I agree with this. The last this time the group met with the DPAs, there was zero representation of the cybersecurity needs in relation to WHOIS. The opportunity was totally blown. The DPAs need to be made aware of the societal costs to the loss of WHOIS. If they were aware of that, they would be much more receptive to the legitimate cybersecurity purposes for using the data. GDPR mentions a balance of interests and there is no sign the law was created with the intent to make cybersecurity work harder and increase the risk of breaches. Considering how minuscule the value of the entire domain industry is in comparison to the losses incurred by abuse of their product, I think that is a compelling argument for the DPAs to consider. If only it was ever presented to them.

If they state that some scheme is legal and serves a legitimate purpose for society as a whole, then bam, it is legal.

On Wed, Feb 14, 2018 at 8:56 PM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> wrote:

I think this is an excellent suggestion. May I add to this a suggestion that we include the DPAs who so kindly came to Copenhagen last year? They indicated a willingness to engage further, and I see no evidence that we have done so. I am sure the Council of Europe would be happy to broker this for us and am copying Sophie and Peter to see if we can engage them to help with this task.

I must say I am getting very weary of this endless debate, and commend the patience of folks like Michael who have been witnessing it for a decade longer than I have. I would remind everybody that there has been no substantive change in the actual application of the EU laws to ICANN, except for the 4% fines. Now, of course, as Bob Dylan famously said, money doesn't talk, it screams......

Stephanie Perrin

On 2018-02-14 18:01, Michael Palage wrote:
Chuck,

As one of the original authors to the this extraterritorial thread, I welcome all the legal interpretation by both lawyers and non-lawyers in connection the scope to Article 3 of the GDPR. I think it is fair to say there is a clear lack of consensus. Therefore I would like to propose the following. Allow the group to comprise a list of legal questions regarding this issue and forward it to ICANN.org and ask of them the following:

Provide the list of questions to Hamilton for a response

Have ICANN legal provide a response to these same questions

The reason for Number 2 is that John Jeffrey made very clear in the last webinar that he does NOT agree with all of the Hamilton analysis. I think us ICANN volunteers toiling away in the PDP coal mine are entitled/deserve an answer to these questions to allow us to move forward with more productive work It does the group no good for a bunch of well-intentioned individuals lacking the requisite legal training to debate these issues.

Best regards,

Michael

_______________________________________________ gnso-rds-pdp-wg mailing list gnso-rds-pdp-wg@icann.org https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
_______________________________________________
gnso-rds-pdp-wg mailing list
gnso-rds-pdp-wg@icann.org
https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg

_________________________________
Note to self: Pillage BEFORE burning.