Hi, On Fri, Mar 09, 2018 at 08:48:17PM +0100, theo geurts wrote:
These recommendations go beyond WHOIS, but yet tie in directly with issues we will face as a WG.
Furthermore, this is not a few DPA's from Europe who made these recommendations; these are the recommendations from DPA's and experts all over the world, which makes it, in my opinion, a global recommendation.
And to kindly to remind everyone again, there are more than 120 countries with data protection laws. So this is not some little tea club gathering, these recommendations took a lot of time to get vetted by this group due to the many members. They started working in November last year on this, so they took their time.
We would be fools to ignore this.
That's nice. But you said nothing relevant to the question I was asking: is there even one single thing in this paper that is new and that I need to read before thinking about the RDS issues any further? I don't think there is left anyone here in any doubt that there are serious privacy concerns about the RDS held by several people, including several DPAs from all over the world (with the full force of legislation behind them). I don't think this WG (nor for that matter the many various groups who have worked on this topic before) is missing the perspective. I am aware that there are people "dug in" about how the data protection view is mistaken or incorrect in some way. Indeed, there are most definitely examples of things that I think _must_ be available on the network in order to make the network continue to operate. (At the DNS-OARC meeting yesterday, here in San Juan, we had an example of that from a large ISP that does DNSSEC validation.) But I don't think any of those people are "dug in" because they didn't understand that there is relevant or applicable legislation, or that there are serious and legitimate privacy concerns or anything of that sort. They're not uninformed. So, I ask again: what is _new_ in this report that would bring some a ray of light, however feeble, into the discussion such that we should all read it. Because in a quick scan of the numbered recommendations just now, I saw literally nothing that has not been brought up already more than once, and I see at least one recommendation that is so breathtakingly ignorant of the architecutre of the Internet as to make me roll my eyes. We need to complete this work some day, or else just give up in frustration. For me, I will say, my patience for endless insistence that we consider a new report recommending exactly the same thing that 30 other reports have already recommended is about gone. Rather than considering new restatements of all the evidence we already have, I would like us to move to the part where we do the hard work of forging a compromise people can live with for the identifier systems where ICANN has a clear mandate to act, based on the clear needs to support the identifier systems where ICANN has a remit. If you think I have missed something important in support of that goal, I would welcome being so informed. But until someone says something actually new, I think we should work on the basis of the copious evidence we already have before us. Best regards, A -- Andrew Sullivan ajs@anvilwalrusden.com