No, it means yours truly will have to go in and say remove that. I believe I have already done that numerous times, but I am losing track. Please make sure it gets into our comments from the NCSG. I am also not very popular right now with the EWG. I sent them the SCC decision already, no response. Sigh. But congrats on the decision, I know you were not participants, but I am elated. I vividly recall ranting about that ambush during the parliamentary process, saying if that isn't a Charter violation, I dont know why we bothered having one.... Instructive that it takes 16 years, approx, to get rid of a mistake. unfortunately, in a fast moving environment, 16 years is half a career for bureaucrats who want something, and four elections for politicians. The gamble on Charter violations is proving to be worth it. Now the timing and odds are slightly different at ICANN.... cheers Steph On 14-06-13 12:52 PM, Tamir Israel wrote: > The EWG's odd statement to the effect that a warrant is never required > for subscriber info has just been contradicted by Canada's highest > court. Does this mean Canadian law enforcement will be locked out of > the authentication process set up for the RDS? > > R. v. Sencer, 2014 SCC 43 > http://scc-csc.lexum.com/scc-csc/scc-csc/en/item/14233/index.do > > Best, > Tamir > > On 6/10/2014 5:16 AM, William Drake wrote: >> This has the makings of a good blog post…? >> >> Bill >> >> On Jun 9, 2014, at 10:03 PM, Tamir Israel <[log in to unmask] >> <mailto:[log in to unmask]>> wrote: >> >>> FWIW, it seems to me on a quick read that your concerns are on >>> point, Steph. >>> >>> First, you flag that while one of the core objectives of this RDS >>> was to provide some privacy over WHOIS, most individuals will not be >>> able to shield their identity from the general public. Registrant >>> name and address (but not email address) are 'gated' and hence not >>> available to the general public. But, as you say in your note, all >>> registrants are obligated to provide legal contact info which will >>> be publicly available. This is evident in Annex E and also in >>> footnote 39. While many big companies may use legal counsel or other >>> proxies to register, most individuals and even small businesses will >>> need to use their own name and contact info, thereby defeating the >>> purpose of permitting their contact info to remain 'gated'. So the >>> end result is that more data elements are collected and centralized, >>> without the anticipated /pro quo/ of having less information 'gated' >>> or 'publicly available'. >>> >>> Second, you flag that the RDS' very ambitious data protection >>> project is problematic and will not serve to effectively protect >>> even 'gated' data. I think I agree. As far as I can tell, the EWG >>> proposes to adopt a tiered approach to data protection for RDS data. >>> It is certainly innovative, but I think ultimately it'll be >>> ineffective since the EWG report sets way too many parameters in >>> stone to permit for the data protection mechanisms it adopts to operate. >>> >>> The privacy protection mechanisms suggested by the EWG are: >>> (1) First, they wish to encode some basic privacy principles and >>> apply them across all RDS players by means of contract law, backed >>> up by regulatory enforcement in those jurisdictions that require >>> such things (not clear how ICANN is going to 'harmonize a basic >>> level of data protection rights', something that has been tried and >>> failed repeatedly in multiple fora in the past). >>> (2) Second, they intend to localize RDS data storage within a >>> jurisdiction(s) with strong and existing data protection rules (it's >>> not clear how this jurisdiction(s) will be picked). >>> (3) Finally, there will be a 'rules engine' that seeks to somehow >>> codify data protection rules for all the world's jurisdictions and >>> to, again somehow, apply these to different data elements based on >>> where these are transferred to, processed, etc. Presumably, data >>> will be marked up based on jurisdictions in which it was >>> stored/processed, and this will provide insight into applicable laws >>> (this ignores realities of the laws of jurisdiction, unless they >>> intend to impose some blanket forum selection clause in and impose >>> it on all elements of the RDS ecosystem). >>> >>> Ultimately, though, as Steph notes, these efforts are not helpful, >>> as Registrants are forced to 'consent' to a long and extremely broad >>> permissible purposes at point of collection (p. 42 -- Stephs' >>> dissent is noted in footnote 7). Once this consent is obtained, a >>> large number of entities can access, use and further disclose the >>> information in question for the many permissible purposes. While the >>> form of consent is subject to the over-arching harmonized privacy >>> principles (1) and to whatever additional jurisdictional rules are >>> piled on (2) and (3), the list of permissible purposes is not >>> variable, and appears offered on a 'take it or leave it' basis. This >>> leaves minimal latitude for any meaningful operation of data >>> protection principles (except, perhaps, those relating to data >>> security, access and accuracy/integrity). >>> >>> Nor is there any opportunity to minimize collection, as this too is >>> 'hard wired' into the EWG's report, which provide a very long list >>> of mandatory data elements. By contrast, an explicit 'opt-in' >>> mechanism is adopted for governing whether any data elements a >>> registrant provides that are gated by default can be made public. >>> This is good, but it's not clear to me how it helps, as the core >>> identifying data elements are already public. >>> >>> In terms of law enforcement access, they basically write off any >>> issue since apparently the data in question is not private enough in >>> their opinion to warrant any legal protection at all under any >>> jurisdiction. Nonetheless, they feel the need to locate RDS data in >>> "jurisdiction(s) where law enforcement is globally trusted". Not >>> sure what that means. >>> >>> Perhaps ironically, the document recognizes the need for anonymity >>> in this context. But it only does so in the context of the proxy >>> service and secure protected credentials which, as steph points out >>> in her note, are ineffective in the context of individual registrants. >>> >>> Overall, this seems like an incredibly and unnecessarily complex >>> system that could be managed far more efficiently with simple >>> contactability, plus an ICANN-run mechanism for identification upon >>> demonstration of clear need. >>> >>> I could be missing something, though. And also apologies for the >>> very lengthy email.... >>> >>> Best, >>> Tamir >>> >>> On 6/8/2014 10:54 AM, Stephanie Perrin wrote: >>>> Folks let me say this: >>>> 1. Milton, you were not supposed to publish it! I needed to edt >>>> it to reflect the new status of it being a minority report, and >>>> also no mention of JF Baril >>>> 2. We need to be sure I am correct. IF they are right and i have >>>> misread the report, then I look like an idiot. >>>> 3. Most of the report is still concensus. AS I think I said in >>>> the 3 pager, recently, certain principles put everything slightly >>>> out of balance.... >>>> Sheesh. Can they bann me from ICANN? >>>> ON a positive note, I must say your blog is well read Milton, I got >>>> a sweet note from Mikey. I guess he knows what I feel like right >>>> now... >>>> cheers steph >>>> >>>> On 2014-06-08, 3:48 AM, Rafik Dammak wrote: >>>>> >>>>> probably "occupy" the 2 public sessions for EWG i.e. attending >>>>> them , ask the hard questions and debunk the myth of having >>>>> consensus. >>>>> privacy issue was suggested by Marilia as 1 of the topics for the >>>>> meeting with Board too, >>>>> we also should comment the report itself in due time. >>>>> >>>>> Rafik >>>>> >>>>> Hi >>>>> >>>>> p. 6 "This Final Report, including its recommendations and >>>>> proposed principles for the next- generation RDS, reflects a >>>>> consensus.” >>>>> >>>>> p. 164 "With the delivery of this Final Report and its 180 >>>>> consensus-supported principles, the Board’s vision has indeed >>>>> materialized.” >>>>> >>>>> p. 165 "Among the EWG members were seasoned entrepreneurs and >>>>> global leaders (Ajayi, Ala- Pietilä, Neylon, Rasmussen, and Shah). >>>>> Their collective expertise in balancing risks and their >>>>> results-oriented problem solving style paved the way to reaching >>>>> an early consensus among the EWG.” >>>>> >>>>> This characterization doesn’t seem to quite fit with Stephanie’s >>>>> excellent and (astonishingly) suppressed Dissenting Report… >>>>> >>>>> How shall we proceed in London? >>>>> >>>>> Bill >>>>> >>>>>> >>>>>> *From:*Denise Michel [mailto:[log in to unmask]] >>>>>> *Sent:*samedi 7 juin 2014 19:36 >>>>>> *Subject:*Expert Working Group on gTLD Directory Services (EWG) >>>>>> Final Report >>>>>> Dear All: >>>>>> The Expert Working Group on gTLD Directory Services (EWG) has >>>>>> issued their Final Report >>>>>> <https://www.icann.org/en/system/files/files/final-report-06jun14-en.pdf>. >>>>>> Given your group's interest in this topic, I wanted to bring this >>>>>> to your attention, along with the public sessions the EWG has >>>>>> scheduled at the ICANN London meeting: >>>>>> >>>>>> * An introduction to the Final Report: EWG Overview of Final >>>>>> Report >>>>>> <http://london50.icann.org/en/schedule/mon-ewg-final-overview>, >>>>>> Monday, 23 June, 1515 – 1615 >>>>>> * Two cross-community discussion sessions: >>>>>> o EWG Final Report Discussion Session >>>>>> <http://london50.icann.org/en/schedule/mon-ewg-final-discussion>, Monday, >>>>>> 23 June, 1700 - 1900 >>>>>> o EWG Final Report Discussion Session >>>>>> <http://london50.icann.org/en/schedule/wed-ewg-final-discussion>, >>>>>> Wednesday, 25 June, 0800 – 1000 >>>>>> >>>>>> The Final Report fulfills the ICANN Board's directive to help >>>>>> redefine the purpose and provision of gTLD registration data, and >>>>>> provides a foundation to help the ICANN community (through the >>>>>> GNSO) create a new global policy for gTLD directory services. >>>>>> This report represents the culmination of an intense 15 month >>>>>> period of work during which this diverse group of volunteers >>>>>> <https://www.icann.org/resources/pages/gtld-directory-services-2013-02-14-en> created >>>>>> an alternative to today's WHOIS to better serve the global >>>>>> Internet community -- a next-generation Registration Directory >>>>>> Service (RDS). >>>>>> The EWG looks forward to discussing this with the ICANN >>>>>> community. Thank you for sharing this notice broadly. >>>>>> Regards, >>>>>> Denise >>>>>> Denise Michel >>>>>> VP Strategic Initiatives >>>>>> ICANN >>>>>> [log in to unmask] <mailto:[log in to unmask]> >>>>> >>>>> *********************************************** >>>>> William J. Drake >>>>> International Fellow & Lecturer >>>>> Media Change & Innovation Division, IPMZ >>>>> University of Zurich, Switzerland >>>>> Chair, Noncommercial Users Constituency, >>>>> ICANN, www.ncuc.org <http://www.ncuc.org/> >>>>> [log in to unmask] <mailto:[log in to unmask]> (direct), >>>>> [log in to unmask] <mailto:[log in to unmask]> (lists), >>>>> www.williamdrake.org <http://www.williamdrake.org/> >>>>> *********************************************** >>>>> >>>> >>