Agreed, provided it fully accounts for applicable laws. Am 28.03.2017 um 19:57 schrieb Deacon, Alex:
Thanks for the reminder/pointer Rod.
Agree that we should leverage the work of the EWG report whenever possible and appropriate. No need to re-invent the wheel.
Alex
On 3/28/17, 11:43 AM, <gnso-rds-pdp-wg-bounces@icann.org on behalf of rrasmussen@infoblox.com> wrote:
Going back to the original question from Andrew. This ground is well-covered in the EWG report. In particular, the framework is outlined in principles 25 & 26 of the report:
> 25: Each data element must be associated with a set of permissible purposes. > > An initial set of acceptable uses, permissible purposes, and data element needs are identified by this report (see Section III and Annex D). > > Each permissible purpose must be associated with clearly-defined data element access and use policies. > > As specified in Section III, an on-going review process must be defined to consider proposed new purposes and periodically update permissible purposes to reflect approved additions, mapping them to existing data elements. > > A Policy Definition process must be defined to consider proposed new data elements and, when necessary, update defined data elements, mapping them to existing permissible purposes. > > 26: The list of minimum data elements to be collected, stored and disclosed must be based on known use cases (reflected in this document) and a risk assessment (to be completed prior to RDS implementation). >
Annex D of the report then maps all the elements we identified to one or more purposes. We dropped elements that had no legitimate purpose for collection/display. Note that this mapping is in shorthand, so we probably need to expand upon this to satisfy DPA’s.
So, this work has largely been done, and I’d suggest we do a review of that work to see if it meets the needs of this group and work on fleshing out elements to purposes in order to satisfy DPA requirements. It would save us a lot of time...
Cheers,
Rod
_______________________________________________ gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
-- Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung. Mit freundlichen Grüßen, Volker A. Greimann - Rechtsabteilung - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann@key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook: www.facebook.com/KeySystems www.twitter.com/key_systems Geschäftsführer: Alexander Siffrin Handelsregister Nr.: HR B 18835 - Saarbruecken Umsatzsteuer ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen. -------------------------------------------- Should you have any further questions, please do not hesitate to contact us. Best regards, Volker A. Greimann - legal department - Key-Systems GmbH Im Oberen Werk 1 66386 St. Ingbert Tel.: +49 (0) 6894 - 9396 901 Fax.: +49 (0) 6894 - 9396 851 Email: vgreimann@key-systems.net Web: www.key-systems.net / www.RRPproxy.net www.domaindiscount24.com / www.BrandShelter.com Follow us on Twitter or join our fan community on Facebook and stay updated: www.facebook.com/KeySystems www.twitter.com/key_systems CEO: Alexander Siffrin Registration No.: HR B 18835 - Saarbruecken V.A.T. ID.: DE211006534 Member of the KEYDRIVE GROUP www.keydrive.lu This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.