True.....but this time the reasoning on Tucows side is a little different. The central issue surrounds the designation of the data controller. The EU Commissioners has baptised the registries and ICANN joint controllers. That position is the significant one. As I understand it the contention is - and quoting the WP29 here - "there is no fundamental change in the available legal grounds" for collecting and publishing WHOIS data. That is to say, we have longstanding issues of consent and lawful practice for legitimate collection and publication of WHOIS data in keeping with a public WHOIS. Here's the WP29 again, with my emphases: " - since this consent is a requirement for obtaining a domain name, it is not freely given and therefore would not be a valid legal basis for the publication of WHOIS-data; - even though ICANN concludes contracts with registries which require them to publish WHOIS directories, the individual domain name holders are not a party to these contracts. Therefore, ICANN and the registries would not be able to rely on the ground ‘necessary for the performance of a contract’; - ICANN and the registries would a*lso **not be able to rely on a legitimate interest for making available all personal data in WHOIS directories to the general public.**"* *T*he mockup released is what emerges after Tucows assessed and responded to their risks within the [re]new[ed] framework. What has changed is the sure and significant monetary penalties associated with breaching the regs. Money - the prospect of losing it - tends to concentrate the mind wonderfully. They figuring out just how to get out from under - or over - the joint controllership designation. And will likely throw ICANN under the bus if they are not indemnified. -Carlton ============================== *Carlton A Samuels* *Mobile: 876-818-1799Strategy, Planning, Governance, Assessment & Turnaround* ============================= On Thu, Dec 7, 2017 at 10:50 AM, Alan Greenberg <alan.greenberg@mcgill.ca> wrote:

Sorry to get into this so late.

I think we are talking at cross purposes here. TUCOWS is saying what they may do immediately, prior to asking for permission (if they ever do) and prior to having any mechanism for providing gated access to those with a legitimate need to for access without permission.

Alan

At 06/12/2017 05:10 AM, Erika Mann wrote:

Not even fully accurate. One can continue to publish core data based on legitimate interest grounds and with an explicit consent declaration. I think people are not really understanding the GDPR well.

Erika

On Tue, Dec 5, 2017 at 6:59 PM, Carlton Samuels < carlton.samuels@gmail.com> wrote: ..this fella says he's only reporting what TUCOWS say a public whois record would resemble come GDPR implementation next year.

https://domainnamewire.com/2017/12/05/wow-public-whois-look-like-2018/

-Carlton

============================== Carlton A Samuels Mobile: 876-818-1799 <(876)%20818-1799> Strategy, Planning, Governance, Assessment & Turnaround =============================

_______________________________________________ RDS-WHOIS2-RT mailing list RDS-WHOIS2-RT@icann.org https://mm.icann.org/mailman/listinfo/rds-whois2-rt

Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Microsoft-Exchange-Diagnostics: 1;YQXPR0101MB1589;27:6DV2Zg8ZWBt8SIjS4M7wzRVAp6UHkMeg/ 9WKpy3ql7KxdtzOfFKca6oa9snP/lD6Ci5IOyPmaqSZWHqFwACHxhbkHYg kKGOBrxGfuz1nioD9XECeng6s/qB7zGzlq2jh X-Microsoft-Antispam-Message-Info: 5d+2omK7L9jbTIHD+SrIxJ8WtgQHMJJxaey9qH4P2yL0K61kovCF8CtYi5Hc/ G2LBiznIQCGTx0CPwXKdIn8vdQxVKdX65woqBr1Z0uhFljBeAJ1yXGJHz8OQ vVO6EkYIw+4wZZF+bJcZ/meEbr+IA==

_______________________________________________ RDS-WHOIS2-RT mailing list RDS-WHOIS2-RT@icann.org https://mm.icann.org/mailman/listinfo/rds-whois2-rt