Hi All, In an effort to try and find a common ground, and after recognizing Steve's input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of 'shall' to 'may' in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve's language to the Consultation period for a public comment period. Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal. Please turn off tracking changes on formatting under the 'Show Markup' pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues! Please treat this as a Zero draft for discussion. James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net<mailto:james@cyberinvasion.net?subject=Via:%20Email%20Signature> GPG: https://keybase.io/jayg
Thanks, James. I read your Zero draft put together for discussion. I note that the words “collection, display and distribution of personal data” via WHOIS are used repeatedly in this draft. Given the opinions of the article 29 working party, the 2/2003 opinion, in particular, which raises, inter alia, concerns on the searchable WHOIS facilities (reverse directories), I wonder if “collection, display and distribution of personal data” via WHOIS is too narrow. Directive 95/46/EC uses the term “'processing of personal data” which means “any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction”. But we must bear in mind that at the time when the Directive was adopted in 1995 the internet had barely begun. My colleagues must wish to consider if it is appropriate to adopt this definition in our draft. Regards, Raymond From: James Gannon Sent: Thursday, May 07, 2015 7:31 PM To: whois-iag-volunteers@icann.org Subject: [IAG-WHOIS conflicts] Dual Trigger Proposal Hi All, In an effort to try and find a common ground, and after recognizing Steve’s input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of ‘shall’ to ‘may’ in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve’s language to the Consultation period for a public comment period. Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal. Please turn off tracking changes on formatting under the ‘Show Markup’ pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues! Please treat this as a Zero draft for discussion. James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net GPG: https://keybase.io/jayg -------------------------------------------------------------------------------- _______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
Raymond We need to be very careful. What we are working on here is the implementation of an agreed policy ie. How to trigger the exemption / waiver process Broadening or redefining some of this could overstep the line, though I’d defer to ICANN staff on this Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social Random Stuff: http://michele.irish ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: Raymond HO Date: Thursday 7 May 2015 14:37 To: James Gannon, "whois-iag-volunteers@icann.org<mailto:whois-iag-volunteers@icann.org>" Subject: Re: [IAG-WHOIS conflicts] Dual Trigger Proposal Thanks, James. I read your Zero draft put together for discussion. I note that the words “collection, display and distribution of personal data” via WHOIS are used repeatedly in this draft. Given the opinions of the article 29 working party, the 2/2003 opinion, in particular, which raises, inter alia, concerns on the searchable WHOIS facilities (reverse directories), I wonder if “collection, display and distribution of personal data” via WHOIS is too narrow. Directive 95/46/EC uses the term “'processing of personal data” which means “any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction”. But we must bear in mind that at the time when the Directive was adopted in 1995 the internet had barely begun. My colleagues must wish to consider if it is appropriate to adopt this definition in our draft. Regards, Raymond From: James Gannon<mailto:james@cyberinvasion.net> Sent: Thursday, May 07, 2015 7:31 PM To: whois-iag-volunteers@icann.org<mailto:whois-iag-volunteers@icann.org> Subject: [IAG-WHOIS conflicts] Dual Trigger Proposal Hi All, In an effort to try and find a common ground, and after recognizing Steve’s input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of ‘shall’ to ‘may’ in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve’s language to the Consultation period for a public comment period. Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal. Please turn off tracking changes on formatting under the ‘Show Markup’ pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues! Please treat this as a Zero draft for discussion. James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net<mailto:james@cyberinvasion.net?subject=Via:%20Email%20Signature> GPG: https://keybase.io/jayg ________________________________ _______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org<mailto:Whois-iag-volunteers@icann.org> https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
My reasoning for using the phrase “collection, display and distribution of personal data” was as it was already part of the procedural phrasing, and I have no interest in trying to reinvent the wheel, but merely refine it into a nice circular shape that is functional. -James From: Michele Neylon - Blacknight [mailto:michele@blacknight.com] Sent: Thursday, May 07, 2015 2:40 PM To: Raymond HO; James Gannon; whois-iag-volunteers@icann.org Subject: Re: [IAG-WHOIS conflicts] Dual Trigger Proposal Raymond We need to be very careful. What we are working on here is the implementation of an agreed policy ie. How to trigger the exemption / waiver process Broadening or redefining some of this could overstep the line, though I’d defer to ICANN staff on this Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social Random Stuff: http://michele.irish ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: Raymond HO Date: Thursday 7 May 2015 14:37 To: James Gannon, "whois-iag-volunteers@icann.org<mailto:whois-iag-volunteers@icann.org>" Subject: Re: [IAG-WHOIS conflicts] Dual Trigger Proposal Thanks, James. I read your Zero draft put together for discussion. I note that the words “collection, display and distribution of personal data” via WHOIS are used repeatedly in this draft. Given the opinions of the article 29 working party, the 2/2003 opinion, in particular, which raises, inter alia, concerns on the searchable WHOIS facilities (reverse directories), I wonder if “collection, display and distribution of personal data” via WHOIS is too narrow. Directive 95/46/EC uses the term “'processing of personal data” which means “any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction”. But we must bear in mind that at the time when the Directive was adopted in 1995 the internet had barely begun. My colleagues must wish to consider if it is appropriate to adopt this definition in our draft. Regards, Raymond From: James Gannon<mailto:james@cyberinvasion.net> Sent: Thursday, May 07, 2015 7:31 PM To: whois-iag-volunteers@icann.org<mailto:whois-iag-volunteers@icann.org> Subject: [IAG-WHOIS conflicts] Dual Trigger Proposal Hi All, In an effort to try and find a common ground, and after recognizing Steve’s input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of ‘shall’ to ‘may’ in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve’s language to the Consultation period for a public comment period. Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal. Please turn off tracking changes on formatting under the ‘Show Markup’ pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues! Please treat this as a Zero draft for discussion. James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net<mailto:james@cyberinvasion.net?subject=Via:%20Email%20Signature> GPG: https://keybase.io/jayg ________________________________ _______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org<mailto:Whois-iag-volunteers@icann.org> https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
Good evening: I have reviewed the 'Dual Trigger' procedure as proposed by James Gannon, for which many thanks. However as I have explained to the recent conference calls, I see no merit in spending time on tweaking the procedure for handling eventual WHOIS conflicts with privacy and data protection laws when the underlying ICANN policy is fundamentally flawed. I have proposed to greatly simplify and expedite the matter either by ICANN adapting WHOIS to international best practice whereby all Registries and Registrars would implement a high level of personal data protection and privacy, world wide. Or alternatively, to Reverse the Burden of Proof, whereby Registries and Registrars would, as their primary default, implement applicable privacy and data protection laws in their respective jurisdictions. It would then be up to ICANN to initiate a procedure to examine whether, in any particular case, there was a threat to the stability and security of the Internet. The present draft document of some six detailed pages is really not workable and contains some serious misconceptions. - How many Registries and Registrars, world-wide, would be potentially affected by this procedure? What would be the consequences in cost and staff time for ICANN should they all actually apply for exemption? (Into how many languages would the procedure have to be translated before it could be realistically implemented by all present and future affected Registries and Registrars?) - ICANN's 'contractual WHOIS obligations' (Section 2.1) are not sacrosanct, particularly when they are inconsistent with applicable law. - the reference to '… anticipated impact on the operational stability …' (Section 4.1) is rather tendentious. I am aware of no reason to anticipate that privacy and data protection law would have any such impact. On the contrary, there are a large number of Registries (principally ccTLDs) which do respect applicable law. Did ICANN ever question whether they had any negative impact on stability, security or interoperability etc. of the Internet? - The reference in Section 5.2 to "ICANN's forbearance from enforcement of full compliance … " is likely to be perceived as rather offensive. ICANN is not in a position to force Registrars or Registries to choose between ICANN's contractual conditions and applicable law. On the contrary, ICANN's Articles of Incorporation were drafted to ensure that the opposite would be the case. More generally, there is an underlying issue of fair competition between accredited Registrars in the ICANN gTLD system. Should one accept the procedure as proposed, one would be effectively placing certain Registrars at a competitive disadvantage (a) to undertake an exorbitant procedure to obtain a waiver or exemption from ICANN's contractual conditions and/or (b) to risk infringement of applicable law vis-à-vis their Registrants and public authorities. Again, such outcome is contrary to the underlying objectives of ICANN which was created in the first place to ensure conditions of fair competition among Registrars, world-wide. In the light of the above, I would recommend that the working group proceed no further with the so called 'trigger mechanisms' and start again from a more realistic and legally compliant position. With best regards to you all Christopher Wilkinson On 07 May 2015, at 13:31, James Gannon <james@cyberinvasion.net> wrote:
Hi All, In an effort to try and find a common ground, and after recognizing Steve’s input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of ‘shall’ to ‘may’ in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve’s language to the Consultation period for a public comment period.
Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal.
Please turn off tracking changes on formatting under the ‘Show Markup’ pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues!
Please treat this as a Zero draft for discussion.
James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net GPG: https://keybase.io/jayg
<IAGWHOIS_Procedure_DualTrigger_Draft0.docx>_______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
Christopher This group needs to move forward on something that is within its scope. The ICANN policy may be flawed, but we cannot change it and I sincerely doubt that this group will reach consensus on recommending that the policy be changed. If, hypothetically, this group were to recommend that the policy be changed (which as I said, I cannot see happening) then that would lead to yet another PDP, which would take another 18 – 24 months and we would have no way of knowing what the outcome of that would be. So I would, therefore, urge you and others to focus on improving the operational implementation of the policy, which is what we are meant to be doing. An alternative, of course, would be for you to submit a minority statement outlining your views on the policy. Regards Michele -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845 From: Christopher Wilkinson Date: Thursday 7 May 2015 19:19 To: "whois-iag-volunteers@icann.org<mailto:whois-iag-volunteers@icann.org>" Subject: Re: [IAG-WHOIS conflicts] Dual Trigger Proposal Good evening: I have reviewed the 'Dual Trigger' procedure as proposed by James Gannon, for which many thanks. However as I have explained to the recent conference calls, I see no merit in spending time on tweaking the procedure for handling eventual WHOIS conflicts with privacy and data protection laws when the underlying ICANN policy is fundamentally flawed. I have proposed to greatly simplify and expedite the matter either by ICANN adapting WHOIS to international best practice whereby all Registries and Registrars would implement a high level of personal data protection and privacy, world wide. Or alternatively, to Reverse the Burden of Proof, whereby Registries and Registrars would, as their primary default, implement applicable privacy and data protection laws in their respective jurisdictions. It would then be up to ICANN to initiate a procedure to examine whether, in any particular case, there was a threat to the stability and security of the Internet. The present draft document of some six detailed pages is really not workable and contains some serious misconceptions. -How many Registries and Registrars, world-wide, would be potentially affected by this procedure? What would be the consequences in cost and staff time for ICANN should they all actually apply for exemption? (Into how many languages would the procedure have to be translated before it could be realistically implemented by all present and future affected Registries and Registrars?) -ICANN's 'contractual WHOIS obligations' (Section 2.1) are not sacrosanct, particularly when they are inconsistent with applicable law. -the reference to '… anticipated impact on the operational stability …' (Section 4.1) is rather tendentious. I am aware of no reason to anticipate that privacy and data protection law would have any such impact. On the contrary, there are a large number of Registries (principally ccTLDs) which do respect applicable law. Did ICANN ever question whether they had any negative impact on stability, security or interoperability etc. of the Internet? -The reference in Section 5.2 to "ICANN's forbearance from enforcement of full compliance … " is likely to be perceived as rather offensive. ICANN is not in a position to force Registrars or Registries to choose between ICANN's contractual conditions and applicable law. On the contrary, ICANN's Articles of Incorporation were drafted to ensure that the opposite would be the case. More generally, there is an underlying issue of fair competition between accredited Registrars in the ICANN gTLD system. Should one accept the procedure as proposed, one would be effectively placing certain Registrars at a competitive disadvantage (a) to undertake an exorbitant procedure to obtain a waiver or exemption from ICANN's contractual conditions and/or (b) to risk infringement of applicable law vis-à-vis their Registrants and public authorities. Again, such outcome is contrary to the underlying objectives of ICANN which was created in the first place to ensure conditions of fair competition among Registrars, world-wide. In the light of the above, I would recommend that the working group proceed no further with the so called 'trigger mechanisms' and start again from a more realistic and legally compliant position. With best regards to you all Christopher Wilkinson On 07 May 2015, at 13:31, James Gannon <james@cyberinvasion.net<mailto:james@cyberinvasion.net>> wrote: Hi All, In an effort to try and find a common ground, and after recognizing Steve?s input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of ?shall? to ?may? in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve?s language to the Consultation period for a public comment period. Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal. Please turn off tracking changes on formatting under the ?Show Markup? pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues! Please treat this as a Zero draft for discussion. James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net<mailto:james@cyberinvasion.net?subject=Via:%20Email%20Signature> GPG: https://keybase.io/jayg <IAGWHOIS_Procedure_DualTrigger_Draft0.docx>_______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org<mailto:Whois-iag-volunteers@icann.org> https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
Dear Michele, Dear Colleagues: I shall consider Michele's friendly advice between now and the next conference call. However, there is a limit to how much time and personal effort one can spend on this and other ICANN dossiers. I have reservations about spending more time than necessary if there is not to be an useful outcome, soon. My advice to ICANN on this matter is the classic: "if you are in a hole, stop digging." Regarding operational implementations, I recommend not more than one A4 page. Period. Remember that this will have to be translated and implemented in multiple jurisdictions, if atall. I do not exclude a minority report, but let it be clear, that would go quite widely. Best regards CW PS: Not for the first time, I find that the 'scope' of ICANN WGs (determined by Who?) is altogether counter intuitive … On 07 May 2015, at 20:31, Michele Neylon - Blacknight <michele@blacknight.com> wrote:
Christopher
This group needs to move forward on something that is within its scope.
The ICANN policy may be flawed, but we cannot change it and I sincerely doubt that this group will reach consensus on recommending that the policy be changed.
If, hypothetically, this group were to recommend that the policy be changed (which as I said, I cannot see happening) then that would lead to yet another PDP, which would take another 18 – 24 months and we would have no way of knowing what the outcome of that would be.
So I would, therefore, urge you and others to focus on improving the operational implementation of the policy, which is what we are meant to be doing.
An alternative, of course, would be for you to submit a minority statement outlining your views on the policy.
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: Christopher Wilkinson Date: Thursday 7 May 2015 19:19 To: "whois-iag-volunteers@icann.org" Subject: Re: [IAG-WHOIS conflicts] Dual Trigger Proposal
Good evening:
I have reviewed the 'Dual Trigger' procedure as proposed by James Gannon, for which many thanks.
However as I have explained to the recent conference calls, I see no merit in spending time on tweaking the procedure for handling eventual WHOIS conflicts with privacy and data protection laws when the underlying ICANN policy is fundamentally flawed.
I have proposed to greatly simplify and expedite the matter either by ICANN adapting WHOIS to international best practice whereby all Registries and Registrars would implement a high level of personal data protection and privacy, world wide. Or alternatively, to Reverse the Burden of Proof, whereby Registries and Registrars would, as their primary default, implement applicable privacy and data protection laws in their respective jurisdictions. It would then be up to ICANN to initiate a procedure to examine whether, in any particular case, there was a threat to the stability and security of the Internet.
The present draft document of some six detailed pages is really not workable and contains some serious misconceptions.
-How many Registries and Registrars, world-wide, would be potentially affected by this procedure? What would be the consequences in cost and staff time for ICANN should they all actually apply for exemption? (Into how many languages would the procedure have to be translated before it could be realistically implemented by all present and future affected Registries and Registrars?)
-ICANN's 'contractual WHOIS obligations' (Section 2.1) are not sacrosanct, particularly when they are inconsistent with applicable law.
-the reference to '… anticipated impact on the operational stability …' (Section 4.1) is rather tendentious. I am aware of no reason to anticipate that privacy and data protection law would have any such impact. On the contrary, there are a large number of Registries (principally ccTLDs) which do respect applicable law. Did ICANN ever question whether they had any negative impact on stability, security or interoperability etc. of the Internet?
-The reference in Section 5.2 to "ICANN's forbearance from enforcement of full compliance … " is likely to be perceived as rather offensive. ICANN is not in a position to force Registrars or Registries to choose between ICANN's contractual conditions and applicable law. On the contrary, ICANN's Articles of Incorporation were drafted to ensure that the opposite would be the case.
More generally, there is an underlying issue of fair competition between accredited Registrars in the ICANN gTLD system. Should one accept the procedure as proposed, one would be effectively placing certain Registrars at a competitive disadvantage (a) to undertake an exorbitant procedure to obtain a waiver or exemption from ICANN's contractual conditions and/or (b) to risk infringement of applicable law vis-à-vis their Registrants and public authorities.
Again, such outcome is contrary to the underlying objectives of ICANN which was created in the first place to ensure conditions of fair competition among Registrars, world-wide.
In the light of the above, I would recommend that the working group proceed no further with the so called 'trigger mechanisms' and start again from a more realistic and legally compliant position.
With best regards to you all
Christopher Wilkinson
On 07 May 2015, at 13:31, James Gannon <james@cyberinvasion.net> wrote:
Hi All, In an effort to try and find a common ground, and after recognizing Steve?s input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of ?shall? to ?may? in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve?s language to the Consultation period for a public comment period.
Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal.
Please turn off tracking changes on formatting under the ?Show Markup? pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues!
Please treat this as a Zero draft for discussion.
James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net GPG: https://keybase.io/jayg
<IAGWHOIS_Procedure_DualTrigger_Draft0.docx>_______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
Dear Michele, Christopher, and Colleagues: 1. I do understand Michele's frustration with this implementation issue, and the reality that registrars are at risk. However, since this is really the first "kick at the can" to go over this procedure, I would beg for patience. Some of us are new to this forum, and you seasoned experts are supposed to be welcoming us newcomers and helping us figure out the arcane jumble of consensus policy that is ICANN. (ahem). 2. As indicated in conversations previously, I agree with Christopher and will be happy to draft that dissent, should he care to join me in mine. Some of us have a fundamental problem in implementing a procedure that we perceive to be violating national law. Not, of course, that someone my age can claim to be astonished, but it is my considered view that it would not be ethical to sign on to a procedure that papers over a fundamentally flawed policy. That is of course my personal view. I understand that other stakeholders are extremely happy with this policy and have no desire to revisit it. 3. For those interested in other national law than the well-discussed European legislation that meets the standard of the Directive 95/46, I have just received my copy (hot off the presses, a phrase which has now become meaningless thanks to just in time printing, but never mind) of Graham Greenleaf's excellent volume on Asian Data Privacy Laws (Oxford U Press, 2014). I will be happy to bore you to death with my findings once I have dug through the 579 pages (I do realize this gives Michele and others a further incentive to rush our little working group along). Professor Greenleaf (now Emeritus of UNSW in Sydney, Australia) has taught information and privacy law in law schools throughout the region, and discusses each law exhaustively in its own regional context, which is extremely important. To my knowledge, the first and most comprehensive and authoritative such volume in English. I will forward my markup of James' constructive contribution shortly. Kind regards, Stephanie Perrin On 2015-05-07 15:49, Christopher Wilkinson wrote:
Dear Michele, Dear Colleagues:
I shall consider Michele's friendly advice between now and the next conference call. However, there is a limit to how much time and personal effort one can spend on this and other ICANN dossiers. I have reservations about spending more time than necessary if there is not to be an useful outcome, soon. My advice to ICANN on this matter is the classic: "if you are in a hole, stop digging."
Regarding operational implementations, I recommend not more than one A4 page. Period. Remember that this will have to be translated and implemented in multiple jurisdictions, if atall.
I do not exclude a minority report, but let it be clear, that would go//quite widely.
Best regards
CW
PS: Not for the first time, I find that the 'scope' of ICANN WGs (determined by Who?) is altogether counter intuitive …
On 07 May 2015, at 20:31, Michele Neylon - Blacknight <michele@blacknight.com <mailto:michele@blacknight.com>> wrote:
Christopher
This group needs to move forward on something that is within its scope.
The ICANN policy may be flawed, but we cannot change it and I sincerely doubt that this group will reach consensus on recommending that the policy be changed.
If, hypothetically, this group were to recommend that the policy be changed (which as I said, I cannot see happening) then that would lead to yet another PDP, which would take another 18 – 24 months and we would have no way of knowing what the outcome of that would be.
So I would, therefore, urge you and others to focus on improving the operational implementation of the policy, which is what we are meant to be doing.
An alternative, of course, would be for you to submit a minority statement outlining your views on the policy.
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: Christopher Wilkinson Date: Thursday 7 May 2015 19:19 To: "whois-iag-volunteers@icann.org <mailto:whois-iag-volunteers@icann.org>" Subject: Re: [IAG-WHOIS conflicts] Dual Trigger Proposal
Good evening:
I have reviewed the 'Dual Trigger' procedure as proposed by James Gannon, for which many thanks.
However as I have explained to the recent conference calls, I see no merit in spending time on tweaking the procedure for handling eventual WHOIS conflicts with privacy and data protection laws when the underlying ICANN policy is fundamentally flawed.
I have proposed to greatly simplify and expedite the matter either by ICANN adapting WHOIS to international best practice whereby all Registries and Registrars would implement a high level of personal data protection and privacy, world wide. Or alternatively, to Reverse the Burden of Proof, whereby Registries and Registrars would, as their primary default, implement applicable privacy and data protection laws in their respective jurisdictions. It would then be up to ICANN to initiate a procedure to examine whether, in any particular case, there was a threat to the stability and security of the Internet.
The present draft document of some six detailed pages is really not workable and contains some serious misconceptions.
-How many Registries and Registrars, world-wide, would be potentially affected by this procedure? What would be the consequences in cost and staff time for ICANN should they all actually apply for exemption? (Into how many languages would the procedure have to be translated before it could be realistically implemented by all present and future affected Registries and Registrars?)
-ICANN's 'contractual WHOIS obligations' (Section 2.1) are not sacrosanct, particularly when they are inconsistent with applicable law.
-the reference to '… anticipated impact on the operational stability …' (Section 4.1) is rather tendentious. I am aware of no reason to anticipate that privacy and data protection law would have any such impact. On the contrary, there are a large number of Registries (principally ccTLDs) which do respect applicable law. Did ICANN ever question whether they had any negative impact on stability, security or interoperability etc. of the Internet?
-The reference in Section 5.2 to "ICANN's forbearance from enforcement of full compliance … " is likely to be perceived as rather offensive. ICANN is not in a position to force Registrars or Registries to choose between ICANN's contractual conditions and applicable law. On the contrary, ICANN's Articles of Incorporation were drafted to ensure that the opposite would be the case.
More generally, there is an underlying issue of fair competition between accredited Registrars in the ICANN gTLD system. Should one accept the procedure as proposed, one would be effectively placing certain Registrars at a competitive disadvantage (a) to undertake an exorbitant procedure to obtain a waiver or exemption from ICANN's contractual conditions and/or (b) to risk infringement of applicable law vis-à-vis their Registrants and public authorities.
Again, such outcome is contrary to the underlying objectives of ICANN which was created in the first place to ensure conditions of fair competition among Registrars, world-wide.
In the light of the above, I would recommend that the working group proceed no further with the so called 'trigger mechanisms' and start again from a more realistic and legally compliant position.
With best regards to you all
Christopher Wilkinson
On 07 May 2015, at 13:31, James Gannon <james@cyberinvasion.net <mailto:james@cyberinvasion.net>> wrote:
Hi All, In an effort to try and find a common ground, and after recognizing Steve?s input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of ?shall? to ?may? in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve?s language to the Consultation period for a public comment period.
Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal.
Please turn off tracking changes on formatting under the ?Show Markup? pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues!
Please treat this as a Zero draft for discussion.
*James Gannon* *Director* *Cyber Invasion Ltd* *Dun Laoghaire, County Dublin, Ireland* *Office: +353 (1)663-8787* *Cell: +353 (86)175-3581* *Email:james@cyberinvasion.net <mailto:james@cyberinvasion.net?subject=Via:%20Email%20Signature>* *GPG: https://keybase.io/jayg*
<IAGWHOIS_Procedure_DualTrigger_Draft0.docx>_______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org <mailto:Whois-iag-volunteers@icann.org> https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
_______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
PS: In so far as only three or four participants in the Working Group have actually expressed their support for the existing Whois policy, I am not sure at this point who would be in a 'minority'. CW On 07 May 2015, at 21:49, Christopher Wilkinson <cw@christopherwilkinson.eu> wrote:
Dear Michele, Dear Colleagues:
I shall consider Michele's friendly advice between now and the next conference call. However, there is a limit to how much time and personal effort one can spend on this and other ICANN dossiers. I have reservations about spending more time than necessary if there is not to be an useful outcome, soon. My advice to ICANN on this matter is the classic: "if you are in a hole, stop digging."
Regarding operational implementations, I recommend not more than one A4 page. Period. Remember that this will have to be translated and implemented in multiple jurisdictions, if atall.
I do not exclude a minority report, but let it be clear, that would go quite widely.
Best regards
CW
PS: Not for the first time, I find that the 'scope' of ICANN WGs (determined by Who?) is altogether counter intuitive …
On 07 May 2015, at 20:31, Michele Neylon - Blacknight <michele@blacknight.com> wrote:
Christopher
This group needs to move forward on something that is within its scope.
The ICANN policy may be flawed, but we cannot change it and I sincerely doubt that this group will reach consensus on recommending that the policy be changed.
If, hypothetically, this group were to recommend that the policy be changed (which as I said, I cannot see happening) then that would lead to yet another PDP, which would take another 18 – 24 months and we would have no way of knowing what the outcome of that would be.
So I would, therefore, urge you and others to focus on improving the operational implementation of the policy, which is what we are meant to be doing.
An alternative, of course, would be for you to submit a minority statement outlining your views on the policy.
Regards
Michele
-- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains http://www.blacknight.host/ http://blog.blacknight.com/ http://www.blacknight.press - get our latest news & media coverage http://www.technology.ie Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Social: http://mneylon.social ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,Ireland Company No.: 370845
From: Christopher Wilkinson Date: Thursday 7 May 2015 19:19 To: "whois-iag-volunteers@icann.org" Subject: Re: [IAG-WHOIS conflicts] Dual Trigger Proposal
Good evening:
I have reviewed the 'Dual Trigger' procedure as proposed by James Gannon, for which many thanks.
However as I have explained to the recent conference calls, I see no merit in spending time on tweaking the procedure for handling eventual WHOIS conflicts with privacy and data protection laws when the underlying ICANN policy is fundamentally flawed.
I have proposed to greatly simplify and expedite the matter either by ICANN adapting WHOIS to international best practice whereby all Registries and Registrars would implement a high level of personal data protection and privacy, world wide. Or alternatively, to Reverse the Burden of Proof, whereby Registries and Registrars would, as their primary default, implement applicable privacy and data protection laws in their respective jurisdictions. It would then be up to ICANN to initiate a procedure to examine whether, in any particular case, there was a threat to the stability and security of the Internet.
The present draft document of some six detailed pages is really not workable and contains some serious misconceptions.
-How many Registries and Registrars, world-wide, would be potentially affected by this procedure? What would be the consequences in cost and staff time for ICANN should they all actually apply for exemption? (Into how many languages would the procedure have to be translated before it could be realistically implemented by all present and future affected Registries and Registrars?)
-ICANN's 'contractual WHOIS obligations' (Section 2.1) are not sacrosanct, particularly when they are inconsistent with applicable law.
-the reference to '… anticipated impact on the operational stability …' (Section 4.1) is rather tendentious. I am aware of no reason to anticipate that privacy and data protection law would have any such impact. On the contrary, there are a large number of Registries (principally ccTLDs) which do respect applicable law. Did ICANN ever question whether they had any negative impact on stability, security or interoperability etc. of the Internet?
-The reference in Section 5.2 to "ICANN's forbearance from enforcement of full compliance … " is likely to be perceived as rather offensive. ICANN is not in a position to force Registrars or Registries to choose between ICANN's contractual conditions and applicable law. On the contrary, ICANN's Articles of Incorporation were drafted to ensure that the opposite would be the case.
More generally, there is an underlying issue of fair competition between accredited Registrars in the ICANN gTLD system. Should one accept the procedure as proposed, one would be effectively placing certain Registrars at a competitive disadvantage (a) to undertake an exorbitant procedure to obtain a waiver or exemption from ICANN's contractual conditions and/or (b) to risk infringement of applicable law vis-à-vis their Registrants and public authorities.
Again, such outcome is contrary to the underlying objectives of ICANN which was created in the first place to ensure conditions of fair competition among Registrars, world-wide.
In the light of the above, I would recommend that the working group proceed no further with the so called 'trigger mechanisms' and start again from a more realistic and legally compliant position.
With best regards to you all
Christopher Wilkinson
On 07 May 2015, at 13:31, James Gannon <james@cyberinvasion.net> wrote:
Hi All, In an effort to try and find a common ground, and after recognizing Steve?s input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of ?shall? to ?may? in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve?s language to the Consultation period for a public comment period.
Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal.
Please turn off tracking changes on formatting under the ?Show Markup? pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues!
Please treat this as a Zero draft for discussion.
James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net GPG: https://keybase.io/jayg
<IAGWHOIS_Procedure_DualTrigger_Draft0.docx>_______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
James, all: Thanks for your edits, and thanks to Steve for the proposal introduced on the last call. My apologies for not being able to join the last discussion, but I have been able to review the transcript, and the various viewpoints expressed about the proposals on the table. I've also reviewed James' draft and had the following comments: 1. My understanding of the "alternative" nature of Steve Metalitz's proposal was that it would be an alternative to - not a replacement of -the existing proceeding as outlined in 1.1 of the Procedure. I see that Section 1.1. has been deleted in James' draft. I support the inclusion of the proposal Steve submitted, as a means to provide flexibility to the trigger so that the affected registrar does not need to be in "receipt of notification of an investigation, litigation, regulatory proceeding or other government or civil action." 2. Leading on from that, I don't think it is useful to include as an alternative the possibility for an opinion from a law firm, even with the additional layers of consultation, for all the reasons which were expressed on the last call, and in prior discussions. Even the language proposed points to a lack of connection with the underlying policy, which requires a demonstration by the registrar that is actually legally prevented from complying, not that it might be. 3. A point that has been made a number of times in prior discussions is the need for a certain level of certainty and specificity as to the nature of the actual (not probable or theoretical) conflict, as part of the trigger mechanism - in keeping with the underlying policy. An opinion from a law firm does not meet that requirement, nor would an opinion or statement from a data authority without enforcement authority, or indeed any statement that comes from a body that is not specific to the registrar in question, and the specific contractual provisions and terms of service, as analyzed against national law of the relevant country. I would suggest further discussion about the proposal presented by Steve, and whether there are any ways to address some of the concerns expressed by others within that framework. Bradley Silver Chief Intellectual Property Counsel | Time Warner Inc. 1 Time Warner Center | New York, NY 10019-8016 P: 212 484 8869 | F: 212 658 9293 From: whois-iag-volunteers-bounces@icann.org [mailto:whois-iag-volunteers-bounces@icann.org] On Behalf Of James Gannon Sent: Thursday, May 07, 2015 7:32 AM To: whois-iag-volunteers@icann.org Subject: [IAG-WHOIS conflicts] Dual Trigger Proposal Hi All, In an effort to try and find a common ground, and after recognizing Steve's input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of 'shall' to 'may' in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve's language to the Consultation period for a public comment period. Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal. Please turn off tracking changes on formatting under the 'Show Markup' pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues! Please treat this as a Zero draft for discussion. James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net<mailto:james@cyberinvasion.net?subject=Via:%20Email%20Signature> GPG: https://keybase.io/jayg ================================================================= This message is the property of Time Warner Inc. and is intended only for the use of the addressee(s) and may be legally privileged and/or confidential. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, he or she is hereby notified that any dissemination, distribution, printing, forwarding, or any method of copying of this information, and/or the taking of any action in reliance on the information herein is strictly prohibited except by the intended recipient or those to whom he or she intentionally distributes this message. If you have received this communication in error, please immediately notify the sender, and delete the original message and any copies from your computer or storage system. Thank you. =================================================================
Dear Bradley Silver: Thankyou for re-circulating your amended draft. However, it would seem that there is still some misunderstanding. We have explained to the List and in conference calls that that approach does not work. Best regards Christopher Wilkinson Begin forwarded message:
From: Christopher Wilkinson <cw@christopherwilkinson.eu> Subject: Re: [IAG-WHOIS conflicts] Dual Trigger Proposal Date: 7 May 2015 20:19:14 GMT+02:00 To: "whois-iag-volunteers@icann.org" <whois-iag-volunteers@icann.org> Bcc: Olivier MJ Crepin-Leblond <ocl@gih.com>, MICHAEL NIEBEL <michael@mniebel.eu>
Good evening:
I have reviewed the 'Dual Trigger' procedure as proposed by James Gannon, for which many thanks.
However as I have explained to the recent conference calls, I see no merit in spending time on tweaking the procedure for handling eventual WHOIS conflicts with privacy and data protection laws when the underlying ICANN policy is fundamentally flawed.
I have proposed to greatly simplify and expedite the matter either by ICANN adapting WHOIS to international best practice whereby all Registries and Registrars would implement a high level of personal data protection and privacy, world wide. Or alternatively, to Reverse the Burden of Proof, whereby Registries and Registrars would, as their primary default, implement applicable privacy and data protection laws in their respective jurisdictions. It would then be up to ICANN to initiate a procedure to examine whether, in any particular case, there was a threat to the stability and security of the Internet.
The present draft document of some six detailed pages is really not workable and contains some serious misconceptions.
- How many Registries and Registrars, world-wide, would be potentially affected by this procedure? What would be the consequences in cost and staff time for ICANN should they all actually apply for exemption? (Into how many languages would the procedure have to be translated before it could be realistically implemented by all present and future affected Registries and Registrars?)
- ICANN's 'contractual WHOIS obligations' (Section 2.1) are not sacrosanct, particularly when they are inconsistent with applicable law.
- the reference to '… anticipated impact on the operational stability …' (Section 4.1) is rather tendentious. I am aware of no reason to anticipate that privacy and data protection law would have any such impact. On the contrary, there are a large number of Registries (principally ccTLDs) which do respect applicable law. Did ICANN ever question whether they had any negative impact on stability, security or interoperability etc. of the Internet?
- The reference in Section 5.2 to "ICANN's forbearance from enforcement of full compliance … " is likely to be perceived as rather offensive. ICANN is not in a position to force Registrars or Registries to choose between ICANN's contractual conditions and applicable law. On the contrary, ICANN's Articles of Incorporation were drafted to ensure that the opposite would be the case.
More generally, there is an underlying issue of fair competition between accredited Registrars in the ICANN gTLD system. Should one accept the procedure as proposed, one would be effectively placing certain Registrars at a competitive disadvantage (a) to undertake an exorbitant procedure to obtain a waiver or exemption from ICANN's contractual conditions and/or (b) to risk infringement of applicable law vis-à-vis their Registrants and public authorities.
Again, such outcome is contrary to the underlying objectives of ICANN which was created in the first place to ensure conditions of fair competition among Registrars, world-wide.
In the light of the above, I would recommend that the working group proceed no further with the so called 'trigger mechanisms' and start again from a more realistic and legally compliant position.
With best regards to you all
Christopher Wilkinson
On 22 May 2015, at 18:02, "Silver, Bradley" <Bradley.Silver@timewarner.com> wrote:
James, all:
Thanks for your edits, and thanks to Steve for the proposal introduced on the last call. My apologies for not being able to join the last discussion, but I have been able to review the transcript, and the various viewpoints expressed about the proposals on the table. I’ve also reviewed James’ draft and had the following comments:
1. My understanding of the “alternative” nature of Steve Metalitz’s proposal was that it would be an alternative to - not a replacement of –the existing proceeding as outlined in 1.1 of the Procedure. I see that Section 1.1. has been deleted in James’ draft. I support the inclusion of the proposal Steve submitted, as a means to provide flexibility to the trigger so that the affected registrar does not need to be in “receipt of notification of an investigation, litigation, regulatory proceeding or other government or civil action.” 2. Leading on from that, I don’t think it is useful to include as an alternative the possibility for an opinion from a law firm, even with the additional layers of consultation, for all the reasons which were expressed on the last call, and in prior discussions. Even the language proposed points to a lack of connection with the underlying policy, which requires a demonstration by the registrar that is actually legally prevented from complying, not that it might be. 3. A point that has been made a number of times in prior discussions is the need for a certain level of certainty and specificity as to the nature of the actual (not probable or theoretical) conflict, as part of the trigger mechanism – in keeping with the underlying policy. An opinion from a law firm does not meet that requirement, nor would an opinion or statement from a data authority without enforcement authority, or indeed any statement that comes from a body that is not specific to the registrar in question, and the specific contractual provisions and terms of service, as analyzed against national law of the relevant country.
I would suggest further discussion about the proposal presented by Steve, and whether there are any ways to address some of the concerns expressed by others within that framework.
Bradley Silver Chief Intellectual Property Counsel | Time Warner Inc. 1 Time Warner Center | New York, NY 10019-8016 P: 212 484 8869 | F: 212 658 9293
From: whois-iag-volunteers-bounces@icann.org [mailto:whois-iag-volunteers-bounces@icann.org] On Behalf Of James Gannon Sent: Thursday, May 07, 2015 7:32 AM To: whois-iag-volunteers@icann.org Subject: [IAG-WHOIS conflicts] Dual Trigger Proposal
Hi All, In an effort to try and find a common ground, and after recognizing Steve’s input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of ‘shall’ to ‘may’ in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve’s language to the Consultation period for a public comment period.
Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal.
Please turn off tracking changes on formatting under the ‘Show Markup’ pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues!
Please treat this as a Zero draft for discussion.
James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net GPG: https://keybase.io/jayg
================================================================= This message is the property of Time Warner Inc. and is intended only for the use of the addressee(s) and may be legally privileged and/or confidential. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, he or she is hereby notified that any dissemination, distribution, printing, forwarding, or any method of copying of this information, and/or the taking of any action in reliance on the information herein is strictly prohibited except by the intended recipient or those to whom he or she intentionally distributes this message. If you have received this communication in error, please immediately notify the sender, and delete the original message and any copies from your computer or storage system. Thank you. =================================================================
_______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
Hi Bradley, Thanks for your feedback, see comments inline. From: Silver, Bradley [mailto:Bradley.Silver@timewarner.com] Sent: Friday, May 22, 2015 5:02 PM To: James Gannon; whois-iag-volunteers@icann.org Subject: RE: Dual Trigger Proposal James, all: Thanks for your edits, and thanks to Steve for the proposal introduced on the last call. My apologies for not being able to join the last discussion, but I have been able to review the transcript, and the various viewpoints expressed about the proposals on the table. I've also reviewed James' draft and had the following comments: 1. My understanding of the "alternative" nature of Steve Metalitz's proposal was that it would be an alternative to - not a replacement of -the existing proceeding as outlined in 1.1 of the Procedure. I see that Section 1.1. has been deleted in James' draft. I support the inclusion of the proposal Steve submitted, as a means to provide flexibility to the trigger so that the affected registrar does not need to be in "receipt of notification of an investigation, litigation, regulatory proceeding or other government or civil action." JG: As Steve said he did not intend for his alternative to be exclusive in nature, I believe that the two triggers I have proposed can co-exist and indeed be complimentary to each other. 2. Leading on from that, I don't think it is useful to include as an alternative the possibility for an opinion from a law firm, even with the additional layers of consultation, for all the reasons which were expressed on the last call, and in prior discussions. Even the language proposed points to a lack of connection with the underlying policy, which requires a demonstration by the registrar that is actually legally prevented from complying, not that it might be. JG: Again we have had the discussion on the applicability of a national law, if a national law is in effect in the jurisdiction of the registrar and the registrar has competent legal opinion that the law is applicable to their business then we must accept that there is an actual prevention. We cannot go down the road of assuming that a registrar will not comply with a national law or that a national law will not be enforced. 3. A point that has been made a number of times in prior discussions is the need for a certain level of certainty and specificity as to the nature of the actual (not probable or theoretical) conflict, as part of the trigger mechanism - in keeping with the underlying policy. An opinion from a law firm does not meet that requirement, nor would an opinion or statement from a data authority without enforcement authority, or indeed any statement that comes from a body that is not specific to the registrar in question, and the specific contractual provisions and terms of service, as analyzed against national law of the relevant country. JG: As per my above comment, we must accept that national laws will be enforced in their jurisdiction, if we keep going down this route we are doing ourselves a disservice. I would suggest further discussion about the proposal presented by Steve, and whether there are any ways to address some of the concerns expressed by others within that framework. Bradley Silver Chief Intellectual Property Counsel | Time Warner Inc. 1 Time Warner Center | New York, NY 10019-8016 P: 212 484 8869 | F: 212 658 9293 From: whois-iag-volunteers-bounces@icann.org<mailto:whois-iag-volunteers-bounces@icann.org> [mailto:whois-iag-volunteers-bounces@icann.org] On Behalf Of James Gannon Sent: Thursday, May 07, 2015 7:32 AM To: whois-iag-volunteers@icann.org<mailto:whois-iag-volunteers@icann.org> Subject: [IAG-WHOIS conflicts] Dual Trigger Proposal Hi All, In an effort to try and find a common ground, and after recognizing Steve's input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of 'shall' to 'may' in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve's language to the Consultation period for a public comment period. Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal. Please turn off tracking changes on formatting under the 'Show Markup' pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues! Please treat this as a Zero draft for discussion. James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net<mailto:james@cyberinvasion.net?subject=Via:%20Email%20Signature> GPG: https://keybase.io/jayg ================================================================= This message is the property of Time Warner Inc. and is intended only for the use of the addressee(s) and may be legally privileged and/or confidential. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, he or she is hereby notified that any dissemination, distribution, printing, forwarding, or any method of copying of this information, and/or the taking of any action in reliance on the information herein is strictly prohibited except by the intended recipient or those to whom he or she intentionally distributes this message. If you have received this communication in error, please immediately notify the sender, and delete the original message and any copies from your computer or storage system. Thank you. =================================================================
I have put a few comments in the Google doc. I would like to repeat one here: this is not a two way conversation between ICANN and the registrar. It is a three way conversation, with the registrants as the third party. Registrars should not be ignoring the rights of registrants for data protection under their local laws, until they are apprehended by a data commissioner. I do realize, since I have worked in a DP Office, that this is in some jurisdictions the norm, but that does not make it right. Surely compliance with law should be one of ICANN's first acts in respecting their PICS, and they should also be cognizant of their duty, as the monopoly service provider for Internet domain names (via their responsibility as the multi-stakeholder regulator or data controller) to respect the rights of registrants. Stephanie Perrin On 15-05-23 9:03 AM, James Gannon wrote:
Hi Bradley,
Thanks for your feedback, see comments inline.
*From:* Silver, Bradley [mailto:Bradley.Silver@timewarner.com] *Sent:* Friday, May 22, 2015 5:02 PM *To:* James Gannon; whois-iag-volunteers@icann.org *Subject:* RE: Dual Trigger Proposal
James, all:
Thanks for your edits, and thanks to Steve for the proposal introduced on the last call. My apologies for not being able to join the last discussion, but I have been able to review the transcript, and the various viewpoints expressed about the proposals on the table. I’ve also reviewed James’ draft and had the following comments:
1.My understanding of the “alternative” nature of Steve Metalitz’s proposal was that it would be an alternative to - not a replacement of –the existing proceeding as outlined in 1.1 of the Procedure. I see that Section 1.1. has been deleted in James’ draft. I support the inclusion of the proposal Steve submitted, as a means to provide flexibility to the trigger so that the affected registrar does not need to be in “receipt of notification of an investigation, litigation, regulatory proceeding or other government or civil action.”
JG: As Steve said he did not intend for his alternative to be exclusive in nature, I believe that the two triggers I have proposed can co-exist and indeed be complimentary to each other.
2.Leading on from that, I don’t think it is useful to include as an alternative the possibility for an opinion from a law firm, even with the additional layers of consultation, for all the reasons which were expressed on the last call, and in prior discussions. Even the language proposed points to a lack of connection with the underlying policy, which requires a demonstration by the registrar that is /actually/ legally prevented from complying, not that it /might/ be.
JG: Again we have had the discussion on the applicability of a national law, if a national law is in effect in the jurisdiction of the registrar and the registrar has competent legal opinion that the law is applicable to their business then we must accept that there is an actual prevention. We cannot go down the road of assuming that a registrar will not comply with a national law or that a national law will not be enforced.
3.A point that has been made a number of times in prior discussions is the need for a certain level of certainty and specificity as to the nature of the actual (not probable or theoretical) conflict, as part of the trigger mechanism – in keeping with the underlying policy. An opinion from a law firm does not meet that requirement, nor would an opinion or statement from a data authority without enforcement authority, or indeed any statement that comes from a body that is not specific to the registrar in question, and the specific contractual provisions and terms of service, as analyzed against national law of the relevant country.
JG: As per my above comment, we must accept that national laws will be enforced in their jurisdiction, if we keep going down this route we are doing ourselves a disservice.
I would suggest further discussion about the proposal presented by Steve, and whether there are any ways to address some of the concerns expressed by others within that framework.
*Bradley Silver Chief Intellectual Property**Counsel |* *Time Warner Inc. *1 Time Warner Center *|* New York, NY 10019-8016
P: 212 484 8869 *|* F: 212 658 9293
*From:*whois-iag-volunteers-bounces@icann.org <mailto:whois-iag-volunteers-bounces@icann.org> [mailto:whois-iag-volunteers-bounces@icann.org] *On Behalf Of *James Gannon *Sent:* Thursday, May 07, 2015 7:32 AM *To:* whois-iag-volunteers@icann.org <mailto:whois-iag-volunteers@icann.org> *Subject:* [IAG-WHOIS conflicts] Dual Trigger Proposal
Hi All,
In an effort to try and find a common ground, and after recognizing Steve’s input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process.
My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of ‘shall’ to ‘may’ in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve’s language to the Consultation period for a public comment period.
Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal.
All: I would appreciate comments or input on the proposal.
Please turn off tracking changes on formatting under the ‘Show Markup’ pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues!
Please treat this as a Zero draft for discussion.
*James Gannon*
*Director*
*Cyber Invasion Ltd*
*Dun Laoghaire, County Dublin, Ireland*
*Office: +353 (1)663-8787*
*Cell: +353 (86)175-3581*
*Email:james@cyberinvasion.net <mailto:james@cyberinvasion.net?subject=Via:%20Email%20Signature>*
*GPG: https://keybase.io/jayg*
================================================================= This message is the property of Time Warner Inc. and is intended only for the use of the addressee(s) and may be legally privileged and/or confidential. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, he or she is hereby notified that any dissemination, distribution, printing, forwarding, or any method of copying of this information, and/or the taking of any action in reliance on the information herein is strictly prohibited except by the intended recipient or those to whom he or she intentionally distributes this message. If you have received this communication in error, please immediately notify the sender, and delete the original message and any copies from your computer or storage system. Thank you. =================================================================
_______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
Stephanie: ICANN does not like to be called a regulator when by every commonsensical measure it is. So there is in our DNA this propensity to the Orwellian. I have been wrestling with this for so many years now. It has always bothered me that neither logic and reason have provided a decent explanation as to why ICANN would knowingly choose to be a scofflaw and to aid and abet this [dis]position. Then consciously build ringamarole processes to address these maladroit behaviours when the guardians of the law say 'gotcha'. It is a mindset we all understand. There seems to be just a tad too little gumption around to change it. -Carlton -Carlton ============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* ============================= On Sun, May 24, 2015 at 8:45 AM, Stephanie Perrin < stephanie.perrin@mail.utoronto.ca> wrote:
I have put a few comments in the Google doc. I would like to repeat one here: this is not a two way conversation between ICANN and the registrar. It is a three way conversation, with the registrants as the third party. Registrars should not be ignoring the rights of registrants for data protection under their local laws, until they are apprehended by a data commissioner. I do realize, since I have worked in a DP Office, that this is in some jurisdictions the norm, but that does not make it right. Surely compliance with law should be one of ICANN's first acts in respecting their PICS, and they should also be cognizant of their duty, as the monopoly service provider for Internet domain names (via their responsibility as the multi-stakeholder regulator or data controller) to respect the rights of registrants. Stephanie Perrin
On 15-05-23 9:03 AM, James Gannon wrote:
Hi Bradley,
Thanks for your feedback, see comments inline.
*From:* Silver, Bradley [mailto:Bradley.Silver@timewarner.com <Bradley.Silver@timewarner.com>] *Sent:* Friday, May 22, 2015 5:02 PM *To:* James Gannon; whois-iag-volunteers@icann.org *Subject:* RE: Dual Trigger Proposal
James, all:
Thanks for your edits, and thanks to Steve for the proposal introduced on the last call. My apologies for not being able to join the last discussion, but I have been able to review the transcript, and the various viewpoints expressed about the proposals on the table. I’ve also reviewed James’ draft and had the following comments:
1. My understanding of the “alternative” nature of Steve Metalitz’s proposal was that it would be an alternative to - not a replacement of –the existing proceeding as outlined in 1.1 of the Procedure. I see that Section 1.1. has been deleted in James’ draft. I support the inclusion of the proposal Steve submitted, as a means to provide flexibility to the trigger so that the affected registrar does not need to be in “receipt of notification of an investigation, litigation, regulatory proceeding or other government or civil action.”
JG: As Steve said he did not intend for his alternative to be exclusive in nature, I believe that the two triggers I have proposed can co-exist and indeed be complimentary to each other.
2. Leading on from that, I don’t think it is useful to include as an alternative the possibility for an opinion from a law firm, even with the additional layers of consultation, for all the reasons which were expressed on the last call, and in prior discussions. Even the language proposed points to a lack of connection with the underlying policy, which requires a demonstration by the registrar that is *actually* legally prevented from complying, not that it *might* be.
JG: Again we have had the discussion on the applicability of a national law, if a national law is in effect in the jurisdiction of the registrar and the registrar has competent legal opinion that the law is applicable to their business then we must accept that there is an actual prevention. We cannot go down the road of assuming that a registrar will not comply with a national law or that a national law will not be enforced.
3. A point that has been made a number of times in prior discussions is the need for a certain level of certainty and specificity as to the nature of the actual (not probable or theoretical) conflict, as part of the trigger mechanism – in keeping with the underlying policy. An opinion from a law firm does not meet that requirement, nor would an opinion or statement from a data authority without enforcement authority, or indeed any statement that comes from a body that is not specific to the registrar in question, and the specific contractual provisions and terms of service, as analyzed against national law of the relevant country.
JG: As per my above comment, we must accept that national laws will be enforced in their jurisdiction, if we keep going down this route we are doing ourselves a disservice.
I would suggest further discussion about the proposal presented by Steve, and whether there are any ways to address some of the concerns expressed by others within that framework.
*Bradley Silver Chief Intellectual Property* *Counsel |* *Time Warner Inc. *1 Time Warner Center *|* New York, NY 10019-8016
P: 212 484 8869 *|* F: 212 658 9293
*From:* whois-iag-volunteers-bounces@icann.org [ mailto:whois-iag-volunteers-bounces@icann.org <whois-iag-volunteers-bounces@icann.org>] *On Behalf Of *James Gannon *Sent:* Thursday, May 07, 2015 7:32 AM *To:* whois-iag-volunteers@icann.org *Subject:* [IAG-WHOIS conflicts] Dual Trigger Proposal
Hi All,
In an effort to try and find a common ground, and after recognizing Steve’s input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process.
My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of ‘shall’ to ‘may’ in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve’s language to the Consultation period for a public comment period.
Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal.
All: I would appreciate comments or input on the proposal.
Please turn off tracking changes on formatting under the ‘Show Markup’ pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues!
Please treat this as a Zero draft for discussion.
*James Gannon*
*Director*
*Cyber Invasion Ltd*
*Dun Laoghaire, County Dublin, Ireland*
*Office: +353 (1)663-8787 <%2B353%20%281%29663-8787>*
*Cell: +353 (86)175-3581 <%2B353%20%2886%29175-3581>*
*Email:james@cyberinvasion.net <james@cyberinvasion.net?subject=Via:%20Email%20Signature>*
*GPG: https://keybase.io/jayg <https://keybase.io/jayg>*
================================================================= This message is the property of Time Warner Inc. and is intended only for the use of the addressee(s) and may be legally privileged and/or confidential. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, he or she is hereby notified that any dissemination, distribution, printing, forwarding, or any method of copying of this information, and/or the taking of any action in reliance on the information herein is strictly prohibited except by the intended recipient or those to whom he or she intentionally distributes this message. If you have received this communication in error, please immediately notify the sender, and delete the original message and any copies from your computer or storage system. Thank you. =================================================================
_______________________________________________ Whois-iag-volunteers mailing listWhois-iag-volunteers@icann.orghttps://mm.icann.org/mailman/listinfo/whois-iag-volunteers
_______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
ICANN was set up to act as the competition regulator for the DNS. (I was present at the critical meeting between the EU Competition Directorate General and the then President of ICANN) For several years that worked. Much less so now. This is why - inter alia - I fundamentally deplore the 'vertical integration' decisions associated with the new gTLDs. CW On 24 May 2015, at 19:31, Carlton Samuels <carlton.samuels@gmail.com> wrote:
Stephanie: ICANN does not like to be called a regulator when by every commonsensical measure it is. So there is in our DNA this propensity to the Orwellian.
I have been wrestling with this for so many years now. It has always bothered me that neither logic and reason have provided a decent explanation as to why ICANN would knowingly choose to be a scofflaw and to aid and abet this [dis]position. Then consciously build ringamarole processes to address these maladroit behaviours when the guardians of the law say 'gotcha'.
It is a mindset we all understand. There seems to be just a tad too little gumption around to change it.
-Carlton
-Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 Strategy, Planning, Governance, Assessment & Turnaround =============================
On Sun, May 24, 2015 at 8:45 AM, Stephanie Perrin <stephanie.perrin@mail.utoronto.ca> wrote: I have put a few comments in the Google doc. I would like to repeat one here: this is not a two way conversation between ICANN and the registrar. It is a three way conversation, with the registrants as the third party. Registrars should not be ignoring the rights of registrants for data protection under their local laws, until they are apprehended by a data commissioner. I do realize, since I have worked in a DP Office, that this is in some jurisdictions the norm, but that does not make it right. Surely compliance with law should be one of ICANN's first acts in respecting their PICS, and they should also be cognizant of their duty, as the monopoly service provider for Internet domain names (via their responsibility as the multi-stakeholder regulator or data controller) to respect the rights of registrants. Stephanie Perrin
On 15-05-23 9:03 AM, James Gannon wrote:
Hi Bradley,
Thanks for your feedback, see comments inline.
From: Silver, Bradley [mailto:Bradley.Silver@timewarner.com] Sent: Friday, May 22, 2015 5:02 PM To: James Gannon; whois-iag-volunteers@icann.org Subject: RE: Dual Trigger Proposal
James, all:
Thanks for your edits, and thanks to Steve for the proposal introduced on the last call. My apologies for not being able to join the last discussion, but I have been able to review the transcript, and the various viewpoints expressed about the proposals on the table. I’ve also reviewed James’ draft and had the following comments:
1. My understanding of the “alternative” nature of Steve Metalitz’s proposal was that it would be an alternative to - not a replacement of –the existing proceeding as outlined in 1.1 of the Procedure. I see that Section 1.1. has been deleted in James’ draft. I support the inclusion of the proposal Steve submitted, as a means to provide flexibility to the trigger so that the affected registrar does not need to be in “receipt of notification of an investigation, litigation, regulatory proceeding or other government or civil action.”
JG: As Steve said he did not intend for his alternative to be exclusive in nature, I believe that the two triggers I have proposed can co-exist and indeed be complimentary to each other.
2. Leading on from that, I don’t think it is useful to include as an alternative the possibility for an opinion from a law firm, even with the additional layers of consultation, for all the reasons which were expressed on the last call, and in prior discussions. Even the language proposed points to a lack of connection with the underlying policy, which requires a demonstration by the registrar that is actually legally prevented from complying, not that it might be.
JG: Again we have had the discussion on the applicability of a national law, if a national law is in effect in the jurisdiction of the registrar and the registrar has competent legal opinion that the law is applicable to their business then we must accept that there is an actual prevention. We cannot go down the road of assuming that a registrar will not comply with a national law or that a national law will not be enforced.
3. A point that has been made a number of times in prior discussions is the need for a certain level of certainty and specificity as to the nature of the actual (not probable or theoretical) conflict, as part of the trigger mechanism – in keeping with the underlying policy. An opinion from a law firm does not meet that requirement, nor would an opinion or statement from a data authority without enforcement authority, or indeed any statement that comes from a body that is not specific to the registrar in question, and the specific contractual provisions and terms of service, as analyzed against national law of the relevant country.
JG: As per my above comment, we must accept that national laws will be enforced in their jurisdiction, if we keep going down this route we are doing ourselves a disservice.
I would suggest further discussion about the proposal presented by Steve, and whether there are any ways to address some of the concerns expressed by others within that framework.
Bradley Silver Chief Intellectual Property Counsel | Time Warner Inc. 1 Time Warner Center | New York, NY 10019-8016
P: 212 484 8869 | F: 212 658 9293
From: whois-iag-volunteers-bounces@icann.org [mailto:whois-iag-volunteers-bounces@icann.org] On Behalf Of James Gannon Sent: Thursday, May 07, 2015 7:32 AM To: whois-iag-volunteers@icann.org Subject: [IAG-WHOIS conflicts] Dual Trigger Proposal
Hi All,
In an effort to try and find a common ground, and after recognizing Steve’s input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process.
My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of ‘shall’ to ‘may’ in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve’s language to the Consultation period for a public comment period.
Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal.
All: I would appreciate comments or input on the proposal.
Please turn off tracking changes on formatting under the ‘Show Markup’ pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues!
Please treat this as a Zero draft for discussion.
James Gannon
Director
Cyber Invasion Ltd
Dun Laoghaire, County Dublin, Ireland
Office: +353 (1)663-8787
Cell: +353 (86)175-3581
Email:james@cyberinvasion.net
================================================================= This message is the property of Time Warner Inc. and is intended only for the use of the addressee(s) and may be legally privileged and/or confidential. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, he or she is hereby notified that any dissemination, distribution, printing, forwarding, or any method of copying of this information, and/or the taking of any action in reliance on the information herein is strictly prohibited except by the intended recipient or those to whom he or she intentionally distributes this message. If you have received this communication in error, please immediately notify the sender, and delete the original message and any copies from your computer or storage system. Thank you. =================================================================
_______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
_______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
_______________________________________________ Whois-iag-volunteers mailing list Whois-iag-volunteers@icann.org https://mm.icann.org/mailman/listinfo/whois-iag-volunteers
Hi All, Please find attached Rev 1 on the dual trigger, incorporating some small changes to the trigger text that I received feedback on. If staff want to put this into a google doc for feedback please feel free. -James From: whois-iag-volunteers-bounces@icann.org [mailto:whois-iag-volunteers-bounces@icann.org] On Behalf Of James Gannon Sent: Thursday, May 07, 2015 12:32 PM To: whois-iag-volunteers@icann.org Subject: [IAG-WHOIS conflicts] Dual Trigger Proposal Hi All, In an effort to try and find a common ground, and after recognizing Steve's input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of 'shall' to 'may' in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve's language to the Consultation period for a public comment period. Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal. Please turn off tracking changes on formatting under the 'Show Markup' pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues! Please treat this as a Zero draft for discussion. James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net<mailto:james@cyberinvasion.net?subject=Via:%20Email%20Signature> GPG: https://keybase.io/jayg
Hello James and colleagues, While I appreciate that this is a constructive proposal and that it has been put forward in a good faith effort to find broader support, the problem remains whether it is consistent with the policy that it seeks to implement. That consensus policy states that the trigger to seeking a waiver of the contractual Whois obligations that the contracted party has undertaken is appropriate only when the contracted party "can credibly demonstrate that it is legally prevented by local/national privacy laws or regulations from fully complying" with those obligations. The issue is whether a written opinion prepared by a law firm at the behest of that contracted party can, by itself, amount to that credible demonstration. I believe that the answer is no, and thus a procedure that allows such an opinion, standing alone, to trigger such a waiver is inconsistent with the policy and should not be adopted. In his earlier response to Bradley, James stated "if a national law is in effect in the jurisdiction of the registrar and the registrar has competent legal opinion that the law is applicable to their business then we must accept that there is an actual prevention." I don't believe we must or should accept that, because a law firm retained by the contracted party does not have the capability to enforce that law and thus to carry out the "actual prevention" the policy requires as a trigger. While I agree with James that "we cannot go down the road of assuming that a registrar will not comply with a national law or that a national law will not be enforced," the law firm legal opinion standing alone does not credibly demonstrate either non-compliance or the realistic threat of enforcement. As stated in the European Commission comments submitted last year, "the decision of granting of an exemption to the implementation of the contractual requirements concerning the collection, display and distribution of Whois data should remain exclusively based on the most authoritative sources of interpretation of national legal frameworks." Simply put, law firms retained by contracted parties are not "the most authoritative sources of interpretation of national legal frameworks." The agencies charged with enforcement of such laws are, which is why I proposed the alternative trigger based on a written statement from such a source. I would certainly welcome suggestions for ways to refine this alternative trigger, or to consider additional alternatives that also satisfy the policy's requirement of a "credible demonstration of legal prevention." Steve Metalitz From: whois-iag-volunteers-bounces@icann.org [mailto:whois-iag-volunteers-bounces@icann.org] On Behalf Of James Gannon Sent: Monday, May 25, 2015 7:21 AM To: James Gannon; whois-iag-volunteers@icann.org Subject: Re: [IAG-WHOIS conflicts] Dual Trigger Proposal Hi All, Please find attached Rev 1 on the dual trigger, incorporating some small changes to the trigger text that I received feedback on. If staff want to put this into a google doc for feedback please feel free. -James From: whois-iag-volunteers-bounces@icann.org<mailto:whois-iag-volunteers-bounces@icann.org> [mailto:whois-iag-volunteers-bounces@icann.org] On Behalf Of James Gannon Sent: Thursday, May 07, 2015 12:32 PM To: whois-iag-volunteers@icann.org<mailto:whois-iag-volunteers@icann.org> Subject: [IAG-WHOIS conflicts] Dual Trigger Proposal Hi All, In an effort to try and find a common ground, and after recognizing Steve's input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of 'shall' to 'may' in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve's language to the Consultation period for a public comment period. Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal. Please turn off tracking changes on formatting under the 'Show Markup' pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues! Please treat this as a Zero draft for discussion. James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net<mailto:james@cyberinvasion.net?subject=Via:%20Email%20Signature> GPG: https://keybase.io/jayg<https://keybase.io/jayg>
Steve, James and all: I agree with Steve that the most authoritative sources of interpretation of national legal frameworks are agencies charged with their enforcement, particularly in the context of a policy which requires a credible demonstration that national laws prevent compliance with relevant obligations. I've taken a further look at Steve's proposal, attached here for ease of reference, and I would like to suggest we focus on whether we a possible way to bridge the gap could be to consider the necessity and feasibility of the requirement that an agency attest to its intention or preparedness to enforce the relevant law against the contracted party unless contractual obligations are adjusted in a specified manner - currently set forth as Paragraph 4. Recognizing that agencies may be reluctant to take on what might be considered a positive obligation to enforce, I think that paragraphs 1 through 3 would provide a trigger mechanism which embodies the best source of national law interpretation, while stopping short of requiring any specific legal action to be commenced - consistent with the underlying policy. This is my own view, and obviously can't speak for Steve or others who have supported his proposal. Bradley From: whois-iag-volunteers-bounces@icann.org [mailto:whois-iag-volunteers-bounces@icann.org] On Behalf Of Metalitz, Steven Sent: Monday, June 01, 2015 2:10 PM To: 'James Gannon'; whois-iag-volunteers@icann.org Subject: Re: [IAG-WHOIS conflicts] Dual Trigger Proposal Hello James and colleagues, While I appreciate that this is a constructive proposal and that it has been put forward in a good faith effort to find broader support, the problem remains whether it is consistent with the policy that it seeks to implement. That consensus policy states that the trigger to seeking a waiver of the contractual Whois obligations that the contracted party has undertaken is appropriate only when the contracted party "can credibly demonstrate that it is legally prevented by local/national privacy laws or regulations from fully complying" with those obligations. The issue is whether a written opinion prepared by a law firm at the behest of that contracted party can, by itself, amount to that credible demonstration. I believe that the answer is no, and thus a procedure that allows such an opinion, standing alone, to trigger such a waiver is inconsistent with the policy and should not be adopted. In his earlier response to Bradley, James stated "if a national law is in effect in the jurisdiction of the registrar and the registrar has competent legal opinion that the law is applicable to their business then we must accept that there is an actual prevention." I don't believe we must or should accept that, because a law firm retained by the contracted party does not have the capability to enforce that law and thus to carry out the "actual prevention" the policy requires as a trigger. While I agree with James that "we cannot go down the road of assuming that a registrar will not comply with a national law or that a national law will not be enforced," the law firm legal opinion standing alone does not credibly demonstrate either non-compliance or the realistic threat of enforcement. As stated in the European Commission comments submitted last year, "the decision of granting of an exemption to the implementation of the contractual requirements concerning the collection, display and distribution of Whois data should remain exclusively based on the most authoritative sources of interpretation of national legal frameworks." Simply put, law firms retained by contracted parties are not "the most authoritative sources of interpretation of national legal frameworks." The agencies charged with enforcement of such laws are, which is why I proposed the alternative trigger based on a written statement from such a source. I would certainly welcome suggestions for ways to refine this alternative trigger, or to consider additional alternatives that also satisfy the policy's requirement of a "credible demonstration of legal prevention." Steve Metalitz From: whois-iag-volunteers-bounces@icann.org<mailto:whois-iag-volunteers-bounces@icann.org> [mailto:whois-iag-volunteers-bounces@icann.org] On Behalf Of James Gannon Sent: Monday, May 25, 2015 7:21 AM To: James Gannon; whois-iag-volunteers@icann.org<mailto:whois-iag-volunteers@icann.org> Subject: Re: [IAG-WHOIS conflicts] Dual Trigger Proposal Hi All, Please find attached Rev 1 on the dual trigger, incorporating some small changes to the trigger text that I received feedback on. If staff want to put this into a google doc for feedback please feel free. -James From: whois-iag-volunteers-bounces@icann.org<mailto:whois-iag-volunteers-bounces@icann.org> [mailto:whois-iag-volunteers-bounces@icann.org] On Behalf Of James Gannon Sent: Thursday, May 07, 2015 12:32 PM To: whois-iag-volunteers@icann.org<mailto:whois-iag-volunteers@icann.org> Subject: [IAG-WHOIS conflicts] Dual Trigger Proposal Hi All, In an effort to try and find a common ground, and after recognizing Steve's input and comments on the call last night that his proposal needs not be the exclusive trigger I have tried to string together some draft language on what I am calling a Dual Trigger process. My changes have focused on step one being the trigger step, my changes to the remainder of the process have been minor, a change of 'shall' to 'may' in Section 2 to reflect the change in substance of the trigger mechanism. And the addition of Steve's language to the Consultation period for a public comment period. Steve: I think I have faithfully reproduced your language here please let me know if I changed anything that changes the substance of your proposal. All: I would appreciate comments or input on the proposal. Please turn off tracking changes on formatting under the 'Show Markup' pane if you get spammed with changes related to formatting. As always my battle with Word and its method of dealing with formatting revisions continues! Please treat this as a Zero draft for discussion. James Gannon Director Cyber Invasion Ltd Dun Laoghaire, County Dublin, Ireland Office: +353 (1)663-8787 Cell: +353 (86)175-3581 Email:james@cyberinvasion.net<mailto:james@cyberinvasion.net?subject=Via:%20Email%20Signature> GPG: https://keybase.io/jayg ================================================================= This message is the property of Time Warner Inc. and is intended only for the use of the addressee(s) and may be legally privileged and/or confidential. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, he or she is hereby notified that any dissemination, distribution, printing, forwarding, or any method of copying of this information, and/or the taking of any action in reliance on the information herein is strictly prohibited except by the intended recipient or those to whom he or she intentionally distributes this message. If you have received this communication in error, please immediately notify the sender, and delete the original message and any copies from your computer or storage system. Thank you. =================================================================
participants (8)
-
Carlton Samuels -
Christopher Wilkinson -
James Gannon -
Metalitz, Steven -
Michele Neylon - Blacknight -
Raymond HO -
Silver, Bradley -
Stephanie Perrin