Hi all,

With enormous thanks to the drafters and re-drafters, shocked and otherwise of this.

Hereby the official final call on Stephanie's revised Draft 5; any final comments?

This draft closes at 1500 UTC today.

All the best, Maria


On 1 August 2014 11:04, Stephanie Perrin <[log in to unmask]> wrote:
Thanks, Sam! Responses to your comments:
1) I have discussed this a bit with Avri and I am reluctant to drop the Snowden reference, even if it is a wee bit inflammatory....this is partly because I am tired of talking in general terms about public policy, they will simply interpret that as compliance with law enforcement demands, not privacy expectations of consumers.
2) agreed, I am tempted to say that in the comment but resisting
3) re the typos, I will have to go back, check the quotes, and square bracket/sic them.  thanks!
cheers stephanie

On 2014-07-31, 13:19, Sam Lanfranco wrote:
It is late in the time left for revising this document so I will just offer three short comments without going in and attempting to wordsmith inside the document. Food for though!

#1:  Page 1: As part of the opening logic to the submission the text as written is:

In the matter of protection of personal and confidential information, which is a very newsworthy issue in the 21st century, privacy practices are a matter of consumer trust, and therefore high risk for those operating an Internet business.  Even if customers have obediently complied with demands for excessive collection and disclosure of personal information up to this point, in the current news furor over Snowden and the cooperation of business with national governments engaged in surveillance, this could change with the next news story.  The Internet facilitates successful privacy campaigns.

I would suggest that the submission focus in immediately on ICANN practice and evolving policy on the protection of personal and confidential information, and not so much Snowden and news stories.

[Possible revision]

In the matter of protection of personal and confidential information on the Internet social norms and public policy are evolving and ICANN should be in the forefront of helping define workable practice, as well as bringing its contract language in line with public policy.  It is bad ICANN business practice to put registrars at odds with national privacy policy. It also jeopardizes registrars’ consumer trust and puts at risk the business of those operating an Internet business.

#2: [Comment] There is a saying about the Catholic Church, to the effect that dealing with social norms it always arrives a little late and out of breath. ICANN is acting in a similar way. ICANN could both handle this in contract language, and help evolve best and workable practices around the protection of personal and confidential information by (a) contract language that is consistent with national policy, and (b) showing some leadership in what would be good and workable policy here. ICANN is neither a King nor a Church bestowing favors on registries and registrars. It is a business entering into contractual obligations with its direct customers.

#3: [Typo] I don’t know if the typo is in the Blacknight quote or not, but 5.3 should read …., then [not than] ALL registrars based in Germany…”

5.3 Response. The European Commission in its comments wrote, and we strongly agree: “the same exception should apply to others in the same jurisdiction who can demonstrate that they are in the same situation.” Further, Blacknight wrote and we support: “if ANY registrar in Germany, for example, is granted a waiver based on German law, then ALL registrars based in Germany should receive the same treatment.”  Once a national data protection or privacy law is interpreted as requiring and exemption or modification, it should be available to all Registries/Registrars in that country.

Sam L.


_______________________________________________
PC-NCSG mailing list
[log in to unmask]
http://mailman.ipjustice.org/listinfo/pc-ncsg