directory Service (RDS)
•Strikes a balance between accuracy, access, and
accountability
•Collects, validates and discloses gTLD data for
permissible purposes only
•Leaves minimum data publicly available
•Safeguards the rest through a new paradigm:
purpose-driven gated access
•Introduces new contracted parties to
oValidate
Contact Data
oAccredit
RDS Users
Contact Data can contain
•Third-party PBC’s information, authorized for use by
this Domain Name
•Forwarding addresses, supplied by an accredited Privacy
Service
•Proxy’s information, supplied by an accredited Proxy
Service
•Registrant’s own information, if no other choice is made
•Each Contact Holder can opt to gate data not needed for
purpose(s)
Data Protection Principles
•Compliance challenges growing rapidly for WHOIS,
exacerbated by new gTLDs
•Mechanisms must be adopted to facilitate routine legally
compliant data collection and transfer between RDS ecosystem actors handling
personal data, including
1.Standard Contract Clauses that are harmonized with
privacy and data protection laws, codified in a policy and enforced through
contracts
2.“Rules Engine” to apply data protection laws
3.RDS Storage Localization to implement a high level of
data protection
Privacy Principles
•In addition to compliance with data protection laws, the
RDS ecosystem must accommodate needs for privacy by including:
oAn
accredited Privacy/Proxy Service
oAn
accredited Secure Protected Credentials Service
•There Accreditation and rules for the provision and use
of accredited Privacy/Proxy services
•Outside of domain names registered via accredited
Privacy/Proxy Services, Registrants must assume responsibility for the domain
names they register
Secure Protected Credentials (Slide 30)
At-Risk
Entity
8) SC Registered
Domain Name ↓ ↑ 1) SC Application
Attestor(s)
7) ↓ ↓ 2)
Secure
Credential Recipient
Privacy/Proxy Provider 3) SC Application => Secure Credential (SC) Approver
<= 6) Credential and DomainName ↓↑
4)
Credential ↑↓ 5) DN
Secure Credential Issuer P/P Provider
For persons at
risk, and in instances where free-speech rights may be denied or speakers
persecuted
EWG-FAQs-2014-Update-26June
Summary: P/P
services with accreditation and rules to provide anonymity. Contact ID publicly
available. Rules engine. Validation zand authentication of Registrants, and
Purpose-based Contatcs (PBC) with gated access.
There
should be accreditation for privacy/proxy service providers and rules regarding
provision and use of accredited privacy/privacy services. The RDS has been
designed to leverage accredited privacy/proxy services to address routine
privacy needs, incorporating new data elements to facilitate provider
identification, customer contact, and abuse reporting.
The
RDS accommodates needs for anonymity by offering an accredited “secure
protected credentials” service for persons at risk, and in instances where
free-speech rights may be denied or speakers persecuted.
As
with other systems that collect personal data, proper system design, security
measures, audits and oversight would be needed to minimize data breach risk.
Insider abuse should be deterred through security policy, implementation,
enforcement and third-party auditing.
Mechanisms
should be adopted to facilitate routine legally compliant data collection and
transfer between actors within the RDS ecosystem. To accomplish this, RDS
actors will be held to standard contract clauses that are harmonized with data
protection and privacy laws, codified in RDS policy, and implemented through a
“rules engine” that applies policy as appropriate for each jurisdiction.
To
improve both accountability and reachability, validated Registrant,
Administrative, Technical, Abuse, and Legal Contacts would be required for all
new domain names. However, Registrants would have many ways to be accountable
without publishing personal data, including inexpensive/free accredited Privacy
Services and new third-party contact options. To deter identity theft, a
Contact ID could not be used within a domain name registration without
authorization.
While
the RDS would require every registered domain name to be associated with
Contact IDs as needed to satisfy permissible purposes, Purpose-Based Contact
(PBC) data elements would NOT be publicly available to everyone. The Contact ID
for each PBC would be publicly accessible to all, but PBC names and addresses
would only be accessible to authenticated requestors, authorized to access RDS
data for the specific purpose associated with each Contact.
No
requestor would ever have unfettered access to the entire data set. The RDS
does not use a one-size-fits-all “gate.” Requestors and their registration data
needs vary; so would gated access policies. Like most on-line services that
hold private data, the RDS would apply policy-defined permissions, driven by
requestor identity and stated purpose, with uniformly-enforced terms of
service, backed by more consistent measures to deter and mitigate abuse.
The
RDS should store data in jurisdiction(s) where law enforcement is globally
trusted. Interpol should accredit its own members.
Blog Ajayi
Concerned
with data accuracy. Nothing on privacy.
Perrin-Statement-24jun14-en
There are three questionable
basic outcomes:
1) Legal
contact requirement: address and phone number
are mandatory
to provide, and published outside the gate, in the publically
available
data.
2) The
default, if one is a simple registrant who does not want to hire a lawyer
or other actor
to assume the role of legal contact and publish their details in
the RDS, to
publishing registrant information, notably address and phone
number in the
RDS outside the gate.
3) The inclusion
of a principle of consent (28), whereby a registrant may
consent to the
use or processing of her gated information for the permissible
purposes
enumerated for accredited actors behind the gate.
Rules engine
that enforces jurisdiction, with respect to the privacy rights of individuals
who are protected by personal data protection law.
1) But
it only protects individuals, and occasionally legal persons in some
jurisdictions, and only where data
protection is in place, and would find the
presence of name, address and
phone number in a public directory to be in conflict
with data protection law.
Not
all data protection regimes would find, or have found, that directory
information
must be protected.
2) Secondly,
it is not clear enough for me how that rules engine would
encode rights..
3) A
third problem with the rules engine, is that it proposes to address regimes
with data protection law only….what happens to organizations that have a constitutional
right to privacy for the purposes of free speech and freedom of association,
such as in the United States?
4) Finally,
is it fair to individuals in jurisdictions where their countries
have
not enacted data protection law? Does ICANN, in the monopoly administration
of a public resource, not have a
responsibility to set standards on an ethical basis,
based on sound best practice?
Two inadequate
remedies:
1) Hire a
privacy proxy/service provider, or proxy contact, if you do not want
your contact
data published in the public portion of the RDS
2) The rules
engine will enforce data protection rights, and place this data
behind the
gate.
Consent
principle.
1) Consent
must be read in the context of legitimacy of purpose, proportionality, rights
to refuse, rights to withdraw consent, specificity of purpose and use, and so
on. To offer individuals and organizations the opportunity to consent to the
use of their sensitive, gated data, for all the permissible purposes, that can
be read as providing blanket consent to accredited users behind the gate.
If you understand the risks, you will hire a proxy service. From the
perspective of an elite North American, this looks like a nobrainer, just hire
a proxy.
2) However, we
have a responsibility to examine this from the perspective of a
global
eco-system.
Recommendations:
1. Gate the
legal contact information for individuals and organizations who
wish to
protect their private data
2. Consent
needs to be meaningful, specific, explicit and for legitimate purposes.
A blanket
consent as envisioned here does not meet these requirements
Next-generation-rds-framework-26apr15-en
Input to
PDP WG
Privacy
-EWG
Principles Sect 6&7
-P/P
Provider Survey
-WHOIS P/P
Abuse Study-Data Protect/Privacy Memo
-GNSO PPSAI
WG Report
PDP WG
1)
Phase 1: Policy Requirements
Privacy Reqs
-Privacy/Proxy Needs-At-Risk
RegNeeds-Data Protection Laws
2)
Phase 2: Policy Functional Design
Privacy Design
-Overarching DP Policy-DP Law
Compliance-Privacy/Proxy Policies-Secure Protected Creds
3)
Phase 3: Implementation and Coexistence
Guidance
Privacy Guidance on
-RDS Privacy Policy
Needs-Detailed Legal Analysis
-P/P Accreditation Needs-SPC Provider Criteria
Human Rights Council - Report by the UN Special
Rapporteur on the right to privacy
The
balance between privacy and security might start to tip again in favor of privacy,
across borders.
In the resolution the Council emphasizes that Human Rights need to be
protected under all circumstances, at all times and in all environments.
In a world which
benefits greatly from an Internet without
borders, the SRP’s consultations indicate widespread support for a general
principle of
•
Safeguards without borders
•
Remedies across borders
Positing privacy as an enabling right as
opposed to being an end in itself, the SRP is pursuing an analysis of privacy
as an essential right which enables the achievement of an over-arching
fundamental right to the free, unhindered development of one’s personality.
The vast revenues derived from the
monetisation of personal data to the extent that it has become a marketable and
tradable commodity mean that the incentive for changing the business model
simply on account of privacy concerns is not very high.
While not necessarily the primary target of
cyber-security and cyber-espionage measures, the ordinary citizen may often get
caught in the cross-fire and his or her personal data and on-line activities
may end up being monitored in the name of national security in a way which is
unnecessary, disproportionate and excessive.
Importance of determining the balance, on the
one hand, use of data for the benefit of society under the principles of Open
Data and, on the other hand, the established principles we have developed to
date with a view to protecting fundamental rights like privacy, autonomy and
the free development of one’s personality. It will be seen that, in many cases,
the debate on privacy cannot be usefully divorced from that on the value of
autonomy or self-determination. Germany: since 1983, rise to a constitutional right to
“informational self-determination”.
Individual complaints: Every so often, and as
the mandate will become known, the SRP has received and will presumably
continue to receive complaints from individual members of the public residing
in a given national territory or from civil society actors of alleged
infringements of privacy rights.
There is no binding and universally accepted
definition of privacy. As reaffirmed by the Human Rights Council in resolution
28/16 article 12 of the Universal Declaration of Human Rights (UDHR) and
article 17 of the International Covenant on Civil and Political Rights (ICCPR)
constitute the basis of the right to privacy in international human rights law.
For the passage of time and the impact of technology, taken together with the
different rate of economic development and technology deployment in different
geographical locations means that legal principles established fifty years ago
(ICCPR) or even thirty-five years ago (e.g. the European Convention on Data
Protection) let alone seventy years ago (UDHR) may need to be re-visited,
further developed and possibly supplemented and complemented to make them more
relevant and useful to the realities of 2016.
Properly speaking, it is not helpful to talk
of “privacy vs. security” but rather of “privacy and security” since both privacy and security are desiderata
... and both can be taken to be enabling rights rather than ends in themselves.
Brazil and Germany have the right to privacy
written into their constitution and it is the SRP’s contention that a) such a
right to dignity and the free, unhindered development of one’s personality
should be considered to be universally applicable and b) that
already-recognised rights such as privacy, freedom of expression and freedom of
access to information constitute a tripod of enabling rights which are best
considered in the context of their usefulness in enabling a human being to
develop his or her personality in the freest of manners.
Conclusions:
1. Privacy has never been
more at the forefront of political, judicial and personal consciousness than in
2016;
2. The tensions between
security, corporate business models and privacy continue to take centre stage
but the last twelve months have been marked by contradictory indicators: some
governments have continued, in practice and/or in their parliaments to take privacy-hostile
attitudes while courts world-wide but especially in the USA and Europe have
struck clear blows in favour of privacy and especially against
disproportionate, privacy-intrusive
measures such as mass surveillance or breaking of encryption.
Judgement on preliminary ruling under Article 267 TFEU from
Audiencia Nacional (Spain)
Summary: The right to be forgotten. In
May 2014, the European Court of Justice ruled against Google in Costeja, a case brought by a Spanish man, Mario Costeja
González, who requested the removal of a link to a digitized 1998 article in La
Vanguardia newspaper about an auction for his foreclosed
home, for a debt that he had subsequently paid.[40] He initially attempted to have the article removed by
complaining to the Spanish Data Protection Agency, which rejected
the claim on the grounds that it was lawful and accurate, but accepted a
complaint against Google and asked Google to remove the results.[41] Google sued in the Spanish Audiencia Nacional (National High Court) which referred a series of questions to
the European Court of Justice.[42] The court ruled in Costeja that search engines are responsible
for the content they point to and thus, Google was required to comply with EU
data privacy laws.[43][44][45] On its first day of compliance only (May 30, 2014), Google
received 12,000 requests to have personal details removed from its search
engine.
-WorldLII Database of National Data Privacy
Legislation (do not need to review the database, just summarize its relevance
to this PDP)
Important
database for the construction of the ‘rules engine’. RDS
actors will be held to standard contract clauses that are harmonized with data
protection and privacy laws, codified in RDS policy, and implemented through a
“rules engine” that applies policy as appropriate for each jurisdiction. (EWG)
Nathalie Coupet
On Monday, April 18, 2016 10:03 AM, Lisa Phifer <lisa@corecom.com> wrote: