Thanks, Sam! Responses to your comments:
1) I have discussed this a bit with Avri and I am reluctant to drop the 
Snowden reference, even if it is a wee bit inflammatory....this is 
partly because I am tired of talking in general terms about public 
policy, they will simply interpret that as compliance with law 
enforcement demands, not privacy expectations of consumers.
2) agreed, I am tempted to say that in the comment but resisting
3) re the typos, I will have to go back, check the quotes, and square 
bracket/sic them.  thanks!
cheers stephanie
On 2014-07-31, 13:19, Sam Lanfranco wrote:
> It is late in the time left for revising this document so I will just 
> offer three short comments without going in and attempting to 
> wordsmith inside the document. Food for though!
>
> #1:  Page 1: As part of the opening logic to the submission the text 
> as written is:
>
> /In the matter of protection of personal and confidential information, 
> which is a very newsworthy issue in the 21st century, privacy 
> practices are a matter of consumer trust, and therefore high risk for 
> those operating an Internet business. Even if customers have 
> obediently complied with demands for excessive collection and 
> disclosure of personal information up to this point, in the current 
> news furor over Snowden and the cooperation of business with national 
> governments engaged in surveillance, this could change with the next 
> news story.  The Internet facilitates successful privacy campaigns./
>
> I would suggest that the submission focus in immediately on ICANN 
> practice and evolving policy on the protection of personal and 
> confidential information, and not so much Snowden and news stories.
>
> [Possible revision]
>
> /In the matter of protection of personal and confidential information 
> on the Internet social norms and public policy are evolving and ICANN 
> should be in the forefront of helping define workable practice, as 
> well as bringing its contract language in line with public policy.  It 
> is bad ICANN business practice to put registrars at odds with national 
> privacy policy. It also jeopardizes registrars' consumer trust and 
> puts at risk the business of those operating an Internet business. /
>
> #2: [Comment] There is a saying about the Catholic Church, to the 
> effect that dealing with social norms it always arrives a little late 
> and out of breath. ICANN is acting in a similar way. ICANN could both 
> handle this in contract language, and help evolve best and workable 
> practices around the protection of personal and confidential 
> information by (a) contract language that is consistent with national 
> policy, and (b) showing some leadership in what would be good and 
> workable policy here. ICANN is neither a King nor a Church bestowing 
> favors on registries and registrars. It is a business entering into 
> contractual obligations with its direct customers.
>
> #3: [*Typo*] I don't know if the typo is in the Blacknight quote or 
> not, but 5.3 should read ...., then [not than] ALL registrars based in 
> Germany..."
>
> 5.3 Response. The European Commission in its comments wrote, and we 
> strongly agree: "the same exception should apply to others in the same 
> jurisdiction who can demonstrate that they are in the same situation." 
> Further, Blacknight wrote and we support: "if ANY registrar in 
> Germany, for example, is granted a waiver based on German law, *then* 
> ALL registrars based in Germany should receive the same treatment."  
> Once a national data protection or privacy law is interpreted as 
> requiring and exemption or modification, it should be available to all 
> Registries/Registrars in that country.
>
> Sam L.