+1 (and then we have laws below the national level to consider, e.g. in the US) On Apr 6, 2011, at 1:43 PM, <lynn@goodsecurityconsulting.com<mailto:lynn@goodsecurityconsulting.com>> <lynn@goodsecurityconsulting.com<mailto:lynn@goodsecurityconsulting.com>> wrote: I agree that the subject of applicable laws is critical to our course of work and that privacy laws are at the heart of getting the right balance with accountability of Whois data. But I would like to reiterate that the challenge we have regarding data protection and privacy laws is that over 90 countries now have some form of privacy law or government regulation. It is an emerging area of law with very few precedents, Court rulings or case law. On top of that, all these laws in different geographic jurisdictions are not harmonized. As a CIPP, Certified Information Privacy Professional, with the International Association of Privacy Professionals, I can tell you that it is a job just to be well read on all current privacy laws and keep up with new and changing privacy laws around the world. My advice to this group is to focus on well established and accepted common principles in privacy law for purposes of the Whois Review. One example is the UN Guidelines on Computerized Personal Data Files that has been mentioned previously. Other multi-lateral instruments that can be helpful to us are the APEC Privacy Framework and the EU Privacy Directive. Please note that an update to the EU Privacy Directive is currently in work and there is published information about the concepts that are being pursued in that update. On a different note, I saw the suggestion from Sharon that we plan 2 days face to face in Singapore and strongly agree that would be time well spent. Kind regards, Lynn -------- Original Message -------- Subject: Re: [Rt4-whois] Proposed agenda for tomorrow's meeting - third task From: Kathy Kleiman <kKleiman@pir.org<mailto:kKleiman@pir.org>> Date: Wed, April 06, 2011 2:16 pm To: Emily Taylor <emily.taylor@etlaw.co.uk<mailto:emily.taylor@etlaw.co.uk>>, RT4 WHOIS <rt4-whois@icann.org<mailto:rt4-whois@icann.org>> Hi All, In response to Emily’s excellent agenda and outline, let me share that a third task, a narrow one, that I think should be added to the list. Per Emily’s outline, Section 1: “We need to undertake two tasks now to complete this section: 1. identify “legitimate needs of law enforcement” 2. identify “what factors promote consumer trust in the context of WHOIS” I agree and add a third: 3. Identify “applicable laws.” As presented at our Wednesday Public Forum session by a man at the microphone, and as defined in our applicable laws definition, there is a narrow set of laws that fall squarely within those the AoC is urging us to consider. As I reread ICANN Whois documents, including GAC Communiqués and GNSO reports over the years, there is as a repeating call across the years for ICANN to better know and review key data protection and privacy laws. This seems a fixed and narrow task - the type of short research project we projected to ICANN early on -- one for a professor and research assistant. It seems an appropriate compliment to the two areas above. Best, Kathy From: rt4-whois-bounces@icann.org<mailto:rt4-whois-bounces@icann.org> [mailto:rt4-whois-bounces@icann.org] On Behalf Of Emily Taylor Sent: Tuesday, April 05, 2011 12:50 PM To: RT4 WHOIS Subject: [Rt4-whois] Proposed agenda for tomorrow's meeting Dear all I've just returned from a few days away, and have been catching up on discussions on the list. Peter - thank you for your suggestion of an issues paper. I think this may be a good opportunity to side-step the difficulties we have discussed (and financial implications) relating to formal questionnaires, and I would be grateful if you would introduce this topic on our next call. I'm aware that the consumer trust subteam, prompted by Sarmad, has continued to work through the issues, and I'd like Sarmad to brief the RT on progress, and a proposed way forward. I would also like us to spend some quality time discussing the draft report outline which I circulated on the list on 22 March, on which there has so far been little comment. Another thing we need to do is plan our time in Singapore carefully. Peter has suggested a session with law enforcement, and we need to think through (1) whether we would find this helpful (2) how to get the most out of such a session and (3) what other stakeholders should participate? So, I attach a draft agenda for your comments, and also a copy of the draft report outline. Kind regards Emily ________________________________ _______________________________________________ Rt4-whois mailing list Rt4-whois@icann.org<mailto:Rt4-whois@icann.org> https://mm.icann.org/mailman/listinfo/rt4-whois <ATT00001..txt>