It’s an interesting approach but the issue does not stop on EU grounds. I just want to make all and everyone understand one difficult point:

GDPR global effect

Although it’s the EU’s legal act, the new regulation will have extraterritorial application. It will apply to any entity or data controller — inside or outside the EU — that offers goods or services to, or monitors the behavior of, EU residents, and therefore processes any of their personal data. Fines for non-compliance with the GDPR can reach 4% of the company’s annual worldwide turnover or €20 million, whichever is higher.

Now this causes problems. This can easily hit badly on ccNSO guides. The big brands have easily bought domain names that is not in the EU zone. Just a highlight. I think we should certainly stop thinking one area or country. I would tend to say we adopt one general approach for all. My take is that we have to stop thinking old ways and look forward to changes. Stop thinking old ways let’s move to One way that would give ICANN org staff less issues in handling different approaches.

Kris

On Feb 13, 2018, at 09:38, Tapani Tarvainen <ncsg@tapani.tarvainen.info> wrote:

Boxbe This message is eligible for Automatic Cleanup! (ncsg@tapani.tarvainen.info) Add cleanup rule | More info
On Mon, Feb 12, 2018 at 01:07:18PM -0800, Chuck (consult@cgomes.com) wrote:

It seems to me that it is possible to have 'one RDS' that includes
gated access to accommodate different requirements by jurisdiction.
RDAP certainly allows for this; it might get complicated, but I
think it is possible.

Good point. Certainly some jurisdiction-based differences could
be accommodated that way, although not all of GDPR requirements
are related to access only.

But that observation suggests a possible way forward.

The urgent, immediate need is to have "RDS for Europe", i.e.,
a GDPR-compliant RDS. Without that Europeans will end up simply
turning WHOIS off.

So we could try to do just that: design a hypothetical "EU-RDS", and
while doing it just make a list of things there that would be unlawful
or unpalatable elsewhere.

Then, after getting the "EU-RDS" reasonably well defined, we could see
if those differences could be managed by using RDAP abilities or
something else to create an umbrella RDS so to speak, with options to
tune it for different jurisdictions.

If nothing else, it might be useful as an exercise to ferret out
the concrete, detailed points of conflict, and move the discussion
away from the high level of abstraction that doesn't seem to be
leading anywhere.

--
Tapani Tarvainen
_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg@icann.org
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg





Kris Seeburn