It is late in the time left for revising this document so I will just offer three short comments without going in and attempting to wordsmith inside the document. Food for though!

#1:  Page 1: As part of the opening logic to the submission the text as written is:

In the matter of protection of personal and confidential information, which is a very newsworthy issue in the 21st century, privacy practices are a matter of consumer trust, and therefore high risk for those operating an Internet business.  Even if customers have obediently complied with demands for excessive collection and disclosure of personal information up to this point, in the current news furor over Snowden and the cooperation of business with national governments engaged in surveillance, this could change with the next news story.  The Internet facilitates successful privacy campaigns.

I would suggest that the submission focus in immediately on ICANN practice and evolving policy on the protection of personal and confidential information, and not so much Snowden and news stories.

[Possible revision]

In the matter of protection of personal and confidential information on the Internet social norms and public policy are evolving and ICANN should be in the forefront of helping define workable practice, as well as bringing its contract language in line with public policy.  It is bad ICANN business practice to put registrars at odds with national privacy policy. It also jeopardizes registrars’ consumer trust and puts at risk the business of those operating an Internet business.

#2: [Comment] There is a saying about the Catholic Church, to the effect that dealing with social norms it always arrives a little late and out of breath. ICANN is acting in a similar way. ICANN could both handle this in contract language, and help evolve best and workable practices around the protection of personal and confidential information by (a) contract language that is consistent with national policy, and (b) showing some leadership in what would be good and workable policy here. ICANN is neither a King nor a Church bestowing favors on registries and registrars. It is a business entering into contractual obligations with its direct customers.

#3: [Typo] I don’t know if the typo is in the Blacknight quote or not, but 5.3 should read …., then [not than] ALL registrars based in Germany…”

5.3 Response. The European Commission in its comments wrote, and we strongly agree: “the same exception should apply to others in the same jurisdiction who can demonstrate that they are in the same situation.” Further, Blacknight wrote and we support: “if ANY registrar in Germany, for example, is granted a waiver based on German law, then ALL registrars based in Germany should receive the same treatment.”  Once a national data protection or privacy law is interpreted as requiring and exemption or modification, it should be available to all Registries/Registrars in that country.

Sam L.