--------------39B27B03A00A8D5B7B2D9BEB Content-Type: text/plain; charset=UTF-8; name="Attached Message Part" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="Attached Message Part" _______________________________________________ NCSG-PC mailing list [log in to unmask] https://lists.ncsg.is/mailman/listinfo/ncsg-pc --------------39B27B03A00A8D5B7B2D9BEB-- ========================================================================= Date: Sun, 25 Apr 2021 19:46:02 +0000 Reply-To: "Mueller, Milton L" <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: "Mueller, Milton L" <[log in to unmask]> Subject: Re: EPDP policy issues X-To: "[log in to unmask]" <[log in to unmask]> In-Reply-To: <[log in to unmask]> Content-Type: multipart/alternative; boundary="_000_BN7PR07MB4689945DBF332AE7EE61D136A1439BN7PR07MB4689namp_" MIME-Version: 1.0 Message-ID: <[log in to unmask]> --_000_BN7PR07MB4689945DBF332AE7EE61D136A1439BN7PR07MB4689namp_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 S2F0aHksDQpUaGFua3MgZm9yIHlvdXIgaGVscGZ1bCBpbnRlcnZlbnRpb24uIEkgZXNwZWNpYWxs eSBsaWtlZCB5b3VyIGRpc2N1c3Npb24gb2YgdGhpczoNCg0KYSkgICAgICBJcyBhIG5hbWUg4oCc cGVyc29uYWwgZGF0YeKAnT8NCmIpICAgICAgSXMgYW4gYWRkcmVzcyDigJxwZXJzb25hbCBkYXRh 4oCdPw0KYykgICAgICAgSXMgYSBjZWxsIHBob25lIOKAnHBlcnNvbmFsIGRhdGHigJ0/DQpkKSAg ICAgIElzIGFuIGVtYWlsIOKAnHBlcnNvbmFsIGRhdGHigJ0/DQoNClRoaW5raW5nIGFib3V0IHRo aXMgcHJvYmxlbSDigJMgd2hhdCBpcyBwZXJzb25hbCBkYXRhIOKAkyBpcyB3aGF0IGxlZCBtZSB0 byBzdGFydCBtb2RpZnlpbmcgbXkgcG9zaXRpb24gb24gdGhpcyBpc3N1ZS4gSW4gYSBkaWdpdGFs IHdvcmxkIHRoZXJlIGlzIG5vIGhhcmQsIHdlbGwtZGVmaW5lZCBudWdnZXQgb2YgZGF0YSB0aGF0 IGlzIOKAnHBlcnNvbmFs4oCdIGFuZCBldmVyeXRoaW5nIGVsc2UgaXMgbm90LiBZb3VyIOKAnHBl cnNvbmFsaXR54oCdIGlzIHJlZmxlY3RlZCBpbiBhIGxvdCBvZiBfYWN0aXZpdHlfIG9uIHRoZSBu ZXQsIGFuZCBhbnlvbmUgd2hvIGNhbiBnYXRoZXIgYW5kIGNvcnJlbGF0ZSBhbGwgb2YgdGhvc2Ug Zm9vdHByaW50cyBrbm93cyBhIGxvdCBvZiBwZXJzb25hbCBpbmZvIGFib3V0IHlvdS4gVHJ1ZSwg eW91ciBuYW1lIGFuZCBsb2NhdGlvbiwgd2hlcmUgeW91IGxpdmUsIG9yIHlvdXIgU1NOIG9yIG5h dGlvbmFsIGlkZW50aXR5IG51bWJlciBvZiBkcml2ZXJz4oCZIGxpY2Vuc2UsIHByb3ZpZGUgYSBz dHJvbmdlciBiYXNpcyBmb3IgcHV0dGluZyBhbGwgdGhlc2UgY29ycmVsYXRpb25zIGludG8gYW4g YWN0aW9uYWJsZSBpZGVudGl0eS4gQW5kIHRoYXQgZGF0YSBpcyBvdXQgdGhlcmUgaW4gYSBudW1i ZXIgb2YgcGxhY2VzLCB3aG9pcyBpcyByZWxhdGl2ZWx5IHNtYWxsIHBhcnQgb2YgdGhhdCBwcm9i bGVtLiBBIHZlcnkgc21hbGwgcGFydCwgaW4gZmFjdA0KDQpUaGlzIGlzIG9uZSBvZiB0aGUgcmVh c29ucyBJIGRvbuKAmXQgbGlrZSBTdGVwaGFuaWXigJlzIHByb3Bvc2VkIGFwcHJvYWNoIChJIHdp bGwgdHJ5IHRvIGFuc3dlciBoZXIgbWVzc2FnZSBzZXBhcmF0ZWx5KS4gSW5zdGVhZCBvZiBhIHNp bXBsZSBzZWxmLWRlc2lnbmF0aW9uIGFzIGxlZ2FsIG9yIG5hdHVyYWwgKGNvbXBhbnkgb3IgaW5k aXZpZHVhbCksIHRoZXkgd2FudCB0byB0cnkgdG8gZm9yY2UgcmVnaXN0cmFycyBpbnRvIGFuIGVs YWJvcmF0ZSBwcm9jZXNzIG9mIGVsaW1pbmF0aW5nIHBlcnNvbmFsIGRhdGEgZnJvbSB0aGUgcmVj b3JkLiBCdXQgYW55dGhpbmcgY2FuIGJlIHBlcnNvbmFsIGRhdGEuIE9SIHNvbWUgdGhpbmdzIHRo YXQgc2VlbSB0byBiZSBwZXJzb25hbCBhcmUgbm90IHNvIHBlcnNvbmFsLiBJIHRoaW5rIHN1Y2gg YSBwcm9jZXNzIGlzIGdvaW5nIHRvIG1ha2UgcmVnaXN0ZXJpbmcgYSBkb21haW4gY29tcGxpY2F0 ZWQgYW5kIGV4cGVuc2l2ZSBhbmQgdWx0aW1hdGVseSB3aWxsIG5vdCBwcm90ZWN0IG11Y2guIFdv cnNlLCBzdWNoIGEgcHJvY2VzcyB3aWxsIGFsc28gYmUgYSBjYW1lbOKAmXMgbm9zZSB1bmRlciB0 aGUgdGVudCBwcm9jZXNzIGluIHdoaWNoIHJlZ2lzdHJhcnMgYXNzdW1lIG1vcmUgYW5kIG1vcmUg cmVzcG9uc2liaWxpdHkgZm9yIGRldGVybWluaW5nIHRoZSBhY2N1cmFjeSBvZiByZWdpc3RyYXRp b24gZGF0YSBhbmQgZm9yIHZlcmlmeWluZyB0aGUgaWRlbnRpdHkgb2YgZXZlcnlvbmUgd2hvIHJl Z2lzdGVycy4NCg0KTGV04oCZcyBrZWVwIGl0IHNpbXBsZSBhbmQgdW5kZXIgdGhlIHJlZ2lzdHJh bnRz4oCZIGNvbnRyb2wuIFRoZSBtb3JlIHlvdSBpbnZvbHZlIHRoaXJkIHBhcnR5IHJ1bGVzIGFu ZCByZWd1bGF0aW9ucyBpbiB0aGUgcmVnaXN0cmF0aW9uIHByb2Nlc3MsIHRoZSBtb3JlIGNvbXBs aWNhdGVkIGFuZCBleHBlbnNpdmUgaXQgYmVjb21lcywgYW5kIHRoZSBwcml2YWN5IGdhaW5zIG9m IHN1Y2ggcHJvY2Vzc2VzIGFyZSBtaW5pc2N1bGUsIHRoZXkgYXJlIG1vc3RseSBoeXBvdGhldGlj YWwgYW5kIHRoZW9yZXRpY2FsLg0KDQpTbyBJIHRoaW5rIGl0IGlzIHNpbXBsZXN0IHRvIGp1c3Qg c2F5IHRvIHRoZSByZWdpc3RyYW50LCBpZiB5b3XigJlyZSBhIGNvbXBhbnkgYW5kIGRvbuKAmXQg bWluZCAob3IgZXZlbiB3YW50KSB5b3VyIGRhdGEgdG8gYmUgcHVibGlzaGVkLCBjaGVjayB0aGlz IGJveC4gSWYgeW914oCZcmUgbm90LCBvciB5b3UgZG8gbWluZCwgZG9u4oCZdCBjaGVjayBpdC4N Cg== --_000_BN7PR07MB4689945DBF332AE7EE61D136A1439BN7PR07MB4689namp_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6bz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6b2ZmaWNlIiB4 bWxuczp3PSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTp3b3JkIiB4bWxuczptPSJo dHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA0LzEyL29tbWwiIHhtbG5zPSJo dHRwOi8vd3d3LnczLm9yZy9UUi9SRUMtaHRtbDQwIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVp dj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0KPG1l dGEgbmFtZT0iR2VuZXJhdG9yIiBjb250ZW50PSJNaWNyb3NvZnQgV29yZCAxNSAoZmlsdGVyZWQg bWVkaXVtKSI+DQo8c3R5bGU+PCEtLQ0KLyogRm9udCBEZWZpbml0aW9ucyAqLw0KQGZvbnQtZmFj ZQ0KCXtmb250LWZhbWlseToiQ2FtYnJpYSBNYXRoIjsNCglwYW5vc2UtMToyIDQgNSAzIDUgNCA2 IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToy IDE1IDUgMiAyIDIgNCAzIDIgNDt9DQovKiBTdHlsZSBEZWZpbml0aW9ucyAqLw0KcC5Nc29Ob3Jt YWwsIGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1hbA0KCXttYXJnaW46MGluOw0KCW1hcmdpbi1i b3R0b206LjAwMDFwdDsNCglmb250LXNpemU6MTIuMHB0Ow0KCWZvbnQtZmFtaWx5OiJUaW1lcyBO ZXcgUm9tYW4iLHNlcmlmO30NCmE6bGluaywgc3Bhbi5Nc29IeXBlcmxpbmsNCgl7bXNvLXN0eWxl LXByaW9yaXR5Ojk5Ow0KCWNvbG9yOmJsdWU7DQoJdGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9 DQphOnZpc2l0ZWQsIHNwYW4uTXNvSHlwZXJsaW5rRm9sbG93ZWQNCgl7bXNvLXN0eWxlLXByaW9y aXR5Ojk5Ow0KCWNvbG9yOnB1cnBsZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCnAN Cgl7bXNvLXN0eWxlLXByaW9yaXR5Ojk5Ow0KCW1zby1tYXJnaW4tdG9wLWFsdDphdXRvOw0KCW1h cmdpbi1yaWdodDowaW47DQoJbXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG87DQoJbWFyZ2luLWxl ZnQ6MGluOw0KCWZvbnQtc2l6ZToxMi4wcHQ7DQoJZm9udC1mYW1pbHk6IlRpbWVzIE5ldyBSb21h biIsc2VyaWY7fQ0KcC5tc29ub3JtYWwwLCBsaS5tc29ub3JtYWwwLCBkaXYubXNvbm9ybWFsMA0K CXttc28tc3R5bGUtbmFtZTptc29ub3JtYWw7DQoJbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87DQoJ bWFyZ2luLXJpZ2h0OjBpbjsNCgltc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzsNCgltYXJnaW4t bGVmdDowaW47DQoJZm9udC1zaXplOjEyLjBwdDsNCglmb250LWZhbWlseToiVGltZXMgTmV3IFJv bWFuIixzZXJpZjt9DQpzcGFuLkVtYWlsU3R5bGUyMQ0KCXttc28tc3R5bGUtdHlwZTpwZXJzb25h bDsNCglmb250LWZhbWlseToiQ2FsaWJyaSIsc2Fucy1zZXJpZjsNCgljb2xvcjojMUY0OTdEO30N CnNwYW4uRW1haWxTdHlsZTIyDQoJe21zby1zdHlsZS10eXBlOnBlcnNvbmFsLWNvbXBvc2U7DQoJ Zm9udC1mYW1pbHk6IkNhbGlicmkiLHNhbnMtc2VyaWY7DQoJY29sb3I6d2luZG93dGV4dDt9DQou TXNvQ2hwRGVmYXVsdA0KCXttc28tc3R5bGUtdHlwZTpleHBvcnQtb25seTsNCglmb250LXNpemU6 MTAuMHB0O30NCkBwYWdlIFdvcmRTZWN0aW9uMQ0KCXtzaXplOjguNWluIDExLjBpbjsNCgltYXJn aW46MS4waW4gMS4waW4gMS4waW4gMS4waW47fQ0KZGl2LldvcmRTZWN0aW9uMQ0KCXtwYWdlOldv cmRTZWN0aW9uMTt9DQotLT48L3N0eWxlPg0KPC9oZWFkPg0KPGJvZHkgbGFuZz0iRU4tVVMiIGxp bms9ImJsdWUiIHZsaW5rPSJwdXJwbGUiPg0KPGRpdiBjbGFzcz0iV29yZFNlY3Rpb24xIj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFt aWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj5LYXRoeSw8 bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0i Zm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2Vy aWY7Y29sb3I6IzFGNDk3RCI+VGhhbmtzIGZvciB5b3VyIGhlbHBmdWwgaW50ZXJ2ZW50aW9uLiBJ IGVzcGVjaWFsbHkgbGlrZWQgeW91ciBkaXNjdXNzaW9uIG9mIHRoaXM6PG86cD48L286cD48L3Nw YW4+PC9wPg0KPHAgc3R5bGU9Im1hcmdpbi1ib3R0b206MTIuMHB0Ij48ZW0+PHNwYW4gc3R5bGU9 ImZvbnQtc2l6ZToxMC41cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJp ZiI+YSkmbmJzcDsgJm5ic3A7ICZuYnNwOyBJcyBhIG5hbWUg4oCccGVyc29uYWwgZGF0YeKAnT88 L3NwYW4+PC9lbT48aT48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTom cXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmIj48YnI+DQo8ZW0+PHNwYW4gc3R5bGU9ImZvbnQt ZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWYiPmIpJm5ic3A7ICZuYnNwOyAmbmJz cDsgSXMgYW4gYWRkcmVzcyDigJxwZXJzb25hbCBkYXRh4oCdPzwvc3Bhbj48L2VtPjxicj4NCjxl bT48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZiI+ YykmbmJzcDsgJm5ic3A7ICZuYnNwOyAmbmJzcDtJcyBhIGNlbGwgcGhvbmUg4oCccGVyc29uYWwg ZGF0YeKAnT88L3NwYW4+PC9lbT48YnI+DQo8ZW0+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZx dW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWYiPmQpJm5ic3A7ICZuYnNwOyAmbmJzcDsgSXMgYW4g ZW1haWwg4oCccGVyc29uYWwgZGF0YeKAnT88L3NwYW4+PC9lbT48L3NwYW4+PC9pPjxzcGFuIHN0 eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMt c2VyaWYiPjxicj4NCjxicj4NCjxzcGFuIHN0eWxlPSJjb2xvcjojMUY0OTdEIj5UaGlua2luZyBh Ym91dCB0aGlzIHByb2JsZW0g4oCTIHdoYXQgaXMgcGVyc29uYWwgZGF0YSDigJMgaXMgd2hhdCBs ZWQgbWUgdG8gc3RhcnQgbW9kaWZ5aW5nIG15IHBvc2l0aW9uIG9uIHRoaXMgaXNzdWUuIEluIGEg ZGlnaXRhbCB3b3JsZCB0aGVyZSBpcyBubyBoYXJkLCB3ZWxsLWRlZmluZWQgbnVnZ2V0IG9mIGRh dGEgdGhhdCBpcyDigJxwZXJzb25hbOKAnSBhbmQgZXZlcnl0aGluZyBlbHNlIGlzIG5vdC4gWW91 cg0KIOKAnHBlcnNvbmFsaXR54oCdIGlzIHJlZmxlY3RlZCBpbiBhIGxvdCBvZiBfPGk+YWN0aXZp dHk8L2k+XyBvbiB0aGUgbmV0LCBhbmQgYW55b25lIHdobyBjYW4gZ2F0aGVyIGFuZCBjb3JyZWxh dGUgYWxsIG9mIHRob3NlIGZvb3RwcmludHMga25vd3MgYSBsb3Qgb2YgcGVyc29uYWwgaW5mbyBh Ym91dCB5b3UuIFRydWUsIHlvdXIgbmFtZSBhbmQgbG9jYXRpb24sIHdoZXJlIHlvdSBsaXZlLCBv ciB5b3VyIFNTTiBvciBuYXRpb25hbCBpZGVudGl0eSBudW1iZXINCiBvZiBkcml2ZXJz4oCZIGxp Y2Vuc2UsIHByb3ZpZGUgYSBzdHJvbmdlciBiYXNpcyBmb3IgcHV0dGluZyBhbGwgdGhlc2UgY29y cmVsYXRpb25zIGludG8gYW4gYWN0aW9uYWJsZSBpZGVudGl0eS4gQW5kIHRoYXQgZGF0YSBpcyBv dXQgdGhlcmUgaW4gYSBudW1iZXIgb2YgcGxhY2VzLCB3aG9pcyBpcyByZWxhdGl2ZWx5IHNtYWxs IHBhcnQgb2YgdGhhdCBwcm9ibGVtLiBBIHZlcnkgc21hbGwgcGFydCwgaW4gZmFjdDxvOnA+PC9v OnA+PC9zcGFuPjwvc3Bhbj48L3A+DQo8cCBzdHlsZT0ibWFyZ2luLWJvdHRvbToxMi4wcHQiPjxz cGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7 LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+VGhpcyBpcyBvbmUgb2YgdGhlIHJlYXNvbnMgSSBk b27igJl0IGxpa2UgU3RlcGhhbmll4oCZcyBwcm9wb3NlZCBhcHByb2FjaCAoSSB3aWxsIHRyeSB0 byBhbnN3ZXIgaGVyIG1lc3NhZ2Ugc2VwYXJhdGVseSkuIEluc3RlYWQgb2YgYSBzaW1wbGUgc2Vs Zi1kZXNpZ25hdGlvbg0KIGFzIGxlZ2FsIG9yIG5hdHVyYWwgKGNvbXBhbnkgb3IgaW5kaXZpZHVh bCksIHRoZXkgd2FudCB0byB0cnkgdG8gZm9yY2UgcmVnaXN0cmFycyBpbnRvIGFuIGVsYWJvcmF0 ZSBwcm9jZXNzIG9mIGVsaW1pbmF0aW5nIHBlcnNvbmFsIGRhdGEgZnJvbSB0aGUgcmVjb3JkLiBC dXQgYW55dGhpbmcgY2FuIGJlIHBlcnNvbmFsIGRhdGEuIE9SIHNvbWUgdGhpbmdzIHRoYXQgc2Vl bSB0byBiZSBwZXJzb25hbCBhcmUgbm90IHNvIHBlcnNvbmFsLiBJIHRoaW5rDQogc3VjaCBhIHBy b2Nlc3MgaXMgZ29pbmcgdG8gbWFrZSByZWdpc3RlcmluZyBhIGRvbWFpbiBjb21wbGljYXRlZCBh bmQgZXhwZW5zaXZlIGFuZCB1bHRpbWF0ZWx5IHdpbGwgbm90IHByb3RlY3QgbXVjaC4gV29yc2Us IHN1Y2ggYSBwcm9jZXNzIHdpbGwgYWxzbyBiZSBhIGNhbWVs4oCZcyBub3NlIHVuZGVyIHRoZSB0 ZW50IHByb2Nlc3MgaW4gd2hpY2ggcmVnaXN0cmFycyBhc3N1bWUgbW9yZSBhbmQgbW9yZSByZXNw b25zaWJpbGl0eSBmb3IgZGV0ZXJtaW5pbmcNCiB0aGUgYWNjdXJhY3kgb2YgcmVnaXN0cmF0aW9u IGRhdGEgYW5kIGZvciB2ZXJpZnlpbmcgdGhlIGlkZW50aXR5IG9mIGV2ZXJ5b25lIHdobyByZWdp c3RlcnMuDQo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBzdHlsZT0ibWFyZ2luLWJvdHRvbTox Mi4wcHQiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuNXB0O2ZvbnQtZmFtaWx5OiZxdW90O0Fy aWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+TGV04oCZcyBrZWVwIGl0IHNpbXBs ZSBhbmQgdW5kZXIgdGhlIHJlZ2lzdHJhbnRz4oCZIGNvbnRyb2wuIFRoZSBtb3JlIHlvdSBpbnZv bHZlIHRoaXJkIHBhcnR5IHJ1bGVzIGFuZCByZWd1bGF0aW9ucyBpbiB0aGUgcmVnaXN0cmF0aW9u IHByb2Nlc3MsIHRoZSBtb3JlDQogY29tcGxpY2F0ZWQgYW5kIGV4cGVuc2l2ZSBpdCBiZWNvbWVz LCBhbmQgdGhlIHByaXZhY3kgZ2FpbnMgb2Ygc3VjaCBwcm9jZXNzZXMgYXJlIG1pbmlzY3VsZSwg dGhleSBhcmUgbW9zdGx5IGh5cG90aGV0aWNhbCBhbmQgdGhlb3JldGljYWwuPG86cD48L286cD48 L3NwYW4+PC9wPg0KPHAgc3R5bGU9Im1hcmdpbi1ib3R0b206MTIuMHB0Ij48c3BhbiBzdHlsZT0i Zm9udC1zaXplOjEwLjVwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlm O2NvbG9yOiMxRjQ5N0QiPlNvIEkgdGhpbmsgaXQgaXMgc2ltcGxlc3QgdG8ganVzdCBzYXkgdG8g dGhlIHJlZ2lzdHJhbnQsIGlmIHlvdeKAmXJlIGEgY29tcGFueSBhbmQgZG9u4oCZdCBtaW5kIChv ciBldmVuIHdhbnQpIHlvdXIgZGF0YSB0byBiZSBwdWJsaXNoZWQsIGNoZWNrIHRoaXMgYm94Lg0K IElmIHlvdeKAmXJlIG5vdCwgb3IgeW91IGRvIG1pbmQsIGRvbuKAmXQgY2hlY2sgaXQuIDxvOnA+ PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K --_000_BN7PR07MB4689945DBF332AE7EE61D136A1439BN7PR07MB4689namp_-- ========================================================================= Date: Sun, 25 Apr 2021 19:54:43 +0000 Reply-To: "Mueller, Milton L" <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: "Mueller, Milton L" <[log in to unmask]> Subject: Re: EPDP policy issues X-To: Farzaneh Badiei <[log in to unmask]> In-Reply-To: <[log in to unmask]> Content-Type: multipart/alternative; boundary="_000_BN7PR07MB46894426B6F8514C351E479EA1439BN7PR07MB4689namp_" MIME-Version: 1.0 Message-ID: <[log in to unmask]> --_000_BN7PR07MB46894426B6F8514C351E479EA1439BN7PR07MB4689namp_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 RmFyemFuZWg6DQoNClRoZSBvbmUgdGhpbmcgSSB3YW50IHRvIHByZXZlbnQgd2hlbiBpdCBjb21l cyB0byBsZWdhbCBhbmQgbmF0dXJhbCBkaXN0aW5jdGlvbiBpcyB0byBlbmFibGUgc29tZSBzdGFr ZWhvbGRlcnMgdG8gdXNlIHRoZSBkaXN0aW5jdGlvbiBhcyBhbiBleGN1c2UgZm9yIG1ha2luZyBt b3JlIHJlZ2lzdHJhbnRzIGRhdGEgcHVibGljIGFuZCBhY2Nlc3NpYmxlLg0KDQpPZiBjb3Vyc2Ug dGhhdCBpcyB0aGUgbW90aXZlLCBldmVyeW9uZSBrbm93cyB0aGF0LiBUaGF04oCZcyB3aHkgdGhl IEwvTiBpc3N1ZSBzZXJ2ZXMgYXMgYSBzcGFjZSBmb3Igd2hhdCBtaWdodCB1bHRpbWF0ZWx5IGxl YWQgdG8gYSBjb21wcm9taXNlLiBJZiDigJxzb21lIHN0YWtlaG9sZGVyc+KAnSBjYW4gZ2V0IGFj Y2VzcyB0byBtb3JlIGRhdGEsIGJ1dCB0aGUgZGF0YSBpcyBub3QgdGhlIGtpbmQgb2YgcHJpdmF0 ZSBkYXRhIHdlIGNhcmUgYWJvdXQsIHdlIGNhbiBjb21lIHRvIGFuIGFncmVlbWVudC4NCg0KSSB3 YXMgY29uY2VybmVkIGFib3V0IHRoZSByZWdpc3RyYW50cyBiZWluZyBvYmxpZ2VkIHRvIGlkZW50 aWZ5IHRoZW1zZWx2ZXMgYXMgbGVnYWwgb3IgbmF0dXJhbCBwZXJzb25zLiBUaGlzIHdvdWxkIGhh dmUgYmVlbiB3b3JyeWluZy4gWW91IGFyZSBzYXlpbmcgdGhhdCB0aGV5IGFyZSBub3Qgb2JsaWdl ZCB0bywgd2hpY2ggaXMgZ29vZCwgYnV0IHNvbWUgcmVnaXN0cmFycyB3YW50IHRvIG1ha2UgdGhh dCBkaXN0aW5jdGlvbi4NCg0KWWVzLCB0aGF0IGlzIHRoZSBrZXkgZGlmZmVyZW5jZS4gSSBkbyBu b3Qgd2FudCB0aGlyZCBwYXJ0aWVzIChyZWdpc3RyYXJzIG9yIHJlZ2lzdHJpZXMpIG1ha2luZyB0 aGUgZGlzdGluY3Rpb24gZm9yIG91ciByZWdpc3RyYW50cy4gU3RlcGhhbmllIHNheXMgc2hlIGRv ZXNu4oCZdCBlaXRoZXIsIGJ1dCBlaXRoZXIgc2hlIGhhcyBjaGFuZ2VkIGhlciBwb3NpdGlvbiBv ciB0aGVyZSBpcyBzb21lIHR3aXN0IGluIGhlciBhcmd1bWVudCB0aGF0IHJlZ2lzdHJhbnRzIGNh bm5vdCBtYWtlIGl0IGZvciB0aGVtc2VsdmVzLCB0aGF0IEkgZG8gbm90IHVuZGVyc3RhbmQuDQoN CkkgdGhpbmsgdGhlIG9uZSBzb2x1dGlvbiB3b3VsZCBiZSB0aGF0IHRoZSByZWdpc3RyYXIgc2hv dWxkIG5vdCBwdW5pc2ggYSByZWdpc3RyYW50IHRoYXQgZG9lcyBub3QgcmVzcG9uZCB0byB0aGUg cXVlc3Rpb24gYWJvdXQgYmVpbmcgYSBsZWdhbCBvciBhIG5hdHVyYWwgcGVyc29uIGFuZCBhbHdh eXMgY29uc2lkZXIgc29tZW9uZSB3aG8gZG9lc24ndCByZXNwb25kIHRvIHRoZSBxdWVzdGlvbiwg YSBuYXR1cmFsIHBlcnNvbi4gSGF2ZSB5b3UgZGlzY3Vzc2VkIHRoaXMsIGlzIGl0IHBvc3NpYmxl Pw0KDQpNeSBwcm9wb3NhbCBjb3ZlcnMgdGhhdC4gVGhlIGNob2ljZSB3b3VsZCBub3QgYmU6IEFy ZSB5b3UgTGVnYWwgb3IgTmF0dXJhbCwgcGljayBvbmU/IEl0IHdvdWxkIGJlDQpEbyB5b3UgY2hv b3NlIHRvIGlkZW50aWZ5IHlvdXJzZWxmIGFzIGEgTGVnYWwgcGVyc29uLCBvciBub3Q/IEluIG90 aGVyIHdvcmRzLCBieSBub3QgZGVjbGFyaW5nIGFzIGxlZ2FsLCB5b3UgYXJlIG5vdCBuZWNlc3Nh cmlseSBhc3NlcnRpbmcgdGhhdCB5b3UgYXJlIG5hdHVyYWwgKHlvdSBtaWdodCBiZSBhIGhvbWUg b2ZmaWNlIG9yIGEgb25lLXBlcnNvbiBidXNpbmVzcyBvciBhIHNlbnNpdGl2ZSBkYXRhIGdyb3Vw KSDigJMgeW91IGFyZSBqdXN0IHNheWluZyB5b3UgZG9u4oCZdCB3YW50IHRoZSBSRFMgdG8gdHJl YXQgeW91IGFzIGEgbGVnYWwgcGVyc29uLg0KDQotLU1NDQoNCg== --_000_BN7PR07MB46894426B6F8514C351E479EA1439BN7PR07MB4689namp_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6 IkNhbWJyaWEgTWF0aCI7DQoJcGFub3NlLTE6MiA0IDUgMyA1IDQgNiAzIDIgNDt9DQpAZm9udC1m YWNlDQoJe2ZvbnQtZmFtaWx5OkNhbGlicmk7DQoJcGFub3NlLTE6MiAxNSA1IDIgMiAyIDQgMyAy IDQ7fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseTpWZXJkYW5hOw0KCXBhbm9zZS0xOjIgMTEg NiA0IDMgNSA0IDQgMiA0O30NCi8qIFN0eWxlIERlZmluaXRpb25zICovDQpwLk1zb05vcm1hbCwg bGkuTXNvTm9ybWFsLCBkaXYuTXNvTm9ybWFsDQoJe21hcmdpbjowaW47DQoJbWFyZ2luLWJvdHRv bTouMDAwMXB0Ow0KCWZvbnQtc2l6ZToxMi4wcHQ7DQoJZm9udC1mYW1pbHk6IlRpbWVzIE5ldyBS b21hbiIsc2VyaWY7fQ0KYTpsaW5rLCBzcGFuLk1zb0h5cGVybGluaw0KCXttc28tc3R5bGUtcHJp b3JpdHk6OTk7DQoJY29sb3I6Ymx1ZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCmE6 dmlzaXRlZCwgc3Bhbi5Nc29IeXBlcmxpbmtGb2xsb3dlZA0KCXttc28tc3R5bGUtcHJpb3JpdHk6 OTk7DQoJY29sb3I6cHVycGxlOw0KCXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KcA0KCXtt c28tc3R5bGUtcHJpb3JpdHk6OTk7DQoJbXNvLW1hcmdpbi10b3AtYWx0OmF1dG87DQoJbWFyZ2lu LXJpZ2h0OjBpbjsNCgltc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0bzsNCgltYXJnaW4tbGVmdDow aW47DQoJZm9udC1zaXplOjEyLjBwdDsNCglmb250LWZhbWlseToiVGltZXMgTmV3IFJvbWFuIixz ZXJpZjt9DQpwLm1zb25vcm1hbDAsIGxpLm1zb25vcm1hbDAsIGRpdi5tc29ub3JtYWwwDQoJe21z by1zdHlsZS1uYW1lOm1zb25vcm1hbDsNCgltc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzsNCgltYXJn aW4tcmlnaHQ6MGluOw0KCW1zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvOw0KCW1hcmdpbi1sZWZ0 OjBpbjsNCglmb250LXNpemU6MTIuMHB0Ow0KCWZvbnQtZmFtaWx5OiJUaW1lcyBOZXcgUm9tYW4i LHNlcmlmO30NCnNwYW4uRW1haWxTdHlsZTE5DQoJe21zby1zdHlsZS10eXBlOnBlcnNvbmFsLXJl cGx5Ow0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNlcmlmOw0KCWNvbG9yOiMxRjQ5N0Q7 fQ0KLk1zb0NocERlZmF1bHQNCgl7bXNvLXN0eWxlLXR5cGU6ZXhwb3J0LW9ubHk7DQoJZm9udC1m YW1pbHk6IkNhbGlicmkiLHNhbnMtc2VyaWY7fQ0KQHBhZ2UgV29yZFNlY3Rpb24xDQoJe3NpemU6 OC41aW4gMTEuMGluOw0KCW1hcmdpbjoxLjBpbiAxLjBpbiAxLjBpbiAxLjBpbjt9DQpkaXYuV29y ZFNlY3Rpb24xDQoJe3BhZ2U6V29yZFNlY3Rpb24xO30NCi0tPjwvc3R5bGU+PCEtLVtpZiBndGUg bXNvIDldPjx4bWw+DQo8bzpzaGFwZWRlZmF1bHRzIHY6ZXh0PSJlZGl0IiBzcGlkbWF4PSIxMDI2 IiAvPg0KPC94bWw+PCFbZW5kaWZdLS0+PCEtLVtpZiBndGUgbXNvIDldPjx4bWw+DQo8bzpzaGFw ZWxheW91dCB2OmV4dD0iZWRpdCI+DQo8bzppZG1hcCB2OmV4dD0iZWRpdCIgZGF0YT0iMSIgLz4N CjwvbzpzaGFwZWxheW91dD48L3htbD48IVtlbmRpZl0tLT4NCjwvaGVhZD4NCjxib2R5IGxhbmc9 IkVOLVVTIiBsaW5rPSJibHVlIiB2bGluaz0icHVycGxlIj4NCjxkaXYgY2xhc3M9IldvcmRTZWN0 aW9uMSI+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBw dDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3 RCI+RmFyemFuZWg6PG86cD48L286cD48L3NwYW4+PC9wPg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7VmVyZGFuYSZxdW90 OyxzYW5zLXNlcmlmIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7VmVy ZGFuYSZxdW90OyxzYW5zLXNlcmlmIj5UaGUgb25lIHRoaW5nIEkgd2FudCB0byBwcmV2ZW50IHdo ZW4gaXQgY29tZXMgdG8gbGVnYWwgYW5kIG5hdHVyYWwgZGlzdGluY3Rpb24gaXMgdG8gZW5hYmxl IHNvbWUgc3Rha2Vob2xkZXJzIHRvIHVzZSB0aGUgZGlzdGluY3Rpb24gYXMgYW4gZXhjdXNlIGZv ciBtYWtpbmcgbW9yZSByZWdpc3RyYW50cyBkYXRhIHB1YmxpYyBhbmQNCiBhY2Nlc3NpYmxlLiA8 c3BhbiBzdHlsZT0iY29sb3I6IzFGNDk3RCI+PG86cD48L286cD48L3NwYW4+PC9zcGFuPjwvcD4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQt ZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj48bzpw PiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHls ZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMt c2VyaWY7Y29sb3I6IzFGNDk3RCI+T2YgY291cnNlIHRoYXQgaXMgdGhlIG1vdGl2ZSwgZXZlcnlv bmUga25vd3MgdGhhdC4gVGhhdOKAmXMgd2h5IHRoZSBML04gaXNzdWUgc2VydmVzIGFzIGEgc3Bh Y2UgZm9yIHdoYXQgbWlnaHQgdWx0aW1hdGVseSBsZWFkIHRvIGEgY29tcHJvbWlzZS4gSWYg4oCc c29tZSBzdGFrZWhvbGRlcnPigJ0NCiBjYW4gZ2V0IGFjY2VzcyB0byBtb3JlIGRhdGEsIGJ1dCB0 aGUgZGF0YSBpcyBub3QgdGhlIGtpbmQgb2YgcHJpdmF0ZSBkYXRhIHdlIGNhcmUgYWJvdXQsIHdl IGNhbiBjb21lIHRvIGFuIGFncmVlbWVudC4NCjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5 OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj48bzpwPiZuYnNw OzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7VmVyZGFuYSZxdW90OyxzYW5zLXNlcmlmIj5J IHdhcyBjb25jZXJuZWQgYWJvdXQgdGhlIHJlZ2lzdHJhbnRzIGJlaW5nIG9ibGlnZWQgdG8gaWRl bnRpZnkgdGhlbXNlbHZlcyBhcyBsZWdhbCBvciBuYXR1cmFsIHBlcnNvbnMuIFRoaXMgd291bGQg aGF2ZSBiZWVuIHdvcnJ5aW5nLiBZb3UgYXJlIHNheWluZyB0aGF0IHRoZXkgYXJlIG5vdCBvYmxp Z2VkIHRvLCB3aGljaCBpcw0KIGdvb2QsIGJ1dCBzb21lIHJlZ2lzdHJhcnMgd2FudCB0byBtYWtl IHRoYXQgZGlzdGluY3Rpb24uJm5ic3A7PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1 b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9v OnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNp emU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xv cjojMUY0OTdEIj5ZZXMsIHRoYXQgaXMgdGhlIGtleSBkaWZmZXJlbmNlLiBJIGRvIG5vdCB3YW50 IHRoaXJkIHBhcnRpZXMgKHJlZ2lzdHJhcnMgb3IgcmVnaXN0cmllcykgbWFraW5nIHRoZSBkaXN0 aW5jdGlvbiBmb3Igb3VyIHJlZ2lzdHJhbnRzLiBTdGVwaGFuaWUgc2F5cyBzaGUgZG9lc27igJl0 DQogZWl0aGVyLCBidXQgZWl0aGVyIHNoZSBoYXMgY2hhbmdlZCBoZXIgcG9zaXRpb24gb3IgdGhl cmUgaXMgc29tZSB0d2lzdCBpbiBoZXIgYXJndW1lbnQgdGhhdCByZWdpc3RyYW50cyBjYW5ub3Qg bWFrZSBpdCBmb3IgdGhlbXNlbHZlcywgdGhhdCBJIGRvIG5vdCB1bmRlcnN0YW5kLjxvOnA+PC9v OnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFu IHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtWZXJkYW5hJnF1b3Q7LHNhbnMtc2VyaWYiPjxvOnA+ Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtWZXJkYW5hJnF1b3Q7LHNhbnMtc2Vy aWYiPkkgdGhpbmsgdGhlIG9uZSBzb2x1dGlvbiB3b3VsZCBiZSB0aGF0IHRoZSByZWdpc3RyYXIg c2hvdWxkIG5vdCBwdW5pc2ggYSByZWdpc3RyYW50IHRoYXQgZG9lcyBub3QgcmVzcG9uZCB0byB0 aGUgcXVlc3Rpb24gYWJvdXQgYmVpbmcgYSBsZWdhbCBvciBhIG5hdHVyYWwgcGVyc29uIGFuZCBh bHdheXMgY29uc2lkZXIgc29tZW9uZQ0KIHdobyBkb2Vzbid0IHJlc3BvbmQgdG8gdGhlIHF1ZXN0 aW9uLCBhIG5hdHVyYWwgcGVyc29uLiBIYXZlIHlvdSBkaXNjdXNzZWQgdGhpcywgaXMgaXQgcG9z c2libGU/Jm5ic3A7PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+ PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZx dW90OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwv cD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2Zv bnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj5N eSBwcm9wb3NhbCBjb3ZlcnMgdGhhdC4gVGhlIGNob2ljZSB3b3VsZCBub3QgYmU6IEFyZSB5b3Ug TGVnYWwgb3IgTmF0dXJhbCwgcGljayBvbmU/IEl0IHdvdWxkIGJlPG86cD48L286cD48L3NwYW4+ PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7 Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0Qi PkRvIHlvdSBjaG9vc2UgdG8gaWRlbnRpZnkgeW91cnNlbGYgYXMgYSBMZWdhbCBwZXJzb24sIG9y IG5vdD8gSW4gb3RoZXIgd29yZHMsIGJ5IG5vdCBkZWNsYXJpbmcgYXMgbGVnYWwsIHlvdSBhcmUg bm90IG5lY2Vzc2FyaWx5IGFzc2VydGluZyB0aGF0IHlvdSBhcmUgbmF0dXJhbA0KICh5b3UgbWln aHQgYmUgYSBob21lIG9mZmljZSBvciBhIG9uZS1wZXJzb24gYnVzaW5lc3Mgb3IgYSBzZW5zaXRp dmUgZGF0YSBncm91cCkg4oCTIHlvdSBhcmUganVzdCBzYXlpbmcgeW91IGRvbuKAmXQgd2FudCB0 aGUgUkRTIHRvIHRyZWF0IHlvdSBhcyBhIGxlZ2FsIHBlcnNvbi4NCjxvOnA+PC9vOnA+PC9zcGFu PjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0 O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdE Ij48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh biBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7 LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+LS1NTTxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwv ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWls eTomcXVvdDtWZXJkYW5hJnF1b3Q7LHNhbnMtc2VyaWYiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFu PjwvcD4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvYm9keT4NCjwvaHRtbD4NCg== --_000_BN7PR07MB46894426B6F8514C351E479EA1439BN7PR07MB4689namp_-- ========================================================================= Date: Sun, 25 Apr 2021 21:05:22 +0000 Reply-To: "Mueller, Milton L" <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: "Mueller, Milton L" <[log in to unmask]> Subject: Re: EPDP policy issues X-To: Stephanie E Perrin <[log in to unmask]> In-Reply-To: <[log in to unmask]> Content-Type: multipart/alternative; boundary="_000_BN7PR07MB4689DC0F2828F77C624DCDE1A1439BN7PR07MB4689namp_" MIME-Version: 1.0 Message-ID: <[log in to unmask]> --_000_BN7PR07MB4689DC0F2828F77C624DCDE1A1439BN7PR07MB4689namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Stephanie: I knew that you were against what I was proposing but until now I did not k= now what you were actually for. This is seemingly cleared up in the email b= elow. In my response I will first clarify some of the misunderstandings you= have about the issue, then I will take a critical look at the proposal you= have made. >At no time have I ever suggested that it would be acceptable for registrar= s to overrule my designation of >myself as a natural person, or in the case= of a legal person, a statement that the contact data of employees >needs t= o be protected because it contains personal data. I could provide evidence to the contrary. If you are backing away from that= position now, it's good, we will have an easier time coming to an agreemen= t. If we agree on this, you will then agree that the "3rd scenario" in the= current Guidance should be deleted, as I have suggested? A yes or no would= be good. >So to push all data of legal persons into a published registry is neither = necessary or sound policy. But that is not what we are debating. My idea gives legal persons who do no= t want to identify themselves as legal persons the right not to. No one is = being pushed. >Now lets talk about how difficult it is to differentiate between legal per= sons and individuals. Milton makes it sound easy Again, you seem to misunderstand the issue that is before us. We are not pr= omoting a process of "differentiating between legal and natural persons" We= are promoting an ability to "Self-designate" as a legal person, if you wan= t to. That is not hard at all. That is tremendously easy, if you do it the = way I am proposing. If you say you are a legal person, the RDS treats you a= s one. If you don't, it doesn't. You go on to raise valid concerns about the complexity of registering a dom= ain. Surprisingly, this is followed by a proposals that would make the situ= ation worse! Here is how I interpret what you are proposing: I am using your own words t= o characterize your position, so I think it should be correct, but if it's = not let me know in your response: a) individuals who register a domain must knowledgeably attest to one= of the following statements i. they are an individual, and = if they choose to publish their personal information they are doing so in f= ull knowledge of the risks and what will happen to their data ii. that they are responsible fo= r a legal person's registrations, and that they can attest to the fact that= no personal information is being disclosed in the registration. b) if the contracted parties feel there might be an error in the desi= gnation of "legal person" they should err on the side of caution and protec= t their customer's data OK. Now we have a basis for comparison. Note, first that item b) directly contradicts your claim that the registran= t's decision cannot be overridden. The registrar would have the authority t= o look at what data they entered, decide it's wrong, and change it. This im= plies that the registrars are carefully reviewing every registrants' record= at the point of registration, checking out what choices they make, and mak= ing a decision about its validity. This is not a slippery slope, you are at= the bottom of the hill already. Note also how meaningless it is to say to = "err on the side of caution". Many registrars will err on the side of the l= owest expense. Other registrars may be told by their government to differen= tiate. Note, too that your "attestations" in a) and b) are actually trying to diff= erentiate between legal and natural persons. In your criticism of my propos= al, you said it was really difficult to do that. You raised many complicati= ons and procedural non-uniformities in the registration process. You said t= hat not all jurisdictions recognize the term, You said registrants can't un= derstand all that stuff. But here we see that your solution doubles down on= the process of differentiation and makes it all legally actionable. You are forcing - pushing was your word - registrants to make two legally c= onsequential attestations that are far more complicated than asking them wh= ether they are a company. Then you are asking the registrar to check the ac= curacy of those attestations. I think we really want to avoid that. It is a= gainst the interests of both registrars and their customers. What happens if the person making the registration and attests (as in b) th= at there is no personal information, and they turn out to be wrong? Are the= y legally liable for violating their attestation? Thanks, Steph, for crimin= alizing domain name registration. >I believe that if the contracted parties, who are the data controllers in = this situation and therefore own the >risk and the liability attendant with= this decision, have to do this verification or trust the decision of the >= registrant, we will see either rising costs of domain names (if they do it = right) or the same kind of opt-in >situation we see throughout the world no= w, where people opt in to things without understanding their >risk. The proposal of yours that I outlined above would make the registration pro= cess more risky to BOTH registrars and registrants. You are asking for lega= l attestations, creating administrative burden and risk, but you will not p= rotect any more data. In fact, your option would likely protect fewer regis= trant records, because in my plan people who really are legal persons but d= on't want to declare as such can do so, whereas under your plan they are be= ing put under the microscope and forced to make a legal attestation that th= ey are one or the other. This would also be drastically more costly. Two attestations by the registr= ant, a review of the choices made by the registrar, a possibility of the re= gistrar overruling it, this is all really complicated, non-automatable stuf= f. So I would have to conclude by saying that you need to reconsider your posi= tion, and take a closer look at the real consequences of it. Then compare i= t to mine. I look forward to your support on that. Here is another key difference between us: >There is no need to compromise, and while I understand Milton's desire to = compromise, >I see absolutely no need to do so here. You say we just stick to our position. This is actually your strongest poin= t and it's one we need to face directly. It probably overrides all the othe= rs. I will address it in another message. --_000_BN7PR07MB4689DC0F2828F77C624DCDE1A1439BN7PR07MB4689namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr= osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:= //www.w3.org/TR/REC-html40"> <head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"= > <meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)"> <style><!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} @font-face {font-family:Consolas; panose-1:2 11 6 9 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:"Calibri",sans-serif;} a:link, span.MsoHyperlink {mso-style-priority:99; color:#0563C1; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:#954F72; text-decoration:underline;} p {mso-style-priority:99; mso-margin-top-alt:auto; margin-right:0in; mso-margin-bottom-alt:auto; margin-left:0in; font-size:12.0pt; font-family:"Times New Roman",serif;} pre {mso-style-priority:99; mso-style-link:"HTML Preformatted Char"; margin:0in; margin-bottom:.0001pt; font-size:10.0pt; font-family:"Courier New";} span.HTMLPreformattedChar {mso-style-name:"HTML Preformatted Char"; mso-style-priority:99; mso-style-link:"HTML Preformatted"; font-family:Consolas;} p.msonormal0, li.msonormal0, div.msonormal0 {mso-style-name:msonormal; mso-style-priority:99; mso-margin-top-alt:auto; margin-right:0in; mso-margin-bottom-alt:auto; margin-left:0in; font-size:12.0pt; font-family:"Times New Roman",serif;} span.EmailStyle21 {mso-style-type:personal; font-family:"Calibri",sans-serif; color:windowtext;} span.EmailStyle22 {mso-style-type:personal-reply; font-family:"Calibri",sans-serif; color:#1F497D;} .MsoChpDefault {mso-style-type:export-only; font-size:10.0pt;} @page WordSection1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.WordSection1 {page:WordSection1;} /* List Definitions */ @list l0 {mso-list-id:394015413; mso-list-type:hybrid; mso-list-template-ids:1911443670 67698711 67698713 67698715 67698703 67698= 713 67698715 67698703 67698713 67698715;} @list l0:level1 {mso-level-number-format:alpha-lower; mso-level-text:"%1\)"; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l0:level2 {mso-level-number-format:alpha-lower; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l0:level3 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-9.0pt;} @list l0:level4 {mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l0:level5 {mso-level-number-format:alpha-lower; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l0:level6 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-9.0pt;} @list l0:level7 {mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l0:level8 {mso-level-number-format:alpha-lower; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l0:level9 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-9.0pt;} @list l1 {mso-list-id:1880433648; mso-list-type:hybrid; mso-list-template-ids:-989929156 67698711 67698715 67698715 67698703 67698= 713 67698715 67698703 67698713 67698715;} @list l1:level1 {mso-level-number-format:alpha-lower; mso-level-text:"%1\)"; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l1:level2 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-.25in;} @list l1:level3 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-9.0pt;} @list l1:level4 {mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l1:level5 {mso-level-number-format:alpha-lower; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l1:level6 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-9.0pt;} @list l1:level7 {mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l1:level8 {mso-level-number-format:alpha-lower; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l1:level9 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-9.0pt;} ol {margin-bottom:0in;} ul {margin-bottom:0in;} --></style><!--[if gte mso 9]><xml> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1027" /> </xml><![endif]--><!--[if gte mso 9]><xml> <o:shapelayout v:ext=3D"edit"> <o:idmap v:ext=3D"edit" data=3D"1" /> </o:shapelayout></xml><![endif]--> </head> <body lang=3D"EN-US" link=3D"#0563C1" vlink=3D"#954F72"> <div class=3D"WordSection1"> <p><span style=3D"font-family:"Calibri",sans-serif;color:#1F497D"= >Stephanie:<o:p></o:p></span></p> <p><span style=3D"font-family:"Calibri",sans-serif;color:#1F497D"= >I knew that you were against what I was proposing but until now I did not = know what you were actually for. This is seemingly cleared up in the email = below. In my response I will first clarify some of the misunderstandings you have about the issue, then I will take a crit= ical look at the proposal you have made.<o:p></o:p></span></p> <p><span style=3D"color:#1F497D">></span>At no time have I ever suggeste= d that it would be acceptable for registrars to overrule my designation of <span style=3D"color:#1F497D">></span>myself as a natural person, or in = the case of a legal person, a statement that the contact data of employees <span style=3D"color:#1F497D">></span>needs to be protected because it c= ontains personal data.<span style=3D"color:#1F497D"><o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F497D">I could provide evidence to the contrary. If you are back= ing away from that position now, it’s good, we will have an easier ti= me coming to an agreement. If we agree on this, you will then agree that the “3<sup>rd</sup> scenario” in the curr= ent Guidance should be deleted, as I have suggested? A yes or no would be g= ood.<o:p></o:p></span></p> <p><span style=3D"color:#1F497D">></span>So to push all data of legal pe= rsons into a published registry is neither necessary or sound policy.<span = style=3D"color:#1F497D"><o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F497D">But that is not what we are debating. My idea gives legal= persons who do not want to identify themselves as legal persons the right = not to. No one is being pushed. <o:p></o:p></span></p> <p><span style=3D"color:#1F497D">></span>Now lets talk about how difficu= lt it is to differentiate between legal persons and individuals.<span style= =3D"color:#1F497D"> </span>Milton makes it sound easy<span style=3D"color:#1F497D"><o:p></o:p><= /span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F497D">Again, you seem to misunderstand the issue that is before= us. We are not promoting a process of “differentiating between legal= and natural persons” We are promoting an ability to “Self-designate” as a legal person, if you want to. That is= not hard at all. That is tremendously easy, if you do it the way I am prop= osing. If you say you are a legal person, the RDS treats you as one. If you= don’t, it doesn’t. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F497D">You go on to raise valid concerns about the complexity of= registering a domain. Surprisingly, this is followed by a proposals that w= ould make the situation worse! <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F497D">Here is how I interpret what you are proposing: I am usin= g your own words to characterize your position, so I think it should be cor= rect, but if it’s not let me know in your response:<o:p></o:p></span>= </p> <p style=3D"margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo2"><!= [if !supportLists]><span style=3D"font-size:10.0pt;font-family:"Calibr= i",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-= style-textfill-fill-alpha:100.0%"><span style=3D"mso-list:Ignore">a)<span s= tyle=3D"font:7.0pt "Times New Roman""> &nb= sp; </span></span></span><![endif]><span style=3D"font-size:11.0pt;font-family:= "Calibri",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:= #1F4E79;mso-style-textfill-fill-alpha:100.0%">individuals who register a do= main must knowledgeably attest to one of the following statements</span><span style=3D"font-size:10.0pt;font-family:&qu= ot;Calibri",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F= 4E79;mso-style-textfill-fill-alpha:100.0%"><o:p></o:p></span></p> <p style=3D"margin-left:1.0in;text-indent:-1.0in;mso-text-indent-alt:-.25in= ;mso-list:l1 level2 lfo4"> <![if !supportLists]><span style=3D"font-size:10.0pt;font-family:"Cali= bri",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;ms= o-style-textfill-fill-alpha:100.0%"><span style=3D"mso-list:Ignore"><span s= tyle=3D"font:7.0pt "Times New Roman""> &nb= sp; = &nb= sp; </span>i.<span style=3D"font:7.0pt "Times New Roman"">  = ; </span></span></spa= n><![endif]><span style=3D"font-size:11.0pt;font-family:"Calibri"= ,sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-t= extfill-fill-alpha:100.0%">they are an individual, and if they choose to publish their personal information th= ey are doing so in full knowledge of the risks and what will happen to thei= r data</span><span style=3D"font-size:10.0pt;font-family:"Calibri"= ;,sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-= textfill-fill-alpha:100.0%"><o:p></o:p></span></p> <p style=3D"margin-left:1.0in;text-indent:-1.0in;mso-text-indent-alt:-.25in= ;mso-list:l1 level2 lfo4"> <![if !supportLists]><span style=3D"font-size:10.0pt;font-family:"Cali= bri",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;ms= o-style-textfill-fill-alpha:100.0%"><span style=3D"mso-list:Ignore"><span s= tyle=3D"font:7.0pt "Times New Roman""> &nb= sp; = &nb= sp; </span>ii.<span style=3D"font:7.0pt "Times New Roman""> &nbs= p; </span></span></sp= an><![endif]><span style=3D"font-size:10.0pt;font-family:"Calibri"= ;,sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-= textfill-fill-alpha:100.0%">that they are responsible for a legal person's registrations, and that they can atte= st to the fact that no personal information is being disclosed in the regis= tration.<o:p></o:p></span></p> <p style=3D"margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo2"><!= [if !supportLists]><span style=3D"font-size:9.0pt;font-family:"Calibri= ",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-s= tyle-textfill-fill-alpha:100.0%"><span style=3D"mso-list:Ignore">b)<span st= yle=3D"font:7.0pt "Times New Roman""> &nbs= p; </span></span></span><![endif]><span style=3D"font-size:11.0pt;font-family:= "Calibri",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:= #1F4E79;mso-style-textfill-fill-alpha:100.0%">if the contracted parties fee= l there might be an error in the designation of "legal person" they should err on the side of caution and pro= tect their customer's data</span><span style=3D"font-size:9.0pt;font-family= :"Calibri",sans-serif;color:#1F4E79;mso-style-textfill-fill-color= :#1F4E79;mso-style-textfill-fill-alpha:100.0%"><o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-textfill-f= ill-alpha:100.0%">OK. Now we have a basis for comparison. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-textfill-f= ill-alpha:100.0%">Note, first that item b) directly contradicts your claim = that the registrant’s decision cannot be overridden. The registrar would have the authority to look at what data they entered, = decide it’s wrong, and change it. This implies that the registrars ar= e carefully reviewing every registrants’ record at the point of regis= tration, checking out what choices they make, and making a decision about its validity. This is not a slippery slope, yo= u are at the bottom of the hill already. Note also how meaningless it is to= say to “err on the side of caution”. Many registrars will err = on the side of the lowest expense. Other registrars may be told by their government to differentiate. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-textfill-f= ill-alpha:100.0%">Note, too that your “attestations” in a) and = b) are actually trying to differentiate between legal and natural persons. In your criticism of my proposal, you said it was really = difficult to do that. You raised many complications and procedural non-unif= ormities in the registration process. You said that not all jurisdictions r= ecognize the term, You said registrants can’t understand all that stuff. But here we see that your solution = doubles down on the process of differentiation and makes it all legally act= ionable. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-textfill-f= ill-alpha:100.0%">You are forcing – pushing was your word - registran= ts to make two legally consequential attestations that are far more complicated than asking them whether they are a company.= Then you are asking the registrar to check the accuracy of those attestati= ons. I think we really want to avoid that. It is against the interests of b= oth registrars and their customers. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-textfill-f= ill-alpha:100.0%">What happens if the person making the registration and at= tests (as in b) that there is no personal information, and they turn out to be wrong? Are they legally liable for violating their= attestation? Thanks, Steph, for criminalizing domain name registration.&nb= sp; <o:p></o:p></span></p> <p><span style=3D"color:#1F497D">></span>I believe that if the contracte= d parties, who are the data controllers in this situation and therefore own= the <span style=3D"color:#1F497D">></span>risk and the liability attendant w= ith this decision, have to do this verification or trust the decision of th= e <span style=3D"color:#1F497D">></span>registrant, we will see either ris= ing costs of domain names (if they do it right) or the same kind of opt-in <span style=3D"color:#1F497D">></span>situation we see throughout the wo= rld now, where people opt in to things without understanding their <span style=3D"color:#1F497D">></span>risk.<span style=3D"color:#1F497D"= ><o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F497D">The proposal of yours that I outlined above would make th= e registration process more risky to BOTH registrars and registrants. You a= re asking for legal attestations, creating administrative burden and risk, but you will not protect any more data. In fact, your opt= ion would likely protect fewer registrant records, because in my plan peopl= e who really are legal persons but don’t want to declare as such can = do so, whereas under your plan they are being put under the microscope and forced to make a legal attestation that= they are one or the other. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F497D">This would also be drastically more costly. Two attestati= ons by the registrant, a review of the choices made by the registrar, a pos= sibility of the registrar overruling it, this is all really complicated, non-automatable stuff.<o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F497D">So I would have to conclude by saying that you need to re= consider your position, and take a closer look at the real consequences of = it. Then compare it to mine. I look forward to your support on that. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F497D">Here is another key difference between us:<o:p></o:p></sp= an></p> <p><span style=3D"color:#1F497D">></span>There is no need to compromise,= and while I understand Milton's desire to compromise, <span style=3D"color:#1F497D"><o:p></o:p></span></p> <p><span style=3D"color:#1F497D">></span>I see absolutely no need to do = so here. <span style=3D"color:#1F497D"> <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-ser= if;color:#1F497D">You say we just stick to our position. This is actually y= our strongest point and it’s one we need to face directly. It probabl= y overrides all the others. I will address it in another message. <o:p></o:p></span></p> </div> </body> </html> --_000_BN7PR07MB4689DC0F2828F77C624DCDE1A1439BN7PR07MB4689namp_-- ========================================================================= Date: Mon, 26 Apr 2021 10:52:22 +0800 Reply-To: =?UTF-8?B?6Zmz5pu86Iy5IE1hbmp1IENoZW4=?= <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: =?UTF-8?B?6Zmz5pu86Iy5IE1hbmp1IENoZW4=?= <[log in to unmask]> Subject: Re: EPDP policy issues X-To: "Mueller, Milton L" <[log in to unmask]> In-Reply-To: <[log in to unmask]> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="000000000000c6f72505c0d73c59" Message-ID: <[log in to unmask]> --000000000000c6f72505c0d73c59 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi everyone, This is Manju Chen. I'm also one of your representatives on the EPDP. I'm happy to see this thread going as it clears many misunderstandings and confusions. I have to admit I wasn't sure about what either Milton or Stephanie's proposal was about before seeing their elaboration on the mailing list. Thinking people might feel as confused as I did, below I will try to provide a summary of the disagreements in the hope of furthering the group's discussion on the issue. First of all, I think the disagreement boils down to 2 major questions. 1. Should we allow the 3rd scenario in the current guidance write-up? 2. Should we concede to the 'legal vs. natural' distinction? To discuss question 1, we have to firstly know what 'the 3rd scenario' is about. In the EPDP, we are currently discussing a 'guidance' (not a requirement) for CPs who wish to distinguish between legal vs. natural persons. 3 scenarios were proposed in the guidance: 1. Registrant (data subject) self-identification at time of data collection / registration 2. Registrant (data subject) self-identification after initial collectio= n 3. Registrar determines type based on data provided The 3rd scenario is where we're having problems with. To give more context, the current 3rd scenario write-up is as below: - The Registrar collects Registration Data and provisionally redacts the data. - The Registrar uses collected data to infer legal or natural person type. - If legal person is inferred by the Registrar and subsequently the Registrant (data subject) is informed (per guidance #3 above) and confir= ms that no personal data is present, the Registrar should (i) contact the provided contact details to verify the Registrant claim (ii) sets the registration data set to automated disclosure in response to SSAD querie= s and (iii) publishes the data. - If the Registrar has inferred natural person or has detected personal data, the Registrar must not disclose registration data unless the Registrant provides consent for publication or the Registrar Discloses t= he data in response to a legitimate disclosure request. Milton thinks we should not allow this scenario because it denies registrants the right to self-designation. A counterpoint might be made that staff has added the instruction for registrars to 'contact the registrant to verify' to mitigate the harm of possible wrong designation by the registrars. Stephanie seems to be OK with this scenario. (This was my impression, I might be wrong. Please feel free to correct me if I am Stephanie.) Her argument is that registrars should be able to reduce their risk by adjusting registrants' wrong self-designation. The counterpoint here is that this is not a 'registrant identifies and then checked by registrars' scenario. In summary, I think the question we should answer here is: - *Does the NCSG allow the scenario where 'registrars determine registrant's person type without providing registrants the option of doi= ng it themselves first'?* Now we come to question 2. The current guidance proposes a 2-step approach to distinguish between natural vs. legal persons: 1. Ask registrant to identify as natural or legal. 2. If legal, ask registrant to confirm whether there is personal information in the data provided. If yes, data redacted. If no, data published. Note that this is a 'guidance', not mandatory requirements. Registrars will only do it when they wish to make the distinction. Also note that we're arguing for publish as 'automatic disclosure via SSAD', not publicly available online for everyone. The disagreement here: Milton supports the 2-step approach. He agrees with the first step because it is the necessary political compromise to make to reach consensus within EPDP. (Again, please feel free to correct me if I misunderstood.) Stephanie opposes the 2-step approach. She argues that person type is hard to define, which leads to 2 points: a) we should just ask whether the data contains personal data, and b) registrars should be able to overrule registrant's self-designation to protect them. In summary, the questions we are asking here: - *Do we agree with the 2-step approach on the premise that a) it stays as only guidance and b) registrants are given the option to 'not identif= y as either'?* - *Or, do we stick to 'no distinction between natural and legal persons, only check the data types'?* - *Do we agree registrars should be able to overrule registrants' self-designation? This has to be on the premise of 'registrar only overrules to hide and not disclose', but currently there's no such langu= age in the policy.* Hope this helps! Best, Manju On Mon, Apr 26, 2021 at 5:11 AM Mueller, Milton L <[log in to unmask]> wrote= : > Stephanie: > > I knew that you were against what I was proposing but until now I did not > know what you were actually for. This is seemingly cleared up in the emai= l > below. In my response I will first clarify some of the misunderstandings > you have about the issue, then I will take a critical look at the proposa= l > you have made. > > >At no time have I ever suggested that it would be acceptable for > registrars to overrule my designation of >myself as a natural person, or > in the case of a legal person, a statement that the contact data of > employees >needs to be protected because it contains personal data. > > I could provide evidence to the contrary. If you are backing away from > that position now, it=E2=80=99s good, we will have an easier time coming = to an > agreement. If we agree on this, you will then agree that the =E2=80=9C3r= d > scenario=E2=80=9D in the current Guidance should be deleted, as I have su= ggested? A > yes or no would be good. > > >So to push all data of legal persons into a published registry is > neither necessary or sound policy. > > But that is not what we are debating. My idea gives legal persons who do > not want to identify themselves as legal persons the right not to. No one > is being pushed. > > >Now lets talk about how difficult it is to differentiate between legal > persons and individuals. Milton makes it sound easy > > Again, you seem to misunderstand the issue that is before us. We are not > promoting a process of =E2=80=9Cdifferentiating between legal and natural= persons=E2=80=9D > We are promoting an ability to =E2=80=9CSelf-designate=E2=80=9D as a lega= l person, if you > want to. That is not hard at all. That is tremendously easy, if you do it > the way I am proposing. If you say you are a legal person, the RDS treats > you as one. If you don=E2=80=99t, it doesn=E2=80=99t. > > You go on to raise valid concerns about the complexity of registering a > domain. Surprisingly, this is followed by a proposals that would make the > situation worse! > > Here is how I interpret what you are proposing: I am using your own words > to characterize your position, so I think it should be correct, but if it= =E2=80=99s > not let me know in your response: > > a) individuals who register a domain must knowledgeably attest to > one of the following statements > > i. they are an individual, > and if they choose to publish their personal information they are doing s= o > in full knowledge of the risks and what will happen to their data > > ii. that they are responsible > for a legal person's registrations, and that they can attest to the fact > that no personal information is being disclosed in the registration. > > b) if the contracted parties feel there might be an error in the > designation of "legal person" they should err on the side of caution and > protect their customer's data > > OK. Now we have a basis for comparison. > > Note, first that item b) directly contradicts your claim that the > registrant=E2=80=99s decision cannot be overridden. The registrar would h= ave the > authority to look at what data they entered, decide it=E2=80=99s wrong, a= nd change > it. This implies that the registrars are carefully reviewing every > registrants=E2=80=99 record at the point of registration, checking out wh= at choices > they make, and making a decision about its validity. This is not a slippe= ry > slope, you are at the bottom of the hill already. Note also how meaningle= ss > it is to say to =E2=80=9Cerr on the side of caution=E2=80=9D. Many regist= rars will err on > the side of the lowest expense. Other registrars may be told by their > government to differentiate. > > Note, too that your =E2=80=9Cattestations=E2=80=9D in a) and b) are actua= lly trying to > differentiate between legal and natural persons. In your criticism of my > proposal, you said it was really difficult to do that. You raised many > complications and procedural non-uniformities in the registration process= . > You said that not all jurisdictions recognize the term, You said > registrants can=E2=80=99t understand all that stuff. But here we see that= your > solution doubles down on the process of differentiation and makes it all > legally actionable. > > You are forcing =E2=80=93 pushing was your word - registrants to make two= legally > consequential attestations that are far more complicated than asking them > whether they are a company. Then you are asking the registrar to check th= e > accuracy of those attestations. I think we really want to avoid that. It = is > against the interests of both registrars and their customers. > > What happens if the person making the registration and attests (as in b) > that there is no personal information, and they turn out to be wrong? Are > they legally liable for violating their attestation? Thanks, Steph, for > criminalizing domain name registration. > > >I believe that if the contracted parties, who are the data controllers > in this situation and therefore own the >risk and the liability attendant > with this decision, have to do this verification or trust the decision of > the >registrant, we will see either rising costs of domain names (if they > do it right) or the same kind of opt-in >situation we see throughout the > world now, where people opt in to things without understanding their > > risk. > > The proposal of yours that I outlined above would make the registration > process more risky to BOTH registrars and registrants. You are asking for > legal attestations, creating administrative burden and risk, but you will > not protect any more data. In fact, your option would likely protect fewe= r > registrant records, because in my plan people who really are legal person= s > but don=E2=80=99t want to declare as such can do so, whereas under your p= lan they > are being put under the microscope and forced to make a legal attestation > that they are one or the other. > > This would also be drastically more costly. Two attestations by the > registrant, a review of the choices made by the registrar, a possibility = of > the registrar overruling it, this is all really complicated, > non-automatable stuff. > > So I would have to conclude by saying that you need to reconsider your > position, and take a closer look at the real consequences of it. Then > compare it to mine. I look forward to your support on that. > > Here is another key difference between us: > > >There is no need to compromise, and while I understand Milton's desire > to compromise, > > >I see absolutely no need to do so here. > > You say we just stick to our position. This is actually your strongest > point and it=E2=80=99s one we need to face directly. It probably override= s all the > others. I will address it in another message. > --000000000000c6f72505c0d73c59 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div dir=3D"ltr"><div class=3D"gmail_default" style=3D"fon= t-size:small"><font face=3D"arial, sans-serif">Hi everyone, <br><br>This is= Manju Chen. I'm also one of your representatives on the EPDP. I'm = happy to see this thread going as it clears many misunderstandings and conf= usions. I have to admit I wasn't sure about what either Milton or Steph= anie's proposal was about before seeing their elaboration on the mailin= g list. =C2=A0<br><br>Thinking people might feel as confused as I did, belo= w I will try to provide a summary of the disagreements in the hope of furth= ering the group's discussion on the issue.<br><br>First of all, I think= the disagreement boils down to 2 major questions.<br></font><ol style=3D""= ><li><font face=3D"arial, sans-serif">Should we allow the 3rd scenario in t= he current guidance write-up?</font></li><li><font face=3D"arial, sans-seri= f">Should we concede to the 'legal vs. natural' distinction?</font>= </li></ol><font face=3D"arial, sans-serif"><br>To discuss question 1, we ha= ve to firstly know what 'the 3rd scenario' is about.<br>In the EPDP= , we are currently discussing a 'guidance' (not a requirement) for = CPs who wish to distinguish between legal vs. natural persons. 3 scenarios = were proposed in the guidance:<br></font><ol style=3D""><li><font face=3D"a= rial, sans-serif">Registrant (data subject) self-identification at time of = data collection / registration</font></li><li><font face=3D"arial, sans-ser= if">Registrant (data subject) self-identification after initial collection<= /font></li><li><font face=3D"arial, sans-serif">Registrar determines type b= ased on data provided</font></li></ol><font face=3D"arial, sans-serif"><br>= The 3rd scenario is where we're having problems with. To give more cont= ext, the current 3rd scenario write-up is as below:<br></font><ul style=3D"= "><li><font face=3D"arial, sans-serif">The Registrar collects Registration = Data and provisionally redacts the data.</font></li><li><font face=3D"arial= , sans-serif">The Registrar uses collected data to infer legal or natural p= erson type.</font></li><li><font face=3D"arial, sans-serif">If legal person= is inferred by the Registrar and subsequently the Registrant (data subject= ) is informed (per guidance #3 above) and confirms that no personal data is= present, the Registrar should (i) contact the provided contact details to = verify the Registrant claim (ii) sets the registration data set to automate= d disclosure in response to SSAD queries and (iii) publishes the data. </fo= nt></li><li><font face=3D"arial, sans-serif">If the Registrar has inferred = natural person or has detected personal data, the Registrar must not disclo= se registration data unless the Registrant provides consent for publication= or the Registrar Discloses the data in response to a legitimate disclosure= request.</font></li></ul><font face=3D"arial, sans-serif">Milton thinks we= should not allow this scenario because it denies registrants the right to = self-designation. A counterpoint might be made that staff has added the ins= truction for registrars to 'contact the registrant to verify' to mi= tigate the harm of possible wrong designation by the registrars.</font></di= v><div class=3D"gmail_default" style=3D"font-size:small"><font face=3D"aria= l, sans-serif"><br>Stephanie seems to be OK with this scenario. (This was m= y impression, I might be wrong. Please feel free to correct me if I am Step= hanie.) Her argument is that registrars should be able to reduce their risk= by adjusting registrants' wrong self-designation. The counterpoint her= e is that this is not a 'registrant identifies and then checked by regi= strars' scenario.<br><br>In summary, I think the question we should ans= wer here is:<br><ul><li><font face=3D"arial, sans-serif"><b><u>Does the NCS= G allow the scenario where 'registrars determine registrant's perso= n type without providing registrants the option of doing it themselves firs= t'?</u></b></font></li></ul><br>Now we come to question 2. The current = guidance proposes a 2-step approach to distinguish between natural vs. lega= l persons:<br><ol><li><font face=3D"arial, sans-serif">Ask registrant to id= entify as natural or legal.</font></li><li><font face=3D"arial, sans-serif"= >If legal, ask registrant to confirm whether there is personal information = in the data provided. If yes, data redacted. If no, data published.</font><= /li></ol>Note that this is a 'guidance', not mandatory requirements= . Registrars will only do it when they wish to make the distinction. Also n= ote that we're arguing for publish as 'automatic disclosure via SSA= D', not publicly available online for everyone. <br><br>The disagreemen= t here:</font></div><div class=3D"gmail_default" style=3D"font-size:small">= <font face=3D"arial, sans-serif"><br>Milton supports the 2-step approach. H= e agrees with the first step because it is the necessary political compromi= se to make to reach consensus within EPDP. (Again, please feel free to corr= ect me if I misunderstood.)=C2=A0</font></div><div class=3D"gmail_default" = style=3D"font-size:small"><font face=3D"arial, sans-serif"><br>Stephanie op= poses the 2-step approach. She argues that person type is hard to define, w= hich leads to 2 points: a) we should just ask whether the data contains per= sonal data, and b) registrars should be able to overrule registrant's s= elf-designation to protect them.<br>=C2=A0 <br>In summary, the questions we= are asking here:<br><ul><li><font face=3D"arial, sans-serif"><b><u>Do we a= gree with the 2-step approach on the premise that a) it stays as only guida= nce and b) registrants are given the option to 'not identify as either&= #39;?</u></b></font></li><li><font face=3D"arial, sans-serif"><b><u>Or, do = we stick to 'no distinction between natural and legal persons, only che= ck the data types'?</u></b></font></li><li><font face=3D"arial, sans-se= rif"><b><u>Do we agree registrars should be able to overrule registrants= 9; self-designation? This has to be on the premise of 'registrar only o= verrules to hide and not disclose', but currently there's no such l= anguage in the policy.</u></b></font></li></ul><br>Hope this helps! <br><br= ></font></div><font face=3D"arial, sans-serif"><span class=3D"gmail_default= " style=3D"font-family:georgia,serif;font-size:small">Best,</span></font></= div><div><font face=3D"arial, sans-serif"><span class=3D"gmail_default" sty= le=3D"font-family:georgia,serif;font-size:small">Manju</span><br></font></d= iv><font face=3D"arial, sans-serif"><br></font><div class=3D"gmail_quote"><= div dir=3D"ltr" class=3D"gmail_attr"><font face=3D"arial, sans-serif">On Mo= n, Apr 26, 2021 at 5:11 AM Mueller, Milton L <<a href=3D"mailto:milton@g= atech.edu">[log in to unmask]</a>> wrote:<br></font></div><blockquote cla= ss=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid = rgb(204,204,204);padding-left:1ex"> <div lang=3D"EN-US"> <div class=3D"gmail-m_1570404167473597983WordSection1"> <p><span style=3D"color:rgb(31,73,125)"><font face=3D"arial, sans-serif">St= ephanie:<u></u><u></u></font></span></p> <p><span style=3D"color:rgb(31,73,125)"><font face=3D"arial, sans-serif">I = knew that you were against what I was proposing but until now I did not kno= w what you were actually for. This is seemingly cleared up in the email bel= ow. In my response I will first clarify some of the misunderstandings you have about the issue, then I will take a crit= ical look at the proposal you have made.<u></u><u></u></font></span></p> <p><font face=3D"arial, sans-serif"><span style=3D"color:rgb(31,73,125)">&g= t;</span>At no time have I ever suggested that it would be acceptable for r= egistrars to overrule my designation of <span style=3D"color:rgb(31,73,125)">></span>myself as a natural person,= or in the case of a legal person, a statement that the contact data of emp= loyees <span style=3D"color:rgb(31,73,125)">></span>needs to be protected becau= se it contains personal data.<span style=3D"color:rgb(31,73,125)"><u></u><u= ></u></span></font></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)"><font face=3D"arial,= sans-serif">I could provide evidence to the contrary. If you are backing a= way from that position now, it=E2=80=99s good, we will have an easier time = coming to an agreement.=C2=A0 If we agree on this, you will then agree that the =E2=80=9C3<sup>rd</sup> scenario=E2=80=9D in the = current Guidance should be deleted, as I have suggested? A yes or no would = be good.<u></u><u></u></font></span></p> <p><font face=3D"arial, sans-serif"><span style=3D"color:rgb(31,73,125)">&g= t;</span>So to push all data of legal persons into a published registry is = neither necessary or sound policy.<span style=3D"color:rgb(31,73,125)"><u><= /u><u></u></span></font></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)"><font face=3D"arial,= sans-serif">But that is not what we are debating. My idea gives legal pers= ons who do not want to identify themselves as legal persons the right not t= o. No one is being pushed. <u></u><u></u></font></span></p> <p><font face=3D"arial, sans-serif"><span style=3D"color:rgb(31,73,125)">&g= t;</span>Now lets talk about how difficult it is to differentiate between l= egal persons and individuals.<span style=3D"color:rgb(31,73,125)"> </span>Milton makes it sound easy<span style=3D"color:rgb(31,73,125)"><u></= u><u></u></span></font></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)"><font face=3D"arial,= sans-serif">Again, you seem to misunderstand the issue that is before us. = We are not promoting a process of =E2=80=9Cdifferentiating between legal an= d natural persons=E2=80=9D We are promoting an ability to =E2=80=9CSelf-designate=E2=80=9D as a legal person, if you want to. Tha= t is not hard at all. That is tremendously easy, if you do it the way I am = proposing. If you say you are a legal person, the RDS treats you as one. If= you don=E2=80=99t, it doesn=E2=80=99t. <u></u><u></u></font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)"><font face=3D"arial,= sans-serif">You go on to raise valid concerns about the complexity of regi= stering a domain. Surprisingly, this is followed by a proposals that would = make the situation worse! <u></u><u></u></font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)"><font face=3D"arial,= sans-serif">Here is how I interpret what you are proposing: I am using you= r own words to characterize your position, so I think it should be correct,= but if it=E2=80=99s not let me know in your response:<u></u><u></u></font>= </span></p> <p style=3D"margin-left:0.5in"><font face=3D"arial, sans-serif"><u></u><spa= n style=3D"font-size:10pt;color:rgb(31,78,121)"><span>a)<span style=3D"font= -style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fo= nt-size:7pt;line-height:normal">=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 </span></span></span><u></u><span style=3D"font-size:11pt;color:rgb(31,78,1= 21)">individuals who register a domain must knowledgeably attest to one of = the following statements</span><span style=3D"font-size:10pt;color:rgb(31,78,1= 21)"><u></u><u></u></span></font></p> <p style=3D"margin-left:1in"> <font face=3D"arial, sans-serif"><u></u><span style=3D"font-size:10pt;color= :rgb(31,78,121)"><span><span style=3D"font-style:normal;font-variant:normal= ;font-weight:normal;font-stretch:normal;font-size:7pt;line-height:normal">= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 </span>i.<span style=3D"font-style:normal;font-variant:normal;font-weight:n= ormal;font-stretch:normal;font-size:7pt;line-height:normal">=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 </span></span></span><u= ></u><span style=3D"font-size:11pt;color:rgb(31,78,121)">they are an individual, and if they choose to publish their personal information th= ey are doing so in full knowledge of the risks and what will happen to thei= r data</span><span style=3D"font-size:10pt;color:rgb(31,78,121)"><u></u><u>= </u></span></font></p> <p style=3D"margin-left:1in"> <font face=3D"arial, sans-serif"><u></u><span style=3D"font-size:10pt;color= :rgb(31,78,121)"><span><span style=3D"font-style:normal;font-variant:normal= ;font-weight:normal;font-stretch:normal;font-size:7pt;line-height:normal">= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 </span>ii.<span style=3D"font-style:normal;font-variant:normal;font-weight:= normal;font-stretch:normal;font-size:7pt;line-height:normal">=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 </span></span></span= ><u></u><span style=3D"font-size:10pt;color:rgb(31,78,121)">that they are responsible for a legal person's registrations, and that they can = attest to the fact that no personal information is being disclosed in the r= egistration.<u></u><u></u></span></font></p> <p style=3D"margin-left:0.5in"><font face=3D"arial, sans-serif"><u></u><spa= n style=3D"font-size:9pt;color:rgb(31,78,121)"><span>b)<span style=3D"font-= style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;fon= t-size:7pt;line-height:normal">=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 </span></span></span><u></u><span style=3D"font-size:11pt;color:rgb(31,78,1= 21)">if the contracted parties feel there might be an error in the designat= ion of "legal person" they should err on the side of caution and pro= tect their customer's data</span><span style=3D"font-size:9pt;color:rgb= (31,78,121)"><u></u><u></u></span></font></p> <p><span style=3D"font-size:11pt;color:rgb(31,78,121)"><font face=3D"arial,= sans-serif">OK. Now we have a basis for comparison. <u></u><u></u></font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,78,121)"><font face=3D"arial,= sans-serif">Note, first that item b) directly contradicts your claim that = the registrant=E2=80=99s decision cannot be overridden. The registrar would have the authority to look at what data they entered, = decide it=E2=80=99s wrong, and change it. This implies that the registrars = are carefully reviewing every registrants=E2=80=99 record at the point of r= egistration, checking out what choices they make, and making a decision about its validity. This is not a slippery slope, yo= u are at the bottom of the hill already. Note also how meaningless it is to= say to =E2=80=9Cerr on the side of caution=E2=80=9D. Many registrars will = err on the side of the lowest expense. Other registrars may be told by their government to differentiate. <u></u><u></u></font></s= pan></p> <p><span style=3D"font-size:11pt;color:rgb(31,78,121)"><font face=3D"arial,= sans-serif">Note, too that your =E2=80=9Cattestations=E2=80=9D in a) and b= ) are actually trying to differentiate between legal and natural persons. In your criticism of my proposal, you said it was really = difficult to do that. You raised many complications and procedural non-unif= ormities in the registration process. You said that not all jurisdictions r= ecognize the term, You said registrants can=E2=80=99t understand all that stuff. But here we see that your solutio= n doubles down on the process of differentiation and makes it all legally a= ctionable. <u></u><u></u></font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,78,121)"><font face=3D"arial,= sans-serif">You are forcing =E2=80=93 pushing was your word - registrants = to make two legally consequential attestations that are far more complicated than asking them whether they are a company.= Then you are asking the registrar to check the accuracy of those attestati= ons. I think we really want to avoid that. It is against the interests of b= oth registrars and their customers. <u></u><u></u></font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,78,121)"><font face=3D"arial,= sans-serif">What happens if the person making the registration and attests= (as in b) that there is no personal information, and they turn out to be wrong? Are they legally liable for violating their= attestation? Thanks, Steph, for criminalizing domain name registration.=C2= =A0 <u></u><u></u></font></span></p> <p><font face=3D"arial, sans-serif"><span style=3D"color:rgb(31,73,125)">&g= t;</span>I believe that if the contracted parties, who are the data control= lers in this situation and therefore own the <span style=3D"color:rgb(31,73,125)">></span>risk and the liability atte= ndant with this decision, have to do this verification or trust the decisio= n of the <span style=3D"color:rgb(31,73,125)">></span>registrant, we will see eit= her rising costs of domain names (if they do it right) or the same kind of = opt-in <span style=3D"color:rgb(31,73,125)">></span>situation we see throughout= the world now, where people opt in to things without understanding their <span style=3D"color:rgb(31,73,125)">></span>risk.<span style=3D"color:r= gb(31,73,125)"><u></u><u></u></span></font></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)"><font face=3D"arial,= sans-serif">The proposal of yours that I outlined above would make the reg= istration process more risky to BOTH registrars and registrants. You are as= king for legal attestations, creating administrative burden and risk, but you will not protect any more data. In fact, your opt= ion would likely protect fewer registrant records, because in my plan peopl= e who really are legal persons but don=E2=80=99t want to declare as such ca= n do so, whereas under your plan they are being put under the microscope and forced to make a legal attestation that= they are one or the other.=C2=A0 <u></u><u></u></font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)"><font face=3D"arial,= sans-serif">This would also be drastically more costly. Two attestations b= y the registrant, a review of the choices made by the registrar, a possibil= ity of the registrar overruling it, this is all really complicated, non-automatable stuff.<u></u><u></u></font></sp= an></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)"><font face=3D"arial,= sans-serif">So I would have to conclude by saying that you need to reconsi= der your position, and take a closer look at the real consequences of it. T= hen compare it to mine. I look forward to your support on that. <u></u><u></u></font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)"><font face=3D"arial,= sans-serif">Here is another key difference between us:<u></u><u></u></font= ></span></p> <p><font face=3D"arial, sans-serif"><span style=3D"color:rgb(31,73,125)">&g= t;</span>There is no need to compromise, and while I understand Milton'= s desire to compromise, <span style=3D"color:rgb(31,73,125)"><u></u><u></u></span></font></p> <p><font face=3D"arial, sans-serif"><span style=3D"color:rgb(31,73,125)">&g= t;</span>I see absolutely no need to do so here.=C2=A0 <span style=3D"color= :rgb(31,73,125)"> <u></u><u></u></span></font></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)"><font face=3D"arial,= sans-serif">You say we just stick to our position. This is actually your s= trongest point and it=E2=80=99s one we need to face directly. It probably o= verrides all the others. I will address it in another message. </font><font face=3D"Calibri, sans-serif"><u></u><u></u></font></= span></p> </div> </div> </blockquote></div></div> --000000000000c6f72505c0d73c59-- ========================================================================= Date: Mon, 26 Apr 2021 08:40:27 -0400 Reply-To: Stephanie E Perrin <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: Stephanie E Perrin <[log in to unmask]> Subject: Re: EPDP policy issues X-To: =?UTF-8?B?6Zmz5pu86Iy5IE1hbmp1IENoZW4=?= <[log in to unmask]>, Kim von Arx <[log in to unmask]> In-Reply-To: <[log in to unmask]> Content-Type: multipart/alternative; boundary="------------F5D566D5697CC9FA2404C1EC" MIME-Version: 1.0 Message-ID: <[log in to unmask]> --------------F5D566D5697CC9FA2404C1EC Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Manju, thanks so much for this very helpful summary!=C2=A0 I think you ha= ve=20 seized most of the key elements, as Milton and I continue to talk past=20 each other, it would seem.=C2=A0 I consulted one of our long time members= ,=20 Kim von Arx, who replied but seems to have been unable to post to the=20 list.=C2=A0 Dr von Arx practices law in London, and has considerable=20 experience in GDPR compliance and as former legal counsel at CIRA, the=20 Canadian cctld.=C2=A0 Here is his response, I think he sees the delta of = our=20 differing views in a similar way to your own summary. Kind regards, Stephanie Perrin Dear Noncommercials, I have not participated in the discussions and activities of the NCSG=20 for quite a few years, but I have seen this recent discussion between=20 Stephanie and Milton and being a tech, privacy, and IP lawyer myself=20 this topic is very close to my heart. I can see both sides of the argument to a degree and as I understand it,=20 the delta between the two views is really not that big at all.=C2=A0 I=20 understand and if I am correct I completely agree with both positions: 1. Milton suggests that the natural RANT should be entitled to make=20 his/her/their own determination re: his/her/their status; 2. Stephanie suggests that the natural RANT should be entitled to make=20 his/her/their own determination re: his/her/their status, *BUT*=C2=A0argu= es=20 that RARs should keep a vigilant eye out to make sure that the natural=20 RANT has not selected legal RANT status by accident or out of=20 ignorance.=C2=A0 This, of course does not and must not apply the other wa= y.=C2=A0=20 Therefore, this is a safety net for the natural RANT. I think this makes sense and protects the natural RANT.=C2=A0 At the end = of=20 the day our position should aways be =E2=80=9Cerr on the side of protecti= ng=E2=80=9D.=C2=A0=20 As Stephanie pointed out correctly this does not mean it is now locked=20 in Fort Knox or some such, but that it is protected from quick and dirty=20 exploitation by and because of administrative protection. The magic will=20 be, btw, how this is going to be implemented in the real world, i.e.,=20 how RARs make the determination and assessment and introduces the checks=20 and balances.=C2=A0 I suggest the one way may be: 1. self selection; and if legal RANT, then 2. Have a double check online binary questionnaire that will then=20 determine, based on the responses, whether he/she/they self selected=20 properly as legal RAR. Anyway, if it was my call, I would, as I had implemented CIRA=E2=80=99s p= rivacy=20 practice back in the early 2000s, start with the position of all=20 information is protected until there is clear reason for not doing so=20 and, of course, a clear process to get access to the information if=20 there is good reason to do so.=C2=A0 But, as I said, we should always err= on=20 the side of protecting PII provided there is always a legitimate and=20 auditable process to have access to it for good and sound reasons. Anyway, my two cents on this. Best wishes, Kim [log in to unmask] <mailto:[log in to unmask]> +44 7473 506060 On 2021-04-25 10:52 p.m., =E9=99=B3=E6=9B=BC=E8=8C=B9 Manju Chen wrote: > *EXTERNAL EMAIL:* > Hi everyone, > > This is Manju Chen. I'm also one of your representatives on the EPDP.=20 > I'm happy to see this thread going as it clears many misunderstandings=20 > and confusions. I have to admit I wasn't sure about what either Milton=20 > or Stephanie's proposal was about before seeing their elaboration on=20 > the mailing list. > > Thinking people might feel as confused as I did, below I will try to=20 > provide a summary of the disagreements in the hope of furthering the=20 > group's discussion on the issue. > > First of all, I think the disagreement boils down to 2 major questions. > > 1. Should we allow the 3rd scenario in the current guidance write-up? > 2. Should we concede to the 'legal vs. natural' distinction? > > > To discuss question 1, we have to firstly know what 'the 3rd scenario'=20 > is about. > In the EPDP, we are currently discussing a 'guidance' (not a=20 > requirement) for CPs who wish to distinguish between legal vs. natural=20 > persons. 3 scenarios were proposed in the guidance: > > 1. Registrant (data subject) self-identification at time of data > collection / registration > 2. Registrant (data subject) self-identification after initial collect= ion > 3. Registrar determines type based on data provided > > > The 3rd scenario is where we're having problems with. To give more=20 > context, the current 3rd scenario write-up is as below: > > * The Registrar collects Registration Data and provisionally redacts > the data. > * The Registrar uses collected data to infer legal or natural person > type. > * If legal person is inferred by the Registrar and subsequently the > Registrant (data subject) is informed (per guidance #3 above) and > confirms that no personal data is present, the Registrar should > (i) contact the provided contact details to verify the Registrant > claim (ii) sets the registration data set to automated disclosure > in response to SSAD queries and (iii) publishes the data. > * If the Registrar has inferred natural person or has detected > personal data, the Registrar must not disclose registration data > unless the Registrant provides consent for publication or the > Registrar Discloses the data in response to a legitimate > disclosure request. > > Milton thinks we should not allow this scenario because it denies=20 > registrants the right to self-designation. A counterpoint might be=20 > made that staff has added the instruction for registrars to 'contact=20 > the registrant to verify' to mitigate the harm of possible wrong=20 > designation by the registrars. > > Stephanie seems to be OK with this scenario. (This was my impression,=20 > I might be wrong. Please feel free to correct me if I am Stephanie.)=20 > Her argument is that registrars should be able to reduce their risk by=20 > adjusting registrants' wrong self-designation. The counterpoint here=20 > is that this is not a 'registrant identifies and then checked by=20 > registrars' scenario. > > In summary, I think the question we should answer here is: > > * *_Does the NCSG allow the scenario where 'registrars determine > registrant's person type without providing registrants the option > of doing it themselves first'?_* > > > Now we come to question 2. The current guidance proposes a 2-step=20 > approach to distinguish between natural vs. legal persons: > > 1. Ask registrant to identify as natural or legal. > 2. If legal, ask registrant to confirm whether there is personal > information in the data provided. If yes, data redacted. If no, > data published. > > Note that this is a 'guidance', not mandatory requirements. Registrars=20 > will only do it when they wish to make the distinction. Also note that=20 > we're arguing for publish as 'automatic disclosure via SSAD', not=20 > publicly available online for everyone. > > The disagreement here: > > Milton supports the 2-step approach. He agrees with the first step=20 > because it is the necessary political compromise to make to reach=20 > consensus within EPDP. (Again, please feel free to correct me if I=20 > misunderstood.) > > Stephanie opposes the 2-step approach. She argues that person type is=20 > hard to define, which leads to 2 points: a) we should just ask whether=20 > the data contains personal data, and b) registrars should be able to=20 > overrule registrant's self-designation to protect them. > > In summary, the questions we are asking here: > > * *_Do we agree with the 2-step approach on the premise that a) it > stays as only guidance and b) registrants are given the option to > 'not identify as either'?_* > * *_Or, do we stick to 'no distinction between natural and legal > persons, only check the data types'?_* > * *_Do we agree registrars should be able to overrule registrants' > self-designation? This has to be on the premise of 'registrar only > overrules to hide and not disclose', but currently there's no such > language in the policy._* > > > Hope this helps! > > Best, > Manju > > On Mon, Apr 26, 2021 at 5:11 AM Mueller, Milton L <[log in to unmask] > <mailto:[log in to unmask]>> wrote: > > Stephanie: > > I knew that you were against what I was proposing but until now I > did not know what you were actually for. This is seemingly cleared > up in the email below. In my response I will first clarify some of > the misunderstandings you have about the issue, then I will take a > critical look at the proposal you have made. > > >At no time have I ever suggested that it would be acceptable for > registrars to overrule my designation of >myself as a natural > person, or in the case of a legal person, a statement that the > contact data of employees >needs to be protected because it > contains personal data. > > I could provide evidence to the contrary. If you are backing away > from that position now, it=E2=80=99s good, we will have an easier t= ime > coming to an agreement.=C2=A0 If we agree on this, you will then ag= ree > that the =E2=80=9C3^rd scenario=E2=80=9D in the current Guidance sh= ould be > deleted, as I have suggested? A yes or no would be good. > > >So to push all data of legal persons into a published registry is > neither necessary or sound policy. > > But that is not what we are debating. My idea gives legal persons > who do not want to identify themselves as legal persons the right > not to. No one is being pushed. > > >Now lets talk about how difficult it is to differentiate between > legal persons and individuals.Milton makes it sound easy > > Again, you seem to misunderstand the issue that is before us. We > are not promoting a process of =E2=80=9Cdifferentiating between leg= al and > natural persons=E2=80=9D We are promoting an ability to =E2=80=9CSe= lf-designate=E2=80=9D > as a legal person, if you want to. That is not hard at all. That > is tremendously easy, if you do it the way I am proposing. If you > say you are a legal person, the RDS treats you as one. If you > don=E2=80=99t, it doesn=E2=80=99t. > > You go on to raise valid concerns about the complexity of > registering a domain. Surprisingly, this is followed by a > proposals that would make the situation worse! > > Here is how I interpret what you are proposing: I am using your > own words to characterize your position, so I think it should be > correct, but if it=E2=80=99s not let me know in your response: > > a)individuals who register a domain must knowledgeably attest to > one of the following statements > > i.they are an individual, and if they choose to publish their > personal information they are doing so in full knowledge of the > risks and what will happen to their data > > ii.that they are responsible for a legal person's registrations, > and that they can attest to the fact that no personal information > is being disclosed in the registration. > > b)if the contracted parties feel there might be an error in the > designation of "legal person" they should err on the side of > caution and protect their customer's data > > OK. Now we have a basis for comparison. > > Note, first that item b) directly contradicts your claim that the > registrant=E2=80=99s decision cannot be overridden. The registrar w= ould > have the authority to look at what data they entered, decide it=E2=80= =99s > wrong, and change it. This implies that the registrars are > carefully reviewing every registrants=E2=80=99 record at the point = of > registration, checking out what choices they make, and making a > decision about its validity. This is not a slippery slope, you are > at the bottom of the hill already. Note also how meaningless it is > to say to =E2=80=9Cerr on the side of caution=E2=80=9D. Many regist= rars will err > on the side of the lowest expense. Other registrars may be told by > their government to differentiate. > > Note, too that your =E2=80=9Cattestations=E2=80=9D in a) and b) are= actually > trying to differentiate between legal and natural persons. In your > criticism of my proposal, you said it was really difficult to do > that. You raised many complications and procedural > non-uniformities in the registration process. You said that not > all jurisdictions recognize the term, You said registrants can=E2=80= =99t > understand all that stuff. But here we see that your solution > doubles down on the process of differentiation and makes it all > legally actionable. > > You are forcing =E2=80=93 pushing was your word - registrants to ma= ke two > legally consequential attestations that are far more complicated > than asking them whether they are a company. Then you are asking > the registrar to check the accuracy of those attestations. I think > we really want to avoid that. It is against the interests of both > registrars and their customers. > > What happens if the person making the registration and attests (as > in b) that there is no personal information, and they turn out to > be wrong? Are they legally liable for violating their attestation? > Thanks, Steph, for criminalizing domain name registration. __ > > >I believe that if the contracted parties, who are the data > controllers in this situation and therefore own the >risk and the > liability attendant with this decision, have to do this > verification or trust the decision of the >registrant, we will see > either rising costs of domain names (if they do it right) or the > same kind of opt-in >situation we see throughout the world now, > where people opt in to things without understanding their >risk. > > The proposal of yours that I outlined above would make the > registration process more risky to BOTH registrars and > registrants. You are asking for legal attestations, creating > administrative burden and risk, but you will not protect any more > data. In fact, your option would likely protect fewer registrant > records, because in my plan people who really are legal persons > but don=E2=80=99t want to declare as such can do so, whereas under = your > plan they are being put under the microscope and forced to make a > legal attestation that they are one or the other. > > This would also be drastically more costly. Two attestations by > the registrant, a review of the choices made by the registrar, a > possibility of the registrar overruling it, this is all really > complicated, non-automatable stuff. > > So I would have to conclude by saying that you need to reconsider > your position, and take a closer look at the real consequences of > it. Then compare it to mine. I look forward to your support on that= . > > Here is another key difference between us: > > >There is no need to compromise, and while I understand Milton's > desire to compromise, > > >I see absolutely no need to do so here. > > You say we just stick to our position. This is actually your > strongest point and it=E2=80=99s one we need to face directly. It p= robably > overrides all the others. I will address it in another message. > --------------F5D566D5697CC9FA2404C1EC Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8"> </head> <body> <p>Manju, thanks so much for this very helpful summary! I think= you have seized most of the key elements, as Milton and I continue to talk past each other, it would seem. I consulted one of our l= ong time members, Kim von Arx, who replied but seems to have been unable to post to the list. Dr von Arx practices law in Londo= n, and has considerable experience in GDPR compliance and as former legal counsel at CIRA, the Canadian cctld. Here is his respon= se, I think he sees the delta of our differing views in a similar way to your own summary.</p> <p>Kind regards, Stephanie Perrin<br> </p> <div dir=3D"auto"><br> </div> <div dir=3D"auto"><br> </div> <div dir=3D"auto"> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= >Dear Noncommercials, </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= ><br> </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= >I have not participated in the discussions and activities of the NCSG for quite a few years, but I have seen this recent discussion between Stephanie and Milton and being a tech, privacy, and IP lawyer myself this topic is very close to my heart. </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= ><br> </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= >I can see both sides of the argument to a degree and as I understand it, the delta between the two views is really not that big at all. I understand and if I am correct I complet= ely agree with both positions: </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= ><br> </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= >1. Milton suggests that the natural RANT should be entitled to make his/her/their own determination re: his/her/their status; </= div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= >2. Stephanie suggests that the natural RANT should be entitled to make his/her/their own determination re: his/her/their status,&nb= sp;<b>BUT</b> argues that RARs should keep a vigilant eye out to make sure that the natural RANT has not selected legal RANT status by accident or out of ignorance. This, of course does not and must not app= ly the other way. Therefore, this is a safety net for the natu= ral RANT. </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= ><br> </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= >I think this makes sense and protects the natural RANT. At th= e end of the day our position should aways be =E2=80=9Cerr on the s= ide of protecting=E2=80=9D. As Stephanie pointed out correctly thi= s does not mean it is now locked in Fort Knox or some such, but that it is protected from quick and dirty exploitation by and because of administrative protection. The magic will be, btw, how this is going to be implemented in the real world, i.e., how RARs make the determination and assessment and introduces the checks and balances. I suggest the one way may be: </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= ><br> </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= >1. self selection; and if legal RANT, then</div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= >2. Have a double check online binary questionnaire that will then determine, based on the responses, whether he/she/they self selected properly as legal RAR. </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= ><br> </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= >Anyway, if it was my call, I would, as I had implemented CIRA=E2=80=99s p= rivacy practice back in the early 2000s, start with the position of all information is protected until there is clear reason for not doing so and, of course, a clear process to get access to the information if there is good reason to do so. But, as I sai= d, we should always err on the side of protecting PII provided there is always a legitimate and auditable process to have access to it for good and sound reasons. </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= ><br> </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= >Anyway, my two cents on this. </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= ><br> </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= >Best wishes, </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= ><br> </div> <div style=3D"font-family:sans-serif;font-size:12.8px" dir=3D"auto"= >Kim </div> <div dir=3D"auto"><br> <div data-smartmail=3D"gmail_signature" dir=3D"auto"><a href=3D"m= ailto:[log in to unmask]">[log in to unmask]</a><br> +44 7473 506060</div> </div> </div> <div class=3D"moz-cite-prefix">On 2021-04-25 10:52 p.m., =E9=99=B3=E6= =9B=BC=E8=8C=B9 Manju Chen wrote:<br> </div> <blockquote type=3D"cite" cite=3D"mid:CAMeQZi27qh6DLdGNNmu7Yg-UN_zxfM= [log in to unmask]"> =20 <div style=3D"font-size: 10pt; font-family: sans-serif; color: white; font-style: normal; font-weight: bold; padding: .2em;"> <strong><span style=3D"color: #c75000;">EXTERNAL EMAIL:</span></s= trong></div> <div> <div dir=3D"ltr"> <div dir=3D"ltr"> <div class=3D"gmail_default" style=3D"font-size:small"><font = face=3D"arial, sans-serif">Hi everyone, <br> <br> This is Manju Chen. I'm also one of your representatives on the EPDP. I'm happy to see this thread going as it clears many misunderstandings and confusions. I have to admit I wasn't sure about what either Milton or Stephanie's proposal was about before seeing their elaboration on the mailing list. <br> <br> Thinking people might feel as confused as I did, below I will try to provide a summary of the disagreements in the hope of furthering the group's discussion on the issue.<br> <br> First of all, I think the disagreement boils down to 2 major questions.<br> </font> <ol style=3D""> <li><font face=3D"arial, sans-serif">Should we allow the 3rd scenario in the current guidance write-up?</font>= </li> <li><font face=3D"arial, sans-serif">Should we concede to the 'legal vs. natural' distinction?</font></li> </ol> <font face=3D"arial, sans-serif"><br> To discuss question 1, we have to firstly know what 'the 3rd scenario' is about.<br> In the EPDP, we are currently discussing a 'guidance' (not a requirement) for CPs who wish to distinguish between legal vs. natural persons. 3 scenarios were proposed in the guidance:<br> </font> <ol style=3D""> <li><font face=3D"arial, sans-serif">Registrant (data subject) self-identification at time of data collection / registration</font></li> <li><font face=3D"arial, sans-serif">Registrant (data subject) self-identification after initial collection</font></li> <li><font face=3D"arial, sans-serif">Registrar determines type based on data provided</font></li> </ol> <font face=3D"arial, sans-serif"><br> The 3rd scenario is where we're having problems with. To give more context, the current 3rd scenario write-up is as below:<br> </font> <ul style=3D""> <li><font face=3D"arial, sans-serif">The Registrar collects Registration Data and provisionally redacts the data.</font></li> <li><font face=3D"arial, sans-serif">The Registrar uses collected data to infer legal or natural person type.</font></li> <li><font face=3D"arial, sans-serif">If legal person is inferred by the Registrar and subsequently the Registrant (data subject) is informed (per guidance #3 above) and confirms that no personal data is present, the Registrar should (i) contact the provided contact details to verify the Registrant claim (ii) sets the registration data set to automated disclosure in response to SSAD queries and (iii) publishes the data. </font></li> <li><font face=3D"arial, sans-serif">If the Registrar has inferred natural person or has detected personal data, the Registrar must not disclose registration data unless the Registrant provides consent for publication or the Registrar Discloses the data in response to a legitimate disclosure request.</font></= li> </ul> <font face=3D"arial, sans-serif">Milton thinks we should no= t allow this scenario because it denies registrants the right to self-designation. A counterpoint might be made that staff has added the instruction for registrars to 'contact the registrant to verify' to mitigate the harm of possible wrong designation by the registrars.</font></= div> <div class=3D"gmail_default" style=3D"font-size:small"><font = face=3D"arial, sans-serif"><br> Stephanie seems to be OK with this scenario. (This was my impression, I might be wrong. Please feel free to correct me if I am Stephanie.) Her argument is that registrars should be able to reduce their risk by adjusting registrants' wrong self-designation. The counterpoint here is that this is not a 'registrant identifies and then checked by registrars' scenario.<br> <br> In summary, I think the question we should answer here is:<br> <ul> <li><font face=3D"arial, sans-serif"><b><u>Does the NCS= G allow the scenario where 'registrars determine registrant's person type without providing registrants the option of doing it themselves first'?</u></b></font></li> </ul> <br> Now we come to question 2. The current guidance proposes a 2-step approach to distinguish between natural vs. legal persons:<br> <ol> <li><font face=3D"arial, sans-serif">Ask registrant to identify as natural or legal.</font></li> <li><font face=3D"arial, sans-serif">If legal, ask registrant to confirm whether there is personal information in the data provided. If yes, data redacted. If no, data published.</font></li> </ol> Note that this is a 'guidance', not mandatory requirements. Registrars will only do it when they wish to make the distinction. Also note that we're arguing for publish as 'automatic disclosure via SSAD', not publicly available online for everyone. <br> <br> The disagreement here:</font></div> <div class=3D"gmail_default" style=3D"font-size:small"><font = face=3D"arial, sans-serif"><br> Milton supports the 2-step approach. He agrees with the first step because it is the necessary political compromise to make to reach consensus within EPDP. (Again, please feel free to correct me if I misunderstood.) </font></div> <div class=3D"gmail_default" style=3D"font-size:small"><font = face=3D"arial, sans-serif"><br> Stephanie opposes the 2-step approach. She argues that person type is hard to define, which leads to 2 points: a) we should just ask whether the data contains personal data, and b) registrars should be able to overrule registrant's self-designation to protect them.<br> <br> In summary, the questions we are asking here:<br> <ul> <li><font face=3D"arial, sans-serif"><b><u>Do we agree with the 2-step approach on the premise that a) it stays as only guidance and b) registrants are given the option to 'not identify as either'?</u></b></font></li> <li><font face=3D"arial, sans-serif"><b><u>Or, do we stick to 'no distinction between natural and legal persons, only check the data types'?</u><= /b></font></li> <li><font face=3D"arial, sans-serif"><b><u>Do we agree registrars should be able to overrule registrants' self-designation? This has to be on the premise of 'registrar only overrules to hide and not disclose', but currently there's no such language in the policy.</u></b></font><= /li> </ul> <br> Hope this helps! <br> <br> </font></div> <font face=3D"arial, sans-serif"><span class=3D"gmail_default= " style=3D"font-family:georgia,serif;font-size:small">Best,</span></font>= </div> <div><font face=3D"arial, sans-serif"><span class=3D"gmail_defa= ult" style=3D"font-family:georgia,serif;font-size:small">Manju</span><br> </font></div> <font face=3D"arial, sans-serif"><br> </font> <div class=3D"gmail_quote"> <div dir=3D"ltr" class=3D"gmail_attr"><font face=3D"arial, sans-serif">On Mon, Apr 26, 2021 at 5:11 AM Mueller, Milton L <<a href=3D"mailto:[log in to unmask]" moz-do-= not-send=3D"true">[log in to unmask]</a>> wrote:<br> </font></div> <blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> <div lang=3D"EN-US"> <div class=3D"gmail-m_1570404167473597983WordSection1"> <p><span style=3D"color:rgb(31,73,125)"><font face=3D"a= rial, sans-serif">Stephanie:</font></span></p> <p><span style=3D"color:rgb(31,73,125)"><font face=3D"a= rial, sans-serif">I knew that you were against what I was proposing but until now I did not know what you were actually for. This is seemingly cleared up in the email below. In my response I will first clarify some of the misunderstandings you have about the issue, then I will take a critical look at the proposal you have made.</font></span></p> <p><font face=3D"arial, sans-serif"><span style=3D"colo= r:rgb(31,73,125)">></span>At no time have I ever suggested that it would be acceptable for registrars to overrule my designation of <span style=3D"color:rgb(31,73,125)">></span>mys= elf as a natural person, or in the case of a legal person, a statement that the contact data of employees <span style=3D"color:rgb(31,73,125)">></span>nee= ds to be protected because it contains personal data.<= span style=3D"color:rgb(31,73,125)"></span></font></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)">= <font face=3D"arial, sans-serif">I could provide evidence to the contrary. If you are backing away from that position now, it=E2=80=99s good, w= e will have an easier time coming to an agreement. = If we agree on this, you will then agree that the =E2=80=9C3<sup>rd</sup> scenario=E2=80=9D in the = current Guidance should be deleted, as I have suggested? A yes or no would be good.</font></span></p> <p><font face=3D"arial, sans-serif"><span style=3D"colo= r:rgb(31,73,125)">></span>So to push all data of legal persons into a published registry is neither necessary or sound policy.<span= style=3D"color:rgb(31,73,125)"></span></font></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)">= <font face=3D"arial, sans-serif">But that is not what we are debating. My idea gives legal persons who do not want to identify themselves as legal persons the right not to. No one is being pushed. </font></span></p> <p><font face=3D"arial, sans-serif"><span style=3D"colo= r:rgb(31,73,125)">></span>Now lets talk about how difficult it is to differentiate between legal persons and individuals.<span style=3D= "color:rgb(31,73,125)"> </span>Milton makes it sound easy<span style=3D"col= or:rgb(31,73,125)"></span></font></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)">= <font face=3D"arial, sans-serif">Again, you seem to misunderstand the issue that is before us. We are not promoting a process of =E2=80=9Cdifferent= iating between legal and natural persons=E2=80=9D We are promoting an ability to =E2=80=9CSelf-designate=E2= =80=9D as a legal person, if you want to. That is not hard at all. That is tremendously easy, if you do it the way I am proposing. If you say you are a legal person, the RDS treats you as one. If you don=E2=80=99t, it doesn=E2=80=99t. </font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)">= <font face=3D"arial, sans-serif">You go on to raise valid concerns about the complexity of registering a domain. Surprisingly, this is followed by a proposals that would make the situation worse! </font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)">= <font face=3D"arial, sans-serif">Here is how I interpret what you are proposing: I am using your own words to characterize your position, so I think it should be correct, but if it=E2=80=99s not let= me know in your response:</font></span></p> <p style=3D"margin-left:0.5in"><font face=3D"arial, sans-serif"><span style=3D"font-size:10pt;color:rgb= (31,78,121)"><span>a)<span style=3D"font-style:normal;font-variant:normal= ;font-weight:normal;font-stretch:normal;font-size:7pt;line-height:normal"= > </span></span></span><span style=3D"font-size:1= 1pt;color:rgb(31,78,121)">individuals who register a domain must knowledgeably attest to one of the following statements</span><span st= yle=3D"font-size:10pt;color:rgb(31,78,121)"></span></font></p> <p style=3D"margin-left:1in"><font face=3D"arial, sans-serif"><span style=3D"font-size:10pt;color:rgb= (31,78,121)"><span><span style=3D"font-style:normal;font-variant:normal;f= ont-weight:normal;font-stretch:normal;font-size:7pt;line-height:normal">&= nbsp; &n= bsp; &nb= sp; </span>i.<span style=3D"font-style:normal;font-= variant:normal;font-weight:normal;font-stretch:normal;font-size:7pt;line-= height:normal"> &nbs= p; </span></span></span><span style=3D"font-size:1= 1pt;color:rgb(31,78,121)">they are an individual, and if they choose to publish their personal information they are doing so in full knowledge of the risks and what will happen to their data</span><span style=3D"font-size:10pt= ;color:rgb(31,78,121)"></span></font></p> <p style=3D"margin-left:1in"><font face=3D"arial, sans-serif"><span style=3D"font-size:10pt;color:rgb= (31,78,121)"><span><span style=3D"font-style:normal;font-variant:normal;f= ont-weight:normal;font-stretch:normal;font-size:7pt;line-height:normal">&= nbsp; &n= bsp; &nb= sp; </span>ii.<span style=3D"font-style:normal;font= -variant:normal;font-weight:normal;font-stretch:normal;font-size:7pt;line= -height:normal"> &nb= sp; </span></span></span><span style=3D"font-size:1= 0pt;color:rgb(31,78,121)">that they are responsible for a legal person's registrations, and that they can attest to the fact that no personal information is being disclosed in the registration.</span></font></p> <p style=3D"margin-left:0.5in"><font face=3D"arial, sans-serif"><span style=3D"font-size:9pt;color:rgb(= 31,78,121)"><span>b)<span style=3D"font-style:normal;font-variant:normal;= font-weight:normal;font-stretch:normal;font-size:7pt;line-height:normal">= </span></span></span><span style=3D"font-size:1= 1pt;color:rgb(31,78,121)">if the contracted parties feel there might be an error in the designation of "legal person&qu= ot; they should err on the side of caution and protect their customer's data</span><span style=3D"font-s= ize:9pt;color:rgb(31,78,121)"></span></font></p> <p><span style=3D"font-size:11pt;color:rgb(31,78,121)">= <font face=3D"arial, sans-serif">OK. Now we have a basis for comparison. </font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,78,121)">= <font face=3D"arial, sans-serif">Note, first that item b) directly contradicts your claim that the registrant=E2=80=99s decision cannot be overridde= n. The registrar would have the authority to look at what data they entered, decide it=E2=80=99s wrong= , and change it. This implies that the registrars are carefully reviewing every registrants=E2=80=99 re= cord at the point of registration, checking out what choices they make, and making a decision about its validity. This is not a slippery slope, you are at the bottom of the hill already. Note also how meaningless it is to say to =E2=80=9Cerr on t= he side of caution=E2=80=9D. Many registrars will err on = the side of the lowest expense. Other registrars may be told by their government to differentiate. </font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,78,121)">= <font face=3D"arial, sans-serif">Note, too that your =E2=80=9Cattestations=E2=80=9D in a) and b) are a= ctually trying to differentiate between legal and natural persons. In your criticism of my proposal, you said it was really difficult to do that. You raised many complications and procedural non-uniformities in the registration process. You said that not all jurisdictions recognize the term, You said registrants can=E2=80=99t unde= rstand all that stuff. But here we see that your solution doubles down on the process of differentiation and makes it all legally actionable. </font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,78,121)">= <font face=3D"arial, sans-serif">You are forcing =E2=80=93 pushing was your word - registrants to make two legally consequential attestations that are far more complicated than asking them whether they are a company. Then you are asking the registrar to check the accuracy of those attestations. I think we really want to avoid that. It is against the interests of both registrars and their customers. </font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,78,121)">= <font face=3D"arial, sans-serif">What happens if the person making the registration and attests (as in b) that there is no personal information, and they turn out to be wrong? Are they legally liable for violating their attestation? Thanks, Steph, for criminalizing domain name registration. <u> </u></font></span></p> <p><font face=3D"arial, sans-serif"><span style=3D"colo= r:rgb(31,73,125)">></span>I believe that if the contracted parties, who are the data controllers in this situation and therefore own the <span style=3D"color:rgb(31,73,125)">></span>ris= k and the liability attendant with this decision, have to do this verification or trust the decision of the <span style=3D"color:rgb(31,73,125)">></span>reg= istrant, we will see either rising costs of domain names (if they do it right) or the same kind of opt-in <span style=3D"color:rgb(31,73,125)">></span>sit= uation we see throughout the world now, where people opt in to things without understanding their <span style=3D"color:rgb(31,73,125)">></span>ris= k.<span style=3D"color:rgb(31,73,125)"></span></font></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)">= <font face=3D"arial, sans-serif">The proposal of yours that I outlined above would make the registration process more risky to BOTH registrars and registrants. You are asking for legal attestations, creating administrative burden and risk, but you will not protect any more data. In fact, your option would likely protect fewer registrant records, because in my plan people who really are legal persons but don=E2=80=99t want to declare as such can do so, = whereas under your plan they are being put under the microscope and forced to make a legal attestation that they are one or the other. </font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)">= <font face=3D"arial, sans-serif">This would also be drastically more costly. Two attestations by the registrant, a review of the choices made by the registrar, a possibility of the registrar overruling it, this is all really complicated, non-automatable stuff.</font></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)">= <font face=3D"arial, sans-serif">So I would have to conclude by saying that you need to reconsider your position, and take a closer look at the real consequences of it. Then compare it to mine. I look forward to your support on that. </f= ont></span></p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)">= <font face=3D"arial, sans-serif">Here is another key difference between us:</font></span></p> <p><font face=3D"arial, sans-serif"><span style=3D"colo= r:rgb(31,73,125)">></span>There is no need to compromise, and while I understand Milton's desire to compromise, <span style=3D"color:rgb(31,73,125)"></span></font>= </p> <p><font face=3D"arial, sans-serif"><span style=3D"colo= r:rgb(31,73,125)">></span>I see absolutely no need to do so here. <span style=3D"color:rgb(31,73,125)"></span></font>= </p> <p><span style=3D"font-size:11pt;color:rgb(31,73,125)">= <font face=3D"arial, sans-serif">You say we just stick to our position. This is actually your strongest point and it=E2=80=99s one we need to face direct= ly. It probably overrides all the others. I will address it in another message. </font></span></p> </div> </div> </blockquote> </div> </div> </div> </blockquote> </body> </html> --------------F5D566D5697CC9FA2404C1EC-- ========================================================================= Date: Mon, 26 Apr 2021 14:10:18 +0100 Reply-To: Clarinette Tara <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: Clarinette Tara <[log in to unmask]> Subject: Re: EPDP policy issues X-To: "Mueller, Milton L" <[log in to unmask]> In-Reply-To: <[log in to unmask]> Content-Type: multipart/alternative; boundary=Apple-Mail-39522E93-CE52-4630-8817-88FD759B2121 Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (1.0) Message-ID: <[log in to unmask]> --Apple-Mail-39522E93-CE52-4630-8817-88FD759B2121 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable +1 I am with Stephanie. Tara Taubman-Bassirian Sent from my iPhone > On 25 Apr 2021, at 22:11, Mueller, Milton L <[log in to unmask]> wrote: >=20 > =EF=BB=BF > Stephanie: >=20 > I knew that you were against what I was proposing but until now I did not k= now what you were actually for. This is seemingly cleared up in the email be= low. In my response I will first clarify some of the misunderstandings you h= ave about the issue, then I will take a critical look at the proposal you ha= ve made. >=20 > >At no time have I ever suggested that it would be acceptable for registra= rs to overrule my designation of >myself as a natural person, or in the case= of a legal person, a statement that the contact data of employees >needs to= be protected because it contains personal data. >=20 > I could provide evidence to the contrary. If you are backing away from tha= t position now, it=E2=80=99s good, we will have an easier time coming to an a= greement. If we agree on this, you will then agree that the =E2=80=9C3rd sc= enario=E2=80=9D in the current Guidance should be deleted, as I have suggest= ed? A yes or no would be good. >=20 > >So to push all data of legal persons into a published registry is neither= necessary or sound policy. >=20 > But that is not what we are debating. My idea gives legal persons who do n= ot want to identify themselves as legal persons the right not to. No one is b= eing pushed. >=20 > >Now lets talk about how difficult it is to differentiate between legal pe= rsons and individuals. Milton makes it sound easy >=20 > Again, you seem to misunderstand the issue that is before us. We are not p= romoting a process of =E2=80=9Cdifferentiating between legal and natural per= sons=E2=80=9D We are promoting an ability to =E2=80=9CSelf-designate=E2=80=9D= as a legal person, if you want to. That is not hard at all. That is tremend= ously easy, if you do it the way I am proposing. If you say you are a legal p= erson, the RDS treats you as one. If you don=E2=80=99t, it doesn=E2=80=99t. >=20 > You go on to raise valid concerns about the complexity of registering a do= main. Surprisingly, this is followed by a proposals that would make the situ= ation worse! >=20 > Here is how I interpret what you are proposing: I am using your own words t= o characterize your position, so I think it should be correct, but if it=E2=80= =99s not let me know in your response: >=20 > a) individuals who register a domain must knowledgeably attest to on= e of the following statements >=20 > i. they are an individual, and= if they choose to publish their personal information they are doing so in f= ull knowledge of the risks and what will happen to their data >=20 > ii. that they are responsible f= or a legal person's registrations, and that they can attest to the fact that= no personal information is being disclosed in the registration. >=20 > b) if the contracted parties feel there might be an error in the des= ignation of "legal person" they should err on the side of caution and protec= t their customer's data >=20 > OK. Now we have a basis for comparison. >=20 > Note, first that item b) directly contradicts your claim that the registra= nt=E2=80=99s decision cannot be overridden. The registrar would have the aut= hority to look at what data they entered, decide it=E2=80=99s wrong, and cha= nge it. This implies that the registrars are carefully reviewing every regis= trants=E2=80=99 record at the point of registration, checking out what choic= es they make, and making a decision about its validity. This is not a slippe= ry slope, you are at the bottom of the hill already. Note also how meaningle= ss it is to say to =E2=80=9Cerr on the side of caution=E2=80=9D. Many regist= rars will err on the side of the lowest expense. Other registrars may be tol= d by their government to differentiate. >=20 > Note, too that your =E2=80=9Cattestations=E2=80=9D in a) and b) are actual= ly trying to differentiate between legal and natural persons. In your critic= ism of my proposal, you said it was really difficult to do that. You raised m= any complications and procedural non-uniformities in the registration proces= s. You said that not all jurisdictions recognize the term, You said registra= nts can=E2=80=99t understand all that stuff. But here we see that your solut= ion doubles down on the process of differentiation and makes it all legally a= ctionable. >=20 > You are forcing =E2=80=93 pushing was your word - registrants to make two l= egally consequential attestations that are far more complicated than asking t= hem whether they are a company. Then you are asking the registrar to check t= he accuracy of those attestations. I think we really want to avoid that. It i= s against the interests of both registrars and their customers. >=20 > What happens if the person making the registration and attests (as in b) t= hat there is no personal information, and they turn out to be wrong? Are the= y legally liable for violating their attestation? Thanks, Steph, for crimina= lizing domain name registration.=20 >=20 > >I believe that if the contracted parties, who are the data controllers in= this situation and therefore own the >risk and the liability attendant with= this decision, have to do this verification or trust the decision of the >r= egistrant, we will see either rising costs of domain names (if they do it ri= ght) or the same kind of opt-in >situation we see throughout the world now, w= here people opt in to things without understanding their >risk. >=20 > The proposal of yours that I outlined above would make the registration pr= ocess more risky to BOTH registrars and registrants. You are asking for lega= l attestations, creating administrative burden and risk, but you will not pr= otect any more data. In fact, your option would likely protect fewer registr= ant records, because in my plan people who really are legal persons but don=E2= =80=99t want to declare as such can do so, whereas under your plan they are b= eing put under the microscope and forced to make a legal attestation that th= ey are one or the other.=20 >=20 > This would also be drastically more costly. Two attestations by the regist= rant, a review of the choices made by the registrar, a possibility of the re= gistrar overruling it, this is all really complicated, non-automatable stuff= . >=20 > So I would have to conclude by saying that you need to reconsider your pos= ition, and take a closer look at the real consequences of it. Then compare i= t to mine. I look forward to your support on that. >=20 > Here is another key difference between us: >=20 > >There is no need to compromise, and while I understand Milton's desire to= compromise, >=20 > >I see absolutely no need to do so here.=20 >=20 > You say we just stick to our position. This is actually your strongest poi= nt and it=E2=80=99s one we need to face directly. It probably overrides all t= he others. I will address it in another message. --Apple-Mail-39522E93-CE52-4630-8817-88FD759B2121 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><head><meta http-equiv=3D"content-type" content=3D"text/html; charset=3D= utf-8"></head><body dir=3D"auto">+1 I am with Stephanie.<div>Tara Taubman-Ba= ssirian<br><br><div dir=3D"ltr">Sent from my iPhone</div><div dir=3D"ltr"><b= r><blockquote type=3D"cite">On 25 Apr 2021, at 22:11, Mueller, Milton L <= [log in to unmask]> wrote:<br><br></blockquote></div><blockquote type=3D"c= ite"><div dir=3D"ltr">=EF=BB=BF <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii">= <meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)"> <style><!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} @font-face {font-family:Consolas; panose-1:2 11 6 9 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:"Calibri",sans-serif;} a:link, span.MsoHyperlink {mso-style-priority:99; color:#0563C1; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:#954F72; text-decoration:underline;} p {mso-style-priority:99; mso-margin-top-alt:auto; margin-right:0in; mso-margin-bottom-alt:auto; margin-left:0in; font-size:12.0pt; font-family:"Times New Roman",serif;} pre {mso-style-priority:99; mso-style-link:"HTML Preformatted Char"; margin:0in; margin-bottom:.0001pt; font-size:10.0pt; font-family:"Courier New";} span.HTMLPreformattedChar {mso-style-name:"HTML Preformatted Char"; mso-style-priority:99; mso-style-link:"HTML Preformatted"; font-family:Consolas;} p.msonormal0, li.msonormal0, div.msonormal0 {mso-style-name:msonormal; mso-style-priority:99; mso-margin-top-alt:auto; margin-right:0in; mso-margin-bottom-alt:auto; margin-left:0in; font-size:12.0pt; font-family:"Times New Roman",serif;} span.EmailStyle21 {mso-style-type:personal; font-family:"Calibri",sans-serif; color:windowtext;} span.EmailStyle22 {mso-style-type:personal-reply; font-family:"Calibri",sans-serif; color:#1F497D;} .MsoChpDefault {mso-style-type:export-only; font-size:10.0pt;} @page WordSection1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.WordSection1 {page:WordSection1;} /* List Definitions */ @list l0 {mso-list-id:394015413; mso-list-type:hybrid; mso-list-template-ids:1911443670 67698711 67698713 67698715 6769870= 3 67698713 67698715 67698703 67698713 67698715;} @list l0:level1 {mso-level-number-format:alpha-lower; mso-level-text:"%1\)"; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l0:level2 {mso-level-number-format:alpha-lower; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l0:level3 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-9.0pt;} @list l0:level4 {mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l0:level5 {mso-level-number-format:alpha-lower; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l0:level6 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-9.0pt;} @list l0:level7 {mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l0:level8 {mso-level-number-format:alpha-lower; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l0:level9 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-9.0pt;} @list l1 {mso-list-id:1880433648; mso-list-type:hybrid; mso-list-template-ids:-989929156 67698711 67698715 67698715 6769870= 3 67698713 67698715 67698703 67698713 67698715;} @list l1:level1 {mso-level-number-format:alpha-lower; mso-level-text:"%1\)"; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l1:level2 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-.25in;} @list l1:level3 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-9.0pt;} @list l1:level4 {mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l1:level5 {mso-level-number-format:alpha-lower; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l1:level6 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-9.0pt;} @list l1:level7 {mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l1:level8 {mso-level-number-format:alpha-lower; mso-level-tab-stop:none; mso-level-number-position:left; text-indent:-.25in;} @list l1:level9 {mso-level-number-format:roman-lower; mso-level-tab-stop:none; mso-level-number-position:right; text-indent:-9.0pt;} ol {margin-bottom:0in;} ul {margin-bottom:0in;} --></style><!--[if gte mso 9]><xml> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1027" /> </xml><![endif]--><!--[if gte mso 9]><xml> <o:shapelayout v:ext=3D"edit"> <o:idmap v:ext=3D"edit" data=3D"1" /> </o:shapelayout></xml><![endif]--> <div class=3D"WordSection1"> <p><span style=3D"font-family:"Calibri",sans-serif;color:#1F497D">= Stephanie:<o:p></o:p></span></p> <p><span style=3D"font-family:"Calibri",sans-serif;color:#1F497D">= I knew that you were against what I was proposing but until now I did not kn= ow what you were actually for. This is seemingly cleared up in the email bel= ow. In my response I will first clarify some of the misunderstandings you have about the issue, then I will take a criti= cal look at the proposal you have made.<o:p></o:p></span></p> <p><span style=3D"color:#1F497D">></span>At no time have I ever suggested= that it would be acceptable for registrars to overrule my designation of <span style=3D"color:#1F497D">></span>myself as a natural person, or in t= he case of a legal person, a statement that the contact data of employees <span style=3D"color:#1F497D">></span>needs to be protected because it co= ntains personal data.<span style=3D"color:#1F497D"><o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F497D">I could provide evidence to the contrary. If you are backin= g away from that position now, it=E2=80=99s good, we will have an easier tim= e coming to an agreement. If we agree on this, you will then agree that the =E2=80=9C3<sup>rd</sup> scenario=E2=80=9D in the c= urrent Guidance should be deleted, as I have suggested? A yes or no would be= good.<o:p></o:p></span></p> <p><span style=3D"color:#1F497D">></span>So to push all data of legal per= sons into a published registry is neither necessary or sound policy.<span st= yle=3D"color:#1F497D"><o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F497D">But that is not what we are debating. My idea gives legal p= ersons who do not want to identify themselves as legal persons the right not= to. No one is being pushed. <o:p></o:p></span></p> <p><span style=3D"color:#1F497D">></span>Now lets talk about how difficul= t it is to differentiate between legal persons and individuals.<span style=3D= "color:#1F497D"> </span>Milton makes it sound easy<span style=3D"color:#1F497D"><o:p></o:p></= span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F497D">Again, you seem to misunderstand the issue that is before u= s. We are not promoting a process of =E2=80=9Cdifferentiating between legal a= nd natural persons=E2=80=9D We are promoting an ability to =E2=80=9CSelf-designate=E2=80=9D as a legal person, if you want to. That= is not hard at all. That is tremendously easy, if you do it the way I am pr= oposing. If you say you are a legal person, the RDS treats you as one. If yo= u don=E2=80=99t, it doesn=E2=80=99t. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F497D">You go on to raise valid concerns about the complexity of r= egistering a domain. Surprisingly, this is followed by a proposals that woul= d make the situation worse! <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F497D">Here is how I interpret what you are proposing: I am using y= our own words to characterize your position, so I think it should be correct= , but if it=E2=80=99s not let me know in your response:<o:p></o:p></span></p= > <p style=3D"margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo2"><!-= -[if !supportLists]--><span style=3D"font-size:10.0pt;font-family:"Cali= bri",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso= -style-textfill-fill-alpha:100.0%"><span style=3D"mso-list:Ignore">a)<span s= tyle=3D"font:7.0pt "Times New Roman""> &nbs= p; </span></span></span><!--[endif]--><span style=3D"font-size:11.0pt;font-fami= ly:"Calibri",sans-serif;color:#1F4E79;mso-style-textfill-fill-colo= r:#1F4E79;mso-style-textfill-fill-alpha:100.0%">individuals who register a d= omain must knowledgeably attest to one of the following statements</span><span style=3D"font-size:10.0pt;font-family:&quo= t;Calibri",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E= 79;mso-style-textfill-fill-alpha:100.0%"><o:p></o:p></span></p> <p style=3D"margin-left:1.0in;text-indent:-1.0in;mso-text-indent-alt:-.25in;= mso-list:l1 level2 lfo4"> <!--[if !supportLists]--><span style=3D"font-size:10.0pt;font-family:"C= alibri",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;= mso-style-textfill-fill-alpha:100.0%"><span style=3D"mso-list:Ignore"><span s= tyle=3D"font:7.0pt "Times New Roman""> &nbs= p; &n= bsp; = </span>i.<span style=3D"font:7.0pt "Times New Roman""> = </span></span></span>= <!--[endif]--><span style=3D"font-size:11.0pt;font-family:"Calibri"= ;,sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-t= extfill-fill-alpha:100.0%">they are an individual, and if they choose to publish their personal information the= y are doing so in full knowledge of the risks and what will happen to their d= ata</span><span style=3D"font-size:10.0pt;font-family:"Calibri",sa= ns-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-textf= ill-fill-alpha:100.0%"><o:p></o:p></span></p> <p style=3D"margin-left:1.0in;text-indent:-1.0in;mso-text-indent-alt:-.25in;= mso-list:l1 level2 lfo4"> <!--[if !supportLists]--><span style=3D"font-size:10.0pt;font-family:"C= alibri",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;= mso-style-textfill-fill-alpha:100.0%"><span style=3D"mso-list:Ignore"><span s= tyle=3D"font:7.0pt "Times New Roman""> &nbs= p; &n= bsp; = </span>ii.<span style=3D"font:7.0pt "Times New Roman"">  = ; </span></span></span= ><!--[endif]--><span style=3D"font-size:10.0pt;font-family:"Calibri&quo= t;,sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-= textfill-fill-alpha:100.0%">that they are responsible for a legal person's registrations, and that they can attes= t to the fact that no personal information is being disclosed in the registr= ation.<o:p></o:p></span></p> <p style=3D"margin-left:.5in;text-indent:-.25in;mso-list:l0 level1 lfo2"><!-= -[if !supportLists]--><span style=3D"font-size:9.0pt;font-family:"Calib= ri",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-= style-textfill-fill-alpha:100.0%"><span style=3D"mso-list:Ignore">b)<span st= yle=3D"font:7.0pt "Times New Roman"">  = ; </span></span></span><!--[endif]--><span style=3D"font-size:11.0pt;font-fami= ly:"Calibri",sans-serif;color:#1F4E79;mso-style-textfill-fill-colo= r:#1F4E79;mso-style-textfill-fill-alpha:100.0%">if the contracted parties fe= el there might be an error in the designation of "legal person" they should err on the side of caution and protect their c= ustomer's data</span><span style=3D"font-size:9.0pt;font-family:"Calibr= i",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-s= tyle-textfill-fill-alpha:100.0%"><o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-textfill-fil= l-alpha:100.0%">OK. Now we have a basis for comparison. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-textfill-fil= l-alpha:100.0%">Note, first that item b) directly contradicts your claim tha= t the registrant=E2=80=99s decision cannot be overridden. The registrar would have the authority to look at what data they entered, d= ecide it=E2=80=99s wrong, and change it. This implies that the registrars ar= e carefully reviewing every registrants=E2=80=99 record at the point of regi= stration, checking out what choices they make, and making a decision about its validity. This is not a slippery slope, you= are at the bottom of the hill already. Note also how meaningless it is to s= ay to =E2=80=9Cerr on the side of caution=E2=80=9D. Many registrars will err= on the side of the lowest expense. Other registrars may be told by their government to differentiate. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-textfill-fil= l-alpha:100.0%">Note, too that your =E2=80=9Cattestations=E2=80=9D in a) and= b) are actually trying to differentiate between legal and natural persons. In your criticism of my proposal, you said it was really d= ifficult to do that. You raised many complications and procedural non-unifor= mities in the registration process. You said that not all jurisdictions reco= gnize the term, You said registrants can=E2=80=99t understand all that stuff. But here we see that your solution= doubles down on the process of differentiation and makes it all legally act= ionable. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-textfill-fil= l-alpha:100.0%">You are forcing =E2=80=93 pushing was your word - registrant= s to make two legally consequential attestations that are far more complicated than asking them whether they are a company. T= hen you are asking the registrar to check the accuracy of those attestations= . I think we really want to avoid that. It is against the interests of both r= egistrars and their customers. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-textfill-fil= l-alpha:100.0%">What happens if the person making the registration and attes= ts (as in b) that there is no personal information, and they turn out to be wrong? Are they legally liable for violating their a= ttestation? Thanks, Steph, for criminalizing domain name registration. = <o:p></o:p></span></p> <p><span style=3D"color:#1F497D">></span>I believe that if the contracted= parties, who are the data controllers in this situation and therefore own t= he <span style=3D"color:#1F497D">></span>risk and the liability attendant wi= th this decision, have to do this verification or trust the decision of the <span style=3D"color:#1F497D">></span>registrant, we will see either risi= ng costs of domain names (if they do it right) or the same kind of opt-in <span style=3D"color:#1F497D">></span>situation we see throughout the wor= ld now, where people opt in to things without understanding their <span style=3D"color:#1F497D">></span>risk.<span style=3D"color:#1F497D">= <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F497D">The proposal of yours that I outlined above would make the r= egistration process more risky to BOTH registrars and registrants. You are a= sking for legal attestations, creating administrative burden and risk, but you will not protect any more data. In fact, your opti= on would likely protect fewer registrant records, because in my plan people w= ho really are legal persons but don=E2=80=99t want to declare as such can do= so, whereas under your plan they are being put under the microscope and forced to make a legal attestation that t= hey are one or the other. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F497D">This would also be drastically more costly. Two attestation= s by the registrant, a review of the choices made by the registrar, a possib= ility of the registrar overruling it, this is all really complicated, non-automatable stuff.<o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F497D">So I would have to conclude by saying that you need to reco= nsider your position, and take a closer look at the real consequences of it.= Then compare it to mine. I look forward to your support on that. <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F497D">Here is another key difference between us:<o:p></o:p></span= ></p> <p><span style=3D"color:#1F497D">></span>There is no need to compromise, a= nd while I understand Milton's desire to compromise, <span style=3D"color:#1F497D"><o:p></o:p></span></p> <p><span style=3D"color:#1F497D">></span>I see absolutely no need to do s= o here. <span style=3D"color:#1F497D"> <o:p></o:p></span></p> <p><span style=3D"font-size:11.0pt;font-family:"Calibri",sans-seri= f;color:#1F497D">You say we just stick to our position. This is actually you= r strongest point and it=E2=80=99s one we need to face directly. It probably= overrides all the others. I will address it in another message. <o:p></o:p></span></p> </div> </div></blockquote></div></body></html>= --Apple-Mail-39522E93-CE52-4630-8817-88FD759B2121-- ========================================================================= Date: Mon, 26 Apr 2021 06:17:46 -0700 Reply-To: [log in to unmask] Sender: NCSG-Discuss <[log in to unmask]> From: [log in to unmask] Subject: Re: EPDP policy issues - [adding Kathy] X-To: "Mueller, Milton L" <[log in to unmask]> In-Reply-To: <[log in to unmask]> Content-Type: multipart/alternative; boundary="=_HDldaRJVCImjHCWQMsUoGaY" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Message-ID: <[log in to unmask]> This message is in MIME format. --=_HDldaRJVCImjHCWQMsUoGaY Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Description: Plaintext Message Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Dear Milton, This is a very important conversation we are having.=C2=A0 I'll respond i= n =20 order, but note that the most interesting thing you said was in your =20 last sentence.=C2=A0 That's worth discussing! To my questions: a)=C2=A0 =C2=A0 =C2=A0 Is a name =E2=80=9Cpersonal data=E2=80=9D? > b)=C2=A0 =C2=A0 =C2=A0 Is an address =E2=80=9Cpersonal data=E2=80=9D? > c)=C2=A0 =C2=A0 =C2=A0 =C2=A0Is a cell phone =E2=80=9Cpersonal data=E2=80= =9D? > d)=C2=A0 =C2=A0 =C2=A0 Is an email =E2=80=9Cpersonal data=E2=80=9D? > You believe "In a digital world, there is no hard, well-defined nugget =20 of data that is =E2=80=9Cpersonal=E2=80=9D and > everything else is not." /In the legal world, however, there hard =20 > but not fast answers.=C2=A0 /That's why after being an attorney in this= =20 > space for a long time, I can tell you that the answer is "it =20 > depends" to many of the questions above. Under EU rules, my email =20 > can be personal data since it includes my name.=C2=A0 Under EU rules, a= s =20 > I understand them, even [log in to unmask] can be personal data if only =20 > person runs the "Info" desk of a hypothetical "myorg". These are not easy questions for anyone going through the fast process =20 of domain name registrations (where questions should be clear and =20 straightforward). Please do not underestimate the value of domain name data. SSN, =20 driver's licenses and national ID cards all have high level of =20 protection under national and state laws.=C2=A0 They are not available in= =20 24*7 open and public databases as WHOIS has been (prior to GDPR-based =20 redaction). More on this below. BUT HAPPILY, YOU EMAIL ENDED ON A STUNNING NOTE: > SO I THINK IT IS SIMPLEST TO JUST SAY TO THE REGISTRANT, IF YOU=E2=80=99= RE A > COMPANY AND DON=E2=80=99T MIND (OR EVEN WANT) YOUR DATA TO BE PUBLISHED= , > CHECK THIS BOX. IF YOU=E2=80=99RE NOT, OR YOU DO MIND, DON=E2=80=99T CH= ECK IT. /GREAT - CAN WE ASK EXACTLY WHAT YOU SAID ABOVE?!=C2=A0 /NOT THE BINARY =20 QUESTION: ARE YOU A LEGAL OR NATURAL PERSON (WITH ITS LEGAL =20 LIABILITY), BUT /WOULD YOU LIKE LIKE TO HAVE YOUR DOMAIN NAME =20 REGISTRATION DATA PUBLISHED IN THE WHOIS/RDS DATABASE?=C2=A0 /That way =20 there are no traps for the unwary, no legal liability for wrong =20 answers, and our NCSG members don't have to become great data =20 protection scholars before registering a domain ame. I think we'll find that some companies, organizations and individuals =20 will want their data published and some won't (banks were one of the =20 biggest users of proxy/privacy services in the WHOIS I Review Team =20 Studies). It's a clear question with no legal liability for wrong =20 answers. Are we done?=C2=A0 Does this work?=C2=A0 It seems odd that it would be so= =20 simple, but I'm willing to take "yes" for an answer :-). ------------------------- As for WHOIS/RDS data, please don't diminish its value.=C2=A0 On the firs= t =20 WHOIS Reveiw Team (I vice-chaired), we found great concern about =20 then-massive publication of WHOIS data. The WHOIS/RDS databases were =20 (before GDPR) a major place to associate a speaker and his/her =20 speech.=C2=A0 That's a huge issue, especially for speakers and =20 organizations who are supposed to be assured privacy under freedom of =20 expression, free speech and freedom of association laws.=C2=A0 For our NCSG members, this is a real problem since this association =20 can lead to jailing, fining, doxxing, and more of themselves or their =20 familiers.=C2=A0 We are the human rights representatives in ICANN, among = =20 other groups and orgs we represent. No other Stakeholder Group faces =20 the risks that our members - and those we speak for across the world - =20 do. In our Review Team research, we also clear evidence of data miners =20 gathering WHOIS data in large numbers. It was part of the large system =20 of data mining and profiling - and the EU is right, IMHO, to work to =20 shut this down. /So can we leave the binary question aside and ask the underlying =20 question:=C2=A0 Do you want your data published?=C2=A0 It leads to a much= =20 clearer, cleaner, simpler answer without unintended legal liability =20 and pitfalls./ Best regards, Kathy > Quoting "Mueller, Milton L" <[log in to unmask]>: > Kathy, > Thanks for your helpful intervention. I especially liked your > discussion of this: > > a)=C2=A0 =C2=A0 =C2=A0 Is a name =E2=80=9Cpersonal data=E2=80=9D? > b)=C2=A0 =C2=A0 =C2=A0 Is an address =E2=80=9Cpersonal data=E2=80=9D? > c)=C2=A0 =C2=A0 =C2=A0 =C2=A0Is a cell phone =E2=80=9Cpersonal data=E2=80= =9D? > d)=C2=A0 =C2=A0 =C2=A0 Is an email =E2=80=9Cpersonal data=E2=80=9D? > > Thinking about this problem =E2=80=93 what is personal data =E2=80=93 i= s what led me > to start modifying my position on this issue. In a digital world > there is no hard, well-defined nugget of data that is =E2=80=9Cpersonal= =E2=80=9D and > everything else is not. Your =E2=80=9Cpersonality=E2=80=9D is reflected= in a lot of > _activity_ on the net, and anyone who can gather and correlate all of > those footprints knows a lot of personal info about you. True, your > name and location, where you live, or your SSN or national identity > number of drivers=E2=80=99 license, provide a stronger basis for puttin= g all > these correlations into an actionable identity. And that data is out > there in a number of places, whois is relatively small part of that > problem. A very small part, in fact > > This is one of the reasons I don=E2=80=99t like Stephanie=E2=80=99s pro= posed approach > (I will try to answer her message separately). Instead of a simple > self-designation as legal or natural (company or individual), they > want to try to force registrars into an elaborate process of > eliminating personal data from the record. But anything can be > personal data. OR some things that seem to be personal are not so > personal. I think such a process is going to make registering a > domain complicated and expensive and ultimately will not protect > much. Worse, such a process will also be a camel=E2=80=99s nose under t= he > tent process in which registrars assume more and more responsibility > for determining the accuracy of registration data and for verifying > the identity of everyone who registers. > > Let=E2=80=99s keep it simple and under the registrants=E2=80=99 control= . The more you > involve third party rules and regulations in the registration > process, the more complicated and expensive it becomes, and the > privacy gains of such processes are miniscule, they are mostly > hypothetical and theoretical. > > So I think it is simplest to just say to the registrant, if you=E2=80=99= re a > company and don=E2=80=99t mind (or even want) your data to be published= , > check this box. If you=E2=80=99re not, or you do mind, don=E2=80=99t ch= eck it. --=_HDldaRJVCImjHCWQMsUoGaY Content-Type: text/html; charset=utf-8 Content-Description: HTML Message Content-Disposition: inline <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title></title> </head> <body style="font-family:Arial;font-size:14px"> <p>Dear Milton,<br> This is a very important conversation we are having. I'll respond in order, but note that the most interesting thing you said was in your last sentence. That's worth discussing!<br> <br> To my questions:<br> a) Is a name “personal data”?<br> > b) Is an address “personal data”?<br> > c) Is a cell phone “personal data”?<br> > d) Is an email “personal data”?<br> ><br> <br> You believe "In a digital world, there is no hard, well-defined nugget of data that is “personal” and<br> > everything else is not." <em>In the legal world, however, there hard but not fast answers. </em> That's why after being an attorney in this space for a long time, I can tell you that the answer is "it depends" to many of the questions above. Under EU rules, my email can be personal data since it includes my name. Under EU rules, as I understand them, even [log in to unmask] can be personal data if only person runs the "Info" desk of a hypothetical "myorg".<br> <br> These are not easy questions for anyone going through the fast process of domain name registrations (where questions should be clear and straightforward).<br> <br> Please do not underestimate the value of domain name data. SSN, driver's licenses and national ID cards all have high level of protection under national and state laws. They are not available in 24*7 open and public databases as WHOIS has been (prior to GDPR-based redaction). More on this below.<br> <br> <strong>But happily, you email ended on a stunning note:<br> <br> > So I think it is simplest to just say to the registrant, if you’re a<br> > company and don’t mind (or even want) your data to be published,<br> > check this box. If you’re not, or you do mind, don’t check it.</strong><br> <br> <em><strong>Great - can we ask exactly what you said above?! </strong></em> <strong>Not the binary question: are you a legal or natural person (with its legal liability), but <em>would you like like to have your domain name registration data published in the WHOIS/RDS database? </em></strong> That way there are no traps for the unwary, no legal liability for wrong answers, and our NCSG members don't have to become great data protection scholars before registering a domain ame.<br> <br> I think we'll find that some companies, organizations and individuals will want their data published and some won't (banks were one of the biggest users of proxy/privacy services in the WHOIS I Review Team Studies). It's a clear question with no legal liability for wrong answers.<br> <br> Are we done? Does this work? It seems odd that it would be so simple, but I'm willing to take "yes" for an answer :-).<br> <br> -------------------------<br> <br> As for WHOIS/RDS data, please don't diminish its value. On the first WHOIS Reveiw Team (I vice-chaired), we found great concern about then-massive publication of WHOIS data. The WHOIS/RDS databases were (before GDPR) a major place to associate a speaker and his/her speech. That's a huge issue, especially for speakers and organizations who are supposed to be assured privacy under freedom of expression, free speech and freedom of association laws. <br> <br> For our NCSG members, this is a real problem since this association can lead to jailing, fining, doxxing, and more of themselves or their familiers. We are the human rights representatives in ICANN, among other groups and orgs we represent. No other Stakeholder Group faces the risks that our members - and those we speak for across the world - do.<br> <br> In our Review Team research, we also clear evidence of data miners gathering WHOIS data in large numbers. It was part of the large system of data mining and profiling - and the EU is right, IMHO, to work to shut this down.<br> <br> <em>So can we leave the binary question aside and ask the underlying question: Do you want your data published? It leads to a much clearer, cleaner, simpler answer without unintended legal liability and pitfalls.</em><br> <br> Best regards,<br> Kathy<br> <br> <br> <br> ><br> Quoting "Mueller, Milton L" <<a href="mailto:[log in to unmask]">[log in to unmask]</a>>:<br> <br> > Kathy,<br> > Thanks for your helpful intervention. I especially liked your<br> > discussion of this:<br> ><br> > a) Is a name “personal data”?<br> > b) Is an address “personal data”?<br> > c) Is a cell phone “personal data”?<br> > d) Is an email “personal data”?<br> ><br> > Thinking about this problem – what is personal data – is what led me<br> > to start modifying my position on this issue. In a digital world<br> > there is no hard, well-defined nugget of data that is “personal” and<br> > everything else is not. Your “personality” is reflected in a lot of<br> > _activity_ on the net, and anyone who can gather and correlate all of<br> > those footprints knows a lot of personal info about you. True, your<br> > name and location, where you live, or your SSN or national identity<br> > number of drivers’ license, provide a stronger basis for putting all<br> > these correlations into an actionable identity. And that data is out<br> > there in a number of places, whois is relatively small part of that<br> > problem. A very small part, in fact<br> ><br> > This is one of the reasons I don’t like Stephanie’s proposed approach<br> > (I will try to answer her message separately). Instead of a simple<br> > self-designation as legal or natural (company or individual), they<br> > want to try to force registrars into an elaborate process of<br> > eliminating personal data from the record. But anything can be<br> > personal data. OR some things that seem to be personal are not so<br> > personal. I think such a process is going to make registering a<br> > domain complicated and expensive and ultimately will not protect<br> > much. Worse, such a process will also be a camel’s nose under the<br> > tent process in which registrars assume more and more responsibility<br> > for determining the accuracy of registration data and for verifying<br> > the identity of everyone who registers.<br> ><br> > Let’s keep it simple and under the registrants’ control. The more you<br> > involve third party rules and regulations in the registration<br> > process, the more complicated and expensive it becomes, and the<br> > privacy gains of such processes are miniscule, they are mostly<br> > hypothetical and theoretical.<br> ><br> > So I think it is simplest to just say to the registrant, if you’re a<br> > company and don’t mind (or even want) your data to be published,<br> > check this box. If you’re not, or you do mind, don’t check it.<br> <br></p> </body> </html> --=_HDldaRJVCImjHCWQMsUoGaY-- ========================================================================= Date: Mon, 26 Apr 2021 11:26:50 -0300 Reply-To: Bruna Martins dos Santos <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: Bruna Martins dos Santos <[log in to unmask]> Subject: NCSG Elections Timeline - Check-in starts on May 7th MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="00000000000031eb5805c0e0f170" Message-ID: <[log in to unmask]> --00000000000031eb5805c0e0f170 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Dear NCSG, Hope this email finds everyone well! As you may recall, our SG hosts its elections in the month of june, therefore this email is a reminder of our Elections Timeline and slots open. *Slots * *Chair * Bruna Martins dos Santos - Eligible for reelection, completed 1 term *NCSG Councilors * Tatiana Tropina EU - Term limited, Term #2 ends at AGM 2021 Farell Folly AF - Eligible for reelection, Term #1 ends at AGM 2021 Juan Manuel Rojas LAC - Eligible for reelection, Term #1 ends at AGM 2022 Wisdom Donkor AF - Eligible for reelection, Term #1 ends at AGM 2022 Stephanie Perrin NA - Eligible for reelection, Term #1 ends at AGM 2022 Tomslin Samme-Nlar AP - Eligible for reelection, Term #1 ends at AGM 2022 *NCSG Elections Timeline * 7 May: Check-in begins 13 May - 27 May: Nomination period 27 May: Deadline for nomination acceptance and candidate statement. 28 May: Meet the candidates call / Check-in ends 01 - 04 June: Voter roll finalized 07 June - 21 June: Voting 22 June: Results announced *Relevant information:* - Check in is mandatory for voting and starts in less than 2 weeks; - NCSG members are free to self-nominate or nominate other members, but nomination acceptance will only be accounted once we have the Candidate Statement on the NCSG list; - Considering NCSG aims for balanced regional representation and in light of Tatiana being term limited, we would like to encourage candidates from the EU region to run for one of NCSGs Councilors slot. Feel free to contact me or anyone else from NCSG Leadership should you have questions. Best regards, --=20 *Bruna Martins dos Santos * Advocacy Coordinator | Data Privacy Brazil Research <https://www.dataprivacybr.org/en/> Member | Coaliz=C3=A3o Direitos na Rede <https://direitosnarede.org.br/> Chair | Non-Commercial Stakeholder Group at ICANN <https://gnso.icann.org/en/about/stakeholders-constituencies/ncsg> Co-Coordinator | Internet Governance Caucus <https://igcaucus.org/> Twitter: @boomartins <https://twitter.com/boomartins> // Skype: bruna.martinsantos [log in to unmask] and [log in to unmask] --00000000000031eb5805c0e0f170 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">Dear NCSG,=C2=A0<div><br></div><div>Hope this email=C2=A0f= inds everyone well!=C2=A0</div><div><br></div><div>As you may recall, our S= G hosts its elections in the month of june, therefore this email is a remin= der of our Elections Timeline and slots open.=C2=A0</div><div><br></div><di= v><div class=3D"gmail-"><div id=3D"gmail-:2m3" class=3D"gmail-ii gmail-gt" = style=3D"font-size:0.875rem;direction:ltr;margin:8px 0px 0px;padding:0px"><= div id=3D"gmail-:2m4" class=3D"gmail-a3s gmail-aiL" style=3D"overflow:hidde= n;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:n= ormal;font-size:small;line-height:1.5"><div dir=3D"ltr"><div><b>Slots=C2=A0= </b></div><div><b>Chair=C2=A0</b></div><div>Bruna Martins dos Santos - <spa= n style=3D"background-color:rgb(255,242,204)">Eligible for reelection, comp= leted 1 term</span></div><div><br></div><div><b>NCSG Councilors=C2=A0</b></= div><div>Tatiana Tropina EU - <span style=3D"background-color:rgb(255,242,2= 04)">Term limited,=C2=A0Term #2 ends at AGM 2021</span></div><div>Farell Fo= lly AF -=C2=A0<span style=3D"background-color:rgb(255,242,204)">Eligible fo= r reelection,=C2=A0Term #1 ends at AGM 2021<br></span></div><div>Juan Manue= l Rojas LAC -=C2=A0<span style=3D"background-color:rgb(255,242,204)">Eligib= le for reelection, Term #1 ends at AGM 2022</span><br></div><div>Wisdom Don= kor AF -<span style=3D"background-color:rgb(255,242,204)"> Eligible for ree= lection,=C2=A0Term #1 ends at AGM 2022</span><br>Stephanie Perrin NA -=C2= =A0<span style=3D"background-color:rgb(255,242,204)">Eligible for reelectio= n,=C2=A0Term #1 ends at AGM 2022</span><br>Tomslin Samme-Nlar AP -=C2=A0<sp= an style=3D"background-color:rgb(255,242,204)">Eligible for reelection,=C2= =A0</span><span style=3D"background-color:rgb(255,242,204)">Term #1 ends at= AGM 2022</span><br><br></div><div><br></div><div><b>NCSG Elections Timelin= e=C2=A0</b></div><div><span style=3D"background-color:rgb(255,255,0)">7 May= : Check-in begins</span><br>13 May - 27 May: Nomination period<br>27 May: D= eadline for nomination acceptance and candidate statement.<br>28 May: Meet = the candidates call / Check-in ends<br>01 - 04 June: Voter roll finalized<b= r>07 June - 21 June: Voting<br>22 June: Results announced<br></div><div><br= ></div><div><b>Relevant information:</b></div><div>- Check in is mandatory = for voting and starts in less than 2 weeks;</div><div>- NCSG members are fr= ee to self-nominate or nominate other members, but nomination acceptance wi= ll only be accounted once we have the Candidate Statement on the NCSG list;= </div><div>- Considering NCSG aims for balanced regional representation and= in light of Tatiana being term limited, we would like to encourage candida= tes from the EU region to run for one of NCSGs Councilors=C2=A0slot.=C2=A0<= /div><div><br></div><div><div>Feel free to contact me or anyone else from N= CSG Leadership should you have questions.=C2=A0</div></div><br class=3D"gma= il-Apple-interchange-newline"></div></div></div></div><div>Best regards,=C2= =A0</div>-- <br><div dir=3D"ltr" class=3D"gmail_signature" data-smartmail= =3D"gmail_signature"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><di= v dir=3D"ltr"><div dir=3D"ltr"><div><b><i>Bruna Martins dos Santos=C2=A0<br= ></i></b><div dir=3D"ltr" style=3D"color:rgb(34,34,34)"><br></div><p style= =3D"color:rgb(34,34,34);margin:0cm 0cm 0.0001pt"><span style=3D"font-family= :arial,sans-serif"><font color=3D"#000000"><span style=3D"font-size:11px"><= /span></font></span></p><p style=3D"color:rgb(34,34,34);margin:0cm 0cm 0.00= 01pt"><font size=3D"2"><span style=3D"font-family:arial,sans-serif"><font c= olor=3D"#000000">Advocacy Coordinator | <a href=3D"https://www.dataprivacyb= r.org/en/" target=3D"_blank">Data Privacy Brazil Research</a></font></span>= </font></p><p style=3D"color:rgb(34,34,34);margin:0cm 0cm 0.0001pt"><font s= ize=3D"2"><span style=3D"font-family:arial,sans-serif"><font color=3D"#0000= 00">Member | <a href=3D"https://direitosnarede.org.br/" target=3D"_blank">C= oaliz=C3=A3o Direitos na Rede</a>=C2=A0<br>Chair</font></span></font><span = style=3D"color:rgb(0,0,0);font-family:arial,sans-serif">=C2=A0|=C2=A0<a hre= f=3D"https://gnso.icann.org/en/about/stakeholders-constituencies/ncsg" targ= et=3D"_blank">Non-Commercial Stakeholder Group at ICANN</a><br></span><font= size=3D"2"><span style=3D"font-family:arial,sans-serif"><font color=3D"#00= 0000">Co-Coordinator</font></span></font><span style=3D"color:rgb(0,0,0);fo= nt-family:arial,sans-serif">=C2=A0|=C2=A0<a href=3D"https://igcaucus.org/" = target=3D"_blank">Internet Governance Caucus=C2=A0</a><br></span><font size= =3D"2"><span style=3D"font-family:arial,sans-serif"><font color=3D"#000000"= ><br></font></span></font></p><div style=3D"color:rgb(34,34,34)"><span styl= e=3D"font-family:arial,sans-serif"><font size=3D"1" color=3D"#000000"><font= size=3D"2">Twitter:=C2=A0<a href=3D"https://twitter.com/boomartins" target= =3D"_blank"><font color=3D"#1155cc">@</font>boomartins</a>=C2=A0//=C2=A0</f= ont></font></span><span style=3D"color:rgb(32,33,36)">Skype: bruna.martinsa= ntos</span></div></div><div><font size=3D"1"><a href=3D"mailto:bruna@datapr= ivacybr.org" target=3D"_blank">[log in to unmask]</a>=C2=A0and <a href= =3D"mailto:[log in to unmask]" target=3D"_blank">[log in to unmask]</= a></font></div></div></div></div></div></div></div></div></div> --00000000000031eb5805c0e0f170-- ========================================================================= Date: Mon, 26 Apr 2021 16:26:23 +0000 Reply-To: Maryam Bakoshi <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: Maryam Bakoshi <[log in to unmask]> Subject: Monday, 26 April 2021 - ICANN Community Leadership Digest Content-Type: multipart/alternative; boundary="_000_3A3A0F2F6E3040C3A7E31D22F32A18ECicannorg_" MIME-Version: 1.0 Message-ID: <[log in to unmask]> --_000_3A3A0F2F6E3040C3A7E31D22F32A18ECicannorg_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 DQpbaHR0cDovL3IyMC5yczYubmV0L29uLmpzcD9jYT0yNjBlYjIwOC05NDRiLTQzODktYTM4My0y MDk4MzA2MTA3ZDkmYT0xMTIyMDI1ODQ1NzYzJmM9NDM1ZGE0NTAtYzBjOS0xMWU4LTk3NDEtZDRh ZTUyN2I3N2Y4JmNoPTQzNzRhZWMwLWMwYzktMTFlOC05NzQxLWQ0YWU1MjdiNzdmOF0NCg0KTW9u ZGF5LCAyNiBBcHJpbCAyMDIxDQoNCg0KDQpJQ0FOTiBDb21tdW5pdHkgTGVhZGVyc2hpcCBEaWdl c3QNCg0KDQoNCltodHRwczovL2ZpbGVzLmNvbnN0YW50Y29udGFjdC5jb20vMzA0YjNmZDM1MDEv MzFmMzBhYjUtMTQ0NS00NWMzLWFlZjctYzBlYTRlYmNjNThjLmpwZ10NCg0KDQoNClRoZSBJQ0FO TiBvcmcgUG9saWN5IERldmVsb3BtZW50IFN1cHBvcnQgZnVuY3Rpb24gcHVibGlzaGVzIHRoaXMg dHdpY2Utd2Vla2x5IGRpZ2VzdA0KdG8gaGVscCBJQ0FOTiBjb21tdW5pdHkgbGVhZGVycyB0cmFj ayByZXF1ZXN0cyBhbmQgZm9sbG93IHVwZGF0ZXMuDQoNCg0KDQpUYWJsZSBvZiBDb250ZW50cw0K DQoNCg0KSW5mb3JtYXRpb24gU2hhcmluZw0KwrcgICAgIERVRSBUT0RBWTogQXBwb2ludG1lbnRz IHRvIEdOU08gUERQIHRvIFJldmlldyB0aGUgVHJhbnNmZXIgUG9saWN5DQrCtyAgICAgVE9NT1JS T1c6IFdlYmluYXIgb24gUHJpb3JpdGl6YXRpb24gb2YgSUNBTk4gV29yayBhbmQgU3VwcGxlbWVu dGFsIEZ1bmQgZm9yIEltcGxlbWVudGF0aW9uIG9mIENvbW11bml0eSBSZWNvbW1lbmRhdGlvbnMN CsK3ICAgICBORVc6IEF0LUxhcmdlIENvbW11bml0eSBMYXVuY2hlcyBUd28gSUNBTk4gTGVhcm4g Q291cnNlcw0KUHVibGljIENvbW1lbnQNCsK3ICAgICBDTE9TRVMgVEhJUyBGUklEQVk6IEdOU08g UmV2aWV3IG9mIEFsbCBSaWdodHMgUHJvdGVjdGlvbiBNZWNoYW5pc21zIGluIEFsbCBnVExEcyBQ b2xpY3kgRGV2ZWxvcG1lbnQgUHJvY2VzcyBQaGFzZSAxIEZpbmFsIFJlY29tbWVuZGF0aW9ucyBm b3IgSUNBTk4gQm9hcmQgQ29uc2lkZXJhdGlvbg0KwrcgICAgIE5FVzogR05TTyBOZXcgZ1RMRCBT dWJzZXF1ZW50IFByb2NlZHVyZXMgRmluYWwgT3V0cHV0cyBmb3IgSUNBTk4gQm9hcmQgQ29uc2lk ZXJhdGlvbg0KDQoNCg0KDQoNCg0KDQpJbmZvcm1hdGlvbiBTaGFyaW5nDQoNCg0KDQpEVUUgVE9E QVk6IEFwcG9pbnRtZW50cyB0byBHTlNPIFBEUCB0byBSZXZpZXcgdGhlIFRyYW5zZmVyIFBvbGlj eQ0KDQpUaGUgR2VuZXJpYyBOYW1lcyBTdXBwb3J0aW5nIE9yZ2FuaXphdGlvbiAoR05TTykgQ291 bmNpbCByZWNlbnRseSBpbml0aWF0ZWQgYSB0d28tcGhhc2VkIHBvbGljeSBkZXZlbG9wbWVudCBw cm9jZXNzIChQRFApIHRvIHJldmlldyB0aGUgVHJhbnNmZXIgUG9saWN5LCB3aGljaCB3aWxsIGRl dGVybWluZSBpZiBjaGFuZ2VzIHRvIHRoZSBwb2xpY3kgYXJlIG5lZWRlZCB0byBpbXByb3ZlIHRo ZSBlYXNlLCBzZWN1cml0eSwgYW5kIGVmZmljYWN5IG9mIGludGVyLXJlZ2lzdHJhciBhbmQgaW50 ZXItcmVnaXN0cmFudCB0cmFuc2ZlcnMuDQoNCkNhbGwgZm9yIFZvbHVudGVlcnM6IEdOU08gUERQ IFdvcmtpbmcgR3JvdXAgdG8gUmV2aWV3IHRoZSBUcmFuc2ZlciBQb2xpY3kNCg0KwrcgICAgIFN1 cHBvcnRpbmcgT3JnYW5pemF0aW9uLCBBZHZpc29yeSBDb21taXR0ZWUsIFN0YWtlaG9sZGVyIEdy b3VwLCBhbmQgQ29uc3RpdHVlbmN5IGNoYWlycyByZWNlaXZlZCBhIGxldHRlciBpbnZpdGluZyB0 aGVtIHRvIGFwcG9pbnQgYSBsaW1pdGVkIG51bWJlciBvZiBtZW1iZXJzIGFuZCBhbHRlcm5hdGVz IHRvIHRoZSBHTlNPIFBEUCB3b3JraW5nIGdyb3VwIHRvIHJldmlldyB0aGUgVHJhbnNmZXIgUG9s aWN5Lg0KwrcgICAgIFRoZSBkZWFkbGluZSBmb3IgYXBwb2ludG1lbnRzIGlzIE1vbmRheSwgMjYg QXByaWwgMjAyMS4NCg0KDQoNCg0KDQoNCg0KDQoNClRPTU9SUk9XOiBXZWJpbmFyIG9uIFByaW9y aXRpemF0aW9uIG9mIElDQU5OIFdvcmsgYW5kIFN1cHBsZW1lbnRhbCBGdW5kIGZvciBJbXBsZW1l bnRhdGlvbiBvZiBDb21tdW5pdHkgUmVjb21tZW5kYXRpb25zDQoNClRoZSBJQ0FOTiBvcmcgUGxh bm5pbmcgYW5kIEZpbmFuY2UgdGVhbXMgd2lsbCBob3N0IGEgd2ViaW5hciBvbiBUdWVzZGF5LCAy NyBBcHJpbCAyMDIxIGF0IDE1OjAwIFVUQyB0byBkaXNjdXNzIHByaW9yaXRpemluZyBJQ0FOTiB3 b3JrIGFuZCB0aGUgcHJvcG9zZWQgc3VwcGxlbWVudGFsIGZ1bmQgZm9yIGltcGxlbWVudGF0aW9u IG9mIGNvbW11bml0eSByZWNvbW1lbmRhdGlvbnMuIFBsZWFzZSByZWdpc3RlciBbcjIwLnJzNi5u ZXRdPGh0dHBzOi8vdXJsZGVmZW5zZS5jb20vdjMvX19odHRwOi9yMjAucnM2Lm5ldC90bi5qc3A/ Zj0wMDF0UXZDOTk0eUJoUDVkWE81U21xazg3Mk1CaVJYell1UW5VQ0V3bGdEbUh1TXNQb05fZlNw N0toMUc2M1ZvN19pT29ET1VrYVhVUWhGZS01cnotdTV5X2hKQTg4ZEhPU2xpV0lsVWJiSFhhaGp3 MTVVdmpKdGg4QW9CQUdJakFERkxVOU96eTBuQmZGNTZ2QlMzWl9VZ1ZFMnQ5NlJaanMtcGtuLXV0 VzZRQzFGNUtFeVladXJDTWFsbE5laFdNR2g5dmhGN1M0STMxamRHSEU1WWNBMzNtOFBPbWN3M3Y3 aCZjPTRzLVpoN0xjM05yb1JBRy0zT1BoUzlEVHFMQWJkQUhyaHA2MzJKTzB6VTVUbDhXRGlJVVVm QT09JmNoPTNBSFJxSUh6bE5YZGl0RldHYjhUSEFhSG5nWmdJTU10c05CejlCNVZtMktHcVlZTmlh Z1NkQT09JmpyYz0xX187ISFQdEdKYWI0IXIwbGlYZVZBZVJNVzZNWXpINUlEV0dpMTN4dzNrRUFv RTBpazlOTVFRdmJodXFUYkNXMjFEdnN6eWZGSVlWSDExSDJUcDRxZzN3JD4gaW4gYWR2YW5jZSB0 byByZWNlaXZlIGRldGFpbHMgdG8gam9pbiB0aGlzIHdlYmluYXIuDQoNCkluIHRoaXMgd2ViaW5h ciwgdGhlIFBsYW5uaW5nIHRlYW0gd2lsbCBwcm92aWRlIGFuIG92ZXJ2aWV3IG9mIHRoZSAiUHJp b3JpdGl6YXRpb24gb2YgSUNBTk4gV29yayIgcHJvamVjdCwgaW5jbHVkaW5nIGl0cyBwdXJwb3Nl IGFuZCBzY29wZSwgd29yayBwbGFuLCBhbmQgY29tbXVuaXR5IGVuZ2FnZW1lbnQuIFByaW9yaXRp emF0aW9uIG9mIElDQU5OIHdvcmsgaXMgYSB0YXJnZXRlZCBvdXRjb21lIG9mIHRoZSBQbGFubmlu ZyBhdCBJQ0FOTiBvcGVyYXRpbmcgaW5pdGlhdGl2ZSBpbiB0aGUgSUNBTk4gRlkyMS0yNSBPcGVy YXRpbmcgUGxhbi4gSXQgaW5jbHVkZXMgdGhlIGRlc2lnbiBhbmQgaW1wbGVtZW50YXRpb24gb2Yg YSBwcmlvcml0aXphdGlvbiBmcmFtZXdvcmsgaW4gY29sbGFib3JhdGlvbiB3aXRoIHRoZSBJQ0FO TiBjb21tdW5pdHksIEJvYXJkIGFuZCBvcmcuIFRoZSBGaW5hbmNlIHRlYW0gd2lsbCBhbHNvIHNo YXJlIHRoZSBwcm9wb3NlZCBzdXBwbGVtZW50YWwgZnVuZCBmb3IgaW1wbGVtZW50YXRpb24gb2Yg Y29tbXVuaXR5IHJlY29tbWVuZGF0aW9ucy4NCg0KDQoNCg0KDQoNCg0KDQoNCk5FVzogQXQtTGFy Z2UgQ29tbXVuaXR5IExhdW5jaGVzIFR3byBJQ0FOTiBMZWFybiBDb3Vyc2VzDQoNClR3byBuZXcg Y291cnNlcyBhYm91dCB0aGUgQXQtTGFyZ2UgY29tbXVuaXR5IGFyZSBub3cgYXZhaWxhYmxlIG9u IElDQU5OIExlYXJuLiBUaGUgZmlyc3QgY291cnNlIHByb3ZpZGVzIGFuIGludHJvZHVjdGlvbiB0 byB0aGUgQXQtTGFyZ2UgY29tbXVuaXR5IGFuZCB0aGUgQXQtTGFyZ2UgQWR2aXNvcnkgQ29tbWl0 dGVlIChBTEFDKSwgaG93IHRoZXkgZnVuY3Rpb24gd2l0aGluIHRoZSBJQ0FOTiBjb21tdW5pdHks IGFuZCBob3cgZW5kIHVzZXJzIGNhbiBzdGFydCBhbmQgY29udGludWUgdGhlaXIgaW52b2x2ZW1l bnQuIFRoZSBzZWNvbmQgY291cnNlLCDigJxJQ0FOTiBQb2xpY3kgRGV2ZWxvcG1lbnQ6IEEgR3Vp ZGUgZm9yIEF0LUxhcmdlIFBhcnRpY2lwYW50c+KAnSBwcm92aWRlcyBhIGRlZXBlciBkaXZlIGlu dG8gaG93IHRoZSBBTEFDIGRldmVsb3BzIHBvbGljeSBhZHZpY2UgYW5kIGZvcm1zIHBvbGljeSBw b3NpdGlvbnMuIFRha2UgdGhlIGNvdXJzZXMhIFtyMjAucnM2Lm5ldF08aHR0cHM6Ly91cmxkZWZl bnNlLmNvbS92My9fX2h0dHA6L3IyMC5yczYubmV0L3RuLmpzcD9mPTAwMXRRdkM5OTR5QmhQNWRY TzVTbXFrODcyTUJpUlh6WXVRblVDRXdsZ0RtSHVNc1BvTl9mU3A3S0JoeXJPamZHekVTcWxKZ3Na cHV0VGtuMnVqNllxNFZKaWRybUl4TjkwdkV6aVVwN2ZpUjE5S0drRXRabTRnRDJrOEtWdGxHd2xh Q0hONWFac0xUV0RJVlNxUEY5SVNqQT09JmM9NHMtWmg3TGMzTnJvUkFHLTNPUGhTOURUcUxBYmRB SHJocDYzMkpPMHpVNVRsOFdEaUlVVWZBPT0mY2g9M0FIUnFJSHpsTlhkaXRGV0diOFRIQWFIbmda Z0lNTXRzTkJ6OUI1Vm0yS0dxWVlOaWFnU2RBPT0manJjPTFfXzshIVB0R0phYjQhcjBsaVhlVkFl Uk1XNk1Zekg1SURXR2kxM3h3M2tFQW9FMGlrOU5NUVF2Ymh1cVRiQ1cyMUR2c3p5ZkZJWVZIMTFI MjczUlpic3ckPg0KDQoNCg0KUHVibGljIENvbW1lbnQNCg0KDQoNCkdOU08gUmV2aWV3IG9mIEFs bCBSaWdodHMgUHJvdGVjdGlvbiBNZWNoYW5pc21zIGluIEFsbCBnVExEcyBQb2xpY3kgRGV2ZWxv cG1lbnQgUHJvY2VzcyBQaGFzZSAxIEZpbmFsIFJlY29tbWVuZGF0aW9ucyBmb3IgSUNBTk4gQm9h cmQgQ29uc2lkZXJhdGlvbiBbcjIwLnJzNi5uZXRdPGh0dHBzOi8vdXJsZGVmZW5zZS5jb20vdjMv X19odHRwOi9yMjAucnM2Lm5ldC90bi5qc3A/Zj0wMDF0UXZDOTk0eUJoUDVkWE81U21xazg3Mk1C aVJYell1UW5VQ0V3bGdEbUh1TXNQb05fZlNwN0c4RE1BM2xvWGZNaVVQT2FHdEZIRXcydDE3RVJs d3J4ZnREUUh4eXB6Tnlrd2NaUnZJOVNGOF9XTU9tMXRuR2VGNlRIclhrOWZheDU1bUpRSmhVZFM2 WnRLTXJ4SkZuMTIteHhFamxyZm5GTEl6TGdMbG5CTkJ2N1FvS2c4bm1POGhvNmVfREtzVGUtODE1 SG1mRFVzRlNXZUM2Y3dHeTlkandVMl82SGM4U2NIRGNfdjhBNVFrMl9HSWFoSGNCZWc9PSZjPTRz LVpoN0xjM05yb1JBRy0zT1BoUzlEVHFMQWJkQUhyaHA2MzJKTzB6VTVUbDhXRGlJVVVmQT09JmNo PTNBSFJxSUh6bE5YZGl0RldHYjhUSEFhSG5nWmdJTU10c05CejlCNVZtMktHcVlZTmlhZ1NkQT09 JmpyYz0xX187ISFQdEdKYWI0IXIwbGlYZVZBZVJNVzZNWXpINUlEV0dpMTN4dzNrRUFvRTBpazlO TVFRdmJodXFUYkNXMjFEdnN6eWZGSVlWSDExSDNXUnRwRFpRJD4NCkNsb3NlIERhdGU6IEZyaWRh eSwgMzAgQXByaWwgMjAyMQ0KDQpORVc6IEdOU08gTmV3IGdUTEQgU3Vic2VxdWVudCBQcm9jZWR1 cmVzIEZpbmFsIE91dHB1dHMgZm9yIElDQU5OIEJvYXJkIENvbnNpZGVyYXRpb24gW3IyMC5yczYu bmV0XTxodHRwczovL3VybGRlZmVuc2UuY29tL3YzL19faHR0cDovcjIwLnJzNi5uZXQvdG4uanNw P2Y9MDAxdFF2Qzk5NHlCaFA1ZFhPNVNtcWs4NzJNQmlSWHpZdVFuVUNFd2xnRG1IdU1zUG9OX2ZT cDdLQmh5ck9qZkd6RXNRdjNCWGF5TTNOU3FhbDB1aXpUTUV2aVpVVnhfM2Q0Y3FuR3RNRTdMLTlD aWR0LWdyek5YdkdPS1d1TUlBWUxWMHNGRW9fM3lnMzhGeGd5d1BFUzJrMDNWVE5aend5czRiOVdY OUtnX3Y5UDA4enF1UmptQzlWZ0FRV3NWT3FNQzRWZ3dxTFpFUlh4clNvVmY5Y1pkeFdFWEJFdi1x SENfTnBqUTVDWWVILUM5NDNueTd2bnF3PT0mYz00cy1aaDdMYzNOcm9SQUctM09QaFM5RFRxTEFi ZEFIcmhwNjMySk8welU1VGw4V0RpSVVVZkE9PSZjaD0zQUhScUlIemxOWGRpdEZXR2I4VEhBYUhu Z1pnSU1NdHNOQno5QjVWbTJLR3FZWU5pYWdTZEE9PSZqcmM9MV9fOyEhUHRHSmFiNCFyMGxpWGVW QWVSTVc2TVl6SDVJRFdHaTEzeHcza0VBb0UwaWs5Tk1RUXZiaHVxVGJDVzIxRHZzenlmRklZVkgx MUgxQXJ0LUxodyQ+DQpDbG9zZSBEYXRlOiBUdWVzZGF5LCAxIEp1bmUgMjAyMQ0KDQoNCg0KVm9s dW1lIDMsIElzc3VlIDMxIHwgQXJjaGl2ZSBbcjIwLnJzNi5uZXRdPGh0dHBzOi8vdXJsZGVmZW5z ZS5jb20vdjMvX19odHRwOi9yMjAucnM2Lm5ldC90bi5qc3A/Zj0wMDF0UXZDOTk0eUJoUDVkWE81 U21xazg3Mk1CaVJYell1UW5VQ0V3bGdEbUh1TXNQb05fZlNwN0lqZE5ldHd5Y1RmeDhrT1FaNXFs XzZCX0VJMW45U0hVdEVQckE2YTBxcjd5V0RZSWR4WHpjcTRhWDF3T2ZzWmVjUEdCYWxpb0YxOGZE Q2J6WjgtakZLeHd2OEVkTm9xbDBaTEFMS1F6Tl9JdXFnQTcwaWtjR3JZVWlzYWlsVm9UNVNfZVFL Q1N1aHlsMldIVnlONWtGanlsUkpNb0FiX2hkc2J0MXdvb1lmQXRfS1hyVHZoZEFjPSZjPTRzLVpo N0xjM05yb1JBRy0zT1BoUzlEVHFMQWJkQUhyaHA2MzJKTzB6VTVUbDhXRGlJVVVmQT09JmNoPTNB SFJxSUh6bE5YZGl0RldHYjhUSEFhSG5nWmdJTU10c05CejlCNVZtMktHcVlZTmlhZ1NkQT09Jmpy Yz0xX187ISFQdEdKYWI0IXIwbGlYZVZBZVJNVzZNWXpINUlEV0dpMTN4dzNrRUFvRTBpazlOTVFR dmJodXFUYkNXMjFEdnN6eWZGSVlWSDExSDBFQTRWbDF3JD4gfCBOZXh0IElzc3VlOiBUaHVyc2Rh eSwgMjkgQXByaWwgMjAyMQ0KDQoNCg0KDQoNCg0KDQoNCg0KDQoNCg0K --_000_3A3A0F2F6E3040C3A7E31D22F32A18ECicannorg_ Content-Type: text/html; charset="utf-8" Content-ID: <[log in to unmask]> Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPCEtLVtp ZiAhbXNvXT48c3R5bGUgaWQ9dGVtcGxhdGUtc3R5bGVzLWhlYWQ+dlw6KiB7YmVoYXZpb3I6dXJs KCNkZWZhdWx0I1ZNTCk7fQ0Kb1w6KiB7YmVoYXZpb3I6dXJsKCNkZWZhdWx0I1ZNTCk7fQ0Kd1w6 KiB7YmVoYXZpb3I6dXJsKCNkZWZhdWx0I1ZNTCk7fQ0KLnNoYXBlIHtiZWhhdmlvcjp1cmwoI2Rl ZmF1bHQjVk1MKTt9DQo8L3N0eWxlPjwhW2VuZGlmXS0tPjxzdHlsZT48IS0tDQovKiBGb250IERl ZmluaXRpb25zICovDQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OldpbmdkaW5nczsNCglwYW5v c2UtMTo1IDAgMCAwIDAgMCAwIDAgMCAwO30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6IkNh bWJyaWEgTWF0aCI7DQoJcGFub3NlLTE6MiA0IDUgMyA1IDQgNiAzIDIgNDt9DQpAZm9udC1mYWNl DQoJe2ZvbnQtZmFtaWx5OkNhbGlicmk7DQoJcGFub3NlLTE6MiAxNSA1IDIgMiAyIDQgMyAyIDQ7 fQ0KQGZvbnQtZmFjZQ0KCXtmb250LWZhbWlseToiVGltZXMgTmV3IFJvbWFuIFwoQm9keSBDU1wp IjsNCglwYW5vc2UtMToyIDExIDYgNCAyIDIgMiAyIDIgNDt9DQovKiBTdHlsZSBEZWZpbml0aW9u cyAqLw0KcC5Nc29Ob3JtYWwsIGxpLk1zb05vcm1hbCwgZGl2Lk1zb05vcm1hbA0KCXttYXJnaW46 MGNtOw0KCWZvbnQtc2l6ZToxMS4wcHQ7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLHNhbnMtc2Vy aWY7fQ0KYTpsaW5rLCBzcGFuLk1zb0h5cGVybGluaw0KCXttc28tc3R5bGUtcHJpb3JpdHk6OTk7 DQoJY29sb3I6Ymx1ZTsNCgl0ZXh0LWRlY29yYXRpb246dW5kZXJsaW5lO30NCi5Nc29DaHBEZWZh dWx0DQoJe21zby1zdHlsZS10eXBlOmV4cG9ydC1vbmx5Ow0KCWZvbnQtc2l6ZToxMC4wcHQ7fQ0K QHBhZ2UgV29yZFNlY3Rpb24xDQoJe3NpemU6NjEyLjBwdCA3OTIuMHB0Ow0KCW1hcmdpbjo3Mi4w cHQgNzIuMHB0IDcyLjBwdCA3Mi4wcHQ7fQ0KZGl2LldvcmRTZWN0aW9uMQ0KCXtwYWdlOldvcmRT ZWN0aW9uMTt9DQovKiBMaXN0IERlZmluaXRpb25zICovDQpAbGlzdCBsMA0KCXttc28tbGlzdC1p ZDoyNTM2MzM5Nzk7DQoJbXNvLWxpc3QtdGVtcGxhdGUtaWRzOjEwNzIwOTQ5NTQ7fQ0KQGxpc3Qg bDA6bGV2ZWwxDQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwt dGV4dDrvgrc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjM2LjBwdDsNCgltc28tbGV2ZWwtbnVtYmVy LXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LTE4LjBwdDsNCgltc28tYW5zaS1mb250LXNp emU6MTAuMHB0Ow0KCWZvbnQtZmFtaWx5OlN5bWJvbDt9DQpAbGlzdCBsMDpsZXZlbDINCgl7bXNv LWxldmVsLW51bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZlbC10ZXh0Om87DQoJbXNvLWxl dmVsLXRhYi1zdG9wOjcyLjBwdDsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJ dGV4dC1pbmRlbnQ6LTE4LjBwdDsNCgltc28tYW5zaS1mb250LXNpemU6MTAuMHB0Ow0KCWZvbnQt ZmFtaWx5OiJDb3VyaWVyIE5ldyI7DQoJbXNvLWJpZGktZm9udC1mYW1pbHk6IlRpbWVzIE5ldyBS b21hbiI7fQ0KQGxpc3QgbDA6bGV2ZWwzDQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxl dDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjEwOC4wcHQ7DQoJ bXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJ bXNvLWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0KQGxp c3QgbDA6bGV2ZWw0DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2 ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjE0NC4wcHQ7DQoJbXNvLWxldmVsLW51 bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJbXNvLWFuc2ktZm9u dC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0KQGxpc3QgbDA6bGV2ZWw1 DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7 DQoJbXNvLWxldmVsLXRhYi1zdG9wOjE4MC4wcHQ7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlv bjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJbXNvLWFuc2ktZm9udC1zaXplOjEwLjBw dDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0KQGxpc3QgbDA6bGV2ZWw2DQoJe21zby1sZXZl bC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVs LXRhYi1zdG9wOjIxNi4wcHQ7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRl eHQtaW5kZW50Oi0xOC4wcHQ7DQoJbXNvLWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZh bWlseTpXaW5nZGluZ3M7fQ0KQGxpc3QgbDA6bGV2ZWw3DQoJe21zby1sZXZlbC1udW1iZXItZm9y bWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjI1 Mi4wcHQ7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0x OC4wcHQ7DQoJbXNvLWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGlu Z3M7fQ0KQGxpc3QgbDA6bGV2ZWw4DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsN Cgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjI4OC4wcHQ7DQoJbXNv LWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJbXNv LWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0KQGxpc3Qg bDA6bGV2ZWw5DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwt dGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjMyNC4wcHQ7DQoJbXNvLWxldmVsLW51bWJl ci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJbXNvLWFuc2ktZm9udC1z aXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0KQGxpc3QgbDENCgl7bXNvLWxp c3QtaWQ6MTIyMjcxNjk0NzsNCgltc28tbGlzdC10ZW1wbGF0ZS1pZHM6LTE5MDM0MTYxNDI7fQ0K QGxpc3QgbDE6bGV2ZWwxDQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28t bGV2ZWwtdGV4dDrvgrc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjM2LjBwdDsNCgltc28tbGV2ZWwt bnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LTE4LjBwdDsNCgltc28tYW5zaS1m b250LXNpemU6MTAuMHB0Ow0KCWZvbnQtZmFtaWx5OlN5bWJvbDt9DQpAbGlzdCBsMTpsZXZlbDIN Cgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZlbC10ZXh0Om87DQoJ bXNvLWxldmVsLXRhYi1zdG9wOjcyLjBwdDsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxl ZnQ7DQoJdGV4dC1pbmRlbnQ6LTE4LjBwdDsNCgltc28tYW5zaS1mb250LXNpemU6MTAuMHB0Ow0K CWZvbnQtZmFtaWx5OiJDb3VyaWVyIE5ldyI7DQoJbXNvLWJpZGktZm9udC1mYW1pbHk6IlRpbWVz IE5ldyBSb21hbiI7fQ0KQGxpc3QgbDE6bGV2ZWwzDQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0 OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjEwOC4w cHQ7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4w cHQ7DQoJbXNvLWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7 fQ0KQGxpc3QgbDE6bGV2ZWw0DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCglt c28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjE0NC4wcHQ7DQoJbXNvLWxl dmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJbXNvLWFu c2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0KQGxpc3QgbDE6 bGV2ZWw1DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4 dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjE4MC4wcHQ7DQoJbXNvLWxldmVsLW51bWJlci1w b3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJbXNvLWFuc2ktZm9udC1zaXpl OjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0KQGxpc3QgbDE6bGV2ZWw2DQoJe21z by1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNv LWxldmVsLXRhYi1zdG9wOjIxNi4wcHQ7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0 Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJbXNvLWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglm b250LWZhbWlseTpXaW5nZGluZ3M7fQ0KQGxpc3QgbDE6bGV2ZWw3DQoJe21zby1sZXZlbC1udW1i ZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1z dG9wOjI1Mi4wcHQ7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5k ZW50Oi0xOC4wcHQ7DQoJbXNvLWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpX aW5nZGluZ3M7fQ0KQGxpc3QgbDE6bGV2ZWw4DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1 bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjI4OC4wcHQ7 DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7 DQoJbXNvLWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0K QGxpc3QgbDE6bGV2ZWw5DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28t bGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjMyNC4wcHQ7DQoJbXNvLWxldmVs LW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJbXNvLWFuc2kt Zm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0KQGxpc3QgbDINCgl7 bXNvLWxpc3QtaWQ6MjA2NTc2MDk2MTsNCgltc28tbGlzdC10ZW1wbGF0ZS1pZHM6LTExMDcyNTcy NDg7fQ0KQGxpc3QgbDI6bGV2ZWwxDQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsN Cgltc28tbGV2ZWwtdGV4dDrvgrc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjM2LjBwdDsNCgltc28t bGV2ZWwtbnVtYmVyLXBvc2l0aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LTE4LjBwdDsNCgltc28t YW5zaS1mb250LXNpemU6MTAuMHB0Ow0KCWZvbnQtZmFtaWx5OlN5bWJvbDt9DQpAbGlzdCBsMjps ZXZlbDINCgl7bXNvLWxldmVsLW51bWJlci1mb3JtYXQ6YnVsbGV0Ow0KCW1zby1sZXZlbC10ZXh0 Om87DQoJbXNvLWxldmVsLXRhYi1zdG9wOjcyLjBwdDsNCgltc28tbGV2ZWwtbnVtYmVyLXBvc2l0 aW9uOmxlZnQ7DQoJdGV4dC1pbmRlbnQ6LTE4LjBwdDsNCgltc28tYW5zaS1mb250LXNpemU6MTAu MHB0Ow0KCWZvbnQtZmFtaWx5OiJDb3VyaWVyIE5ldyI7DQoJbXNvLWJpZGktZm9udC1mYW1pbHk6 IlRpbWVzIE5ldyBSb21hbiI7fQ0KQGxpc3QgbDI6bGV2ZWwzDQoJe21zby1sZXZlbC1udW1iZXIt Zm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9w OjEwOC4wcHQ7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50 Oi0xOC4wcHQ7DQoJbXNvLWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5n ZGluZ3M7fQ0KQGxpc3QgbDI6bGV2ZWw0DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxl dDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjE0NC4wcHQ7DQoJ bXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJ bXNvLWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0KQGxp c3QgbDI6bGV2ZWw1DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2 ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjE4MC4wcHQ7DQoJbXNvLWxldmVsLW51 bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJbXNvLWFuc2ktZm9u dC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0KQGxpc3QgbDI6bGV2ZWw2 DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7 DQoJbXNvLWxldmVsLXRhYi1zdG9wOjIxNi4wcHQ7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlv bjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJbXNvLWFuc2ktZm9udC1zaXplOjEwLjBw dDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0KQGxpc3QgbDI6bGV2ZWw3DQoJe21zby1sZXZl bC1udW1iZXItZm9ybWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVs LXRhYi1zdG9wOjI1Mi4wcHQ7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRl eHQtaW5kZW50Oi0xOC4wcHQ7DQoJbXNvLWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZh bWlseTpXaW5nZGluZ3M7fQ0KQGxpc3QgbDI6bGV2ZWw4DQoJe21zby1sZXZlbC1udW1iZXItZm9y bWF0OmJ1bGxldDsNCgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjI4 OC4wcHQ7DQoJbXNvLWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0x OC4wcHQ7DQoJbXNvLWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGlu Z3M7fQ0KQGxpc3QgbDI6bGV2ZWw5DQoJe21zby1sZXZlbC1udW1iZXItZm9ybWF0OmJ1bGxldDsN Cgltc28tbGV2ZWwtdGV4dDrvgqc7DQoJbXNvLWxldmVsLXRhYi1zdG9wOjMyNC4wcHQ7DQoJbXNv LWxldmVsLW51bWJlci1wb3NpdGlvbjpsZWZ0Ow0KCXRleHQtaW5kZW50Oi0xOC4wcHQ7DQoJbXNv LWFuc2ktZm9udC1zaXplOjEwLjBwdDsNCglmb250LWZhbWlseTpXaW5nZGluZ3M7fQ0Kb2wNCgl7 bWFyZ2luLWJvdHRvbTowY207fQ0KdWwNCgl7bWFyZ2luLWJvdHRvbTowY207fQ0KLS0+PC9zdHls ZT48IS0tW2lmIGd0ZSBtc28gOV0+PHhtbD4NCjxvOnNoYXBlZGVmYXVsdHMgdjpleHQ9ImVkaXQi IHNwaWRtYXg9IjEwMjYiIC8+DQo8L3htbD48IVtlbmRpZl0tLT48IS0tW2lmIGd0ZSBtc28gOV0+ PHhtbD4NCjxvOnNoYXBlbGF5b3V0IHY6ZXh0PSJlZGl0Ij4NCjxvOmlkbWFwIHY6ZXh0PSJlZGl0 IiBkYXRhPSIxIiAvPg0KPC9vOnNoYXBlbGF5b3V0PjwveG1sPjwhW2VuZGlmXS0tPg0KPC9oZWFk Pg0KPGJvZHkgbGFuZz0iZW4tQkUiIGxpbms9ImJsdWUiIHZsaW5rPSJwdXJwbGUiIHN0eWxlPSJ3 b3JkLXdyYXA6YnJlYWstd29yZCI+DQo8ZGl2IGNsYXNzPSJXb3JkU2VjdGlvbjEiPg0KPGRpdj4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiPiZuYnNwOzxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8dGFi bGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxs cGFkZGluZz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxlPSJ3aWR0aDoxMDAuMCU7Ym9yZGVyLWNvbGxh cHNlOmNvbGxhcHNlO21pbi13aWR0aDogMTAwJSI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgc3R5bGU9 InBhZGRpbmc6MGNtIDBjbSAwY20gMGNtIj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBh bGlnbj0iY2VudGVyIiBzdHlsZT0idGV4dC1hbGlnbjpjZW50ZXI7bXNvLWxpbmUtaGVpZ2h0LWFs dDouNzVwdCI+DQo8c3BhbiBzdHlsZT0iZm9udC1zaXplOjEuMHB0Ij48aW1nIGlkPSJfeDAwMDBf aTEwMjgiIHNyYz0iaHR0cDovL3IyMC5yczYubmV0L29uLmpzcD9jYT0yNjBlYjIwOC05NDRiLTQz ODktYTM4My0yMDk4MzA2MTA3ZDkmYW1wO2E9MTEyMjAyNTg0NTc2MyZhbXA7Yz00MzVkYTQ1MC1j MGM5LTExZTgtOTc0MS1kNGFlNTI3Yjc3ZjgmYW1wO2NoPTQzNzRhZWMwLWMwYzktMTFlOC05NzQx LWQ0YWU1MjdiNzdmOCI+PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L3RkPg0KPC90 cj4NCjx0cj4NCjx0ZCBzdHlsZT0icGFkZGluZzowY20gMGNtIDBjbSAwY20iPg0KPGRpdiBhbGln bj0iY2VudGVyIj4NCjx0YWJsZSBjbGFzcz0iTXNvTm9ybWFsVGFibGUiIGJvcmRlcj0iMCIgY2Vs bHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIiB3aWR0aD0iMTAwJSIgc3R5bGU9IndpZHRoOjEw MC4wJTtiYWNrZ3JvdW5kOiNDREQ3RUU7Ym9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO21pbi13aWR0 aDogMTAwJSI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgc3R5bGU9InBhZGRpbmc6MGNtIDBjbSAwY20g MGNtIj4NCjxkaXYgYWxpZ249ImNlbnRlciI+DQo8dGFibGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxl IiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIgd2lkdGg9IjYzMCIg c3R5bGU9IndpZHRoOjQ3Mi41cHQ7Ym9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO21pbi13aWR0aDog MTAwJSI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgdmFsaWduPSJ0b3AiIHN0eWxlPSJwYWRkaW5nOjEx LjI1cHQgMy43NXB0IDExLjI1cHQgMy43NXB0Ij4NCjxkaXYgYWxpZ249ImNlbnRlciI+DQo8dGFi bGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxs cGFkZGluZz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxlPSJ3aWR0aDoxMDAuMCU7Ym9yZGVyLWNvbGxh cHNlOmNvbGxhcHNlIj4NCjx0Ym9keT4NCjx0cj4NCjx0ZCB2YWxpZ249InRvcCIgc3R5bGU9ImJh Y2tncm91bmQ6IzFEMzU2NztwYWRkaW5nOjcuNXB0IDcuNXB0IDcuNXB0IDcuNXB0Ij4NCjxkaXYg YWxpZ249ImNlbnRlciI+DQo8dGFibGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxlIiBib3JkZXI9IjAi IGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxlPSJ3aWR0 aDoxMDAuMCU7YmFja2dyb3VuZDojMUQzNTY3O2JvcmRlci1jb2xsYXBzZTpjb2xsYXBzZSI+DQo8 dGJvZHk+DQo8dHI+DQo8dGQgdmFsaWduPSJ0b3AiIHN0eWxlPSJiYWNrZ3JvdW5kOndoaXRlO3Bh ZGRpbmc6MGNtIDBjbSAwY20gMGNtIj4NCjxkaXYgYWxpZ249ImNlbnRlciI+DQo8dGFibGUgY2xh c3M9Ik1zb05vcm1hbFRhYmxlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGlu Zz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxlPSJ3aWR0aDoxMDAuMCU7Ym9yZGVyLWNvbGxhcHNlOmNv bGxhcHNlIj4NCjx0Ym9keT4NCjx0cj4NCjx0ZCB3aWR0aD0iMTAwJSIgdmFsaWduPSJ0b3AiIHN0 eWxlPSJ3aWR0aDoxMDAuMCU7YmFja2dyb3VuZDojMUQzNTY3O3BhZGRpbmc6MGNtIDBjbSAwY20g MGNtIj4NCjx0YWJsZSBjbGFzcz0iTXNvTm9ybWFsVGFibGUiIGJvcmRlcj0iMCIgY2VsbHNwYWNp bmc9IjAiIGNlbGxwYWRkaW5nPSIwIiB3aWR0aD0iMTAwJSIgc3R5bGU9IndpZHRoOjEwMC4wJTti b3JkZXItY29sbGFwc2U6Y29sbGFwc2UiPg0KPHRib2R5Pg0KPHRyPg0KPHRkIHZhbGlnbj0idG9w IiBzdHlsZT0icGFkZGluZzo3LjVwdCAxNS4wcHQgNy41cHQgMTUuMHB0Ij4NCjxkaXY+DQo8ZGl2 Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIGFsaWduPSJjZW50ZXIiIHN0eWxlPSJ0ZXh0 LWFsaWduOmNlbnRlciI+PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWls eTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOndoaXRlIj5Nb25kYXksIDI2IEFw cmlsIDIwMjE8L3NwYW4+PC9iPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2 Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvdGQ+DQo8L3RyPg0KPC90Ym9k eT4NCjwvdGFibGU+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIGFsaWduPSJjZW50ZXIi IHN0eWxlPSJ0ZXh0LWFsaWduOmNlbnRlciI+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj4mbmJz cDs8L3NwYW4+PG86cD48L286cD48L3A+DQo8ZGl2IGFsaWduPSJjZW50ZXIiPg0KPHRhYmxlIGNs YXNzPSJNc29Ob3JtYWxUYWJsZSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRp bmc9IjAiIHdpZHRoPSIxMDAlIiBzdHlsZT0id2lkdGg6MTAwLjAlO2JvcmRlci1jb2xsYXBzZTpj b2xsYXBzZTttaW4td2lkdGg6IDEwMCUiPg0KPHRib2R5Pg0KPHRyPg0KPHRkIHdpZHRoPSIxMDAl IiB2YWxpZ249InRvcCIgc3R5bGU9IndpZHRoOjEwMC4wJTtwYWRkaW5nOjBjbSAwY20gMGNtIDBj bSI+DQo8ZGl2Pg0KPHRhYmxlIGNsYXNzPSJNc29Ob3JtYWxUYWJsZSIgYm9yZGVyPSIwIiBjZWxs c3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSIxMDAlIiBzdHlsZT0id2lkdGg6MTAw LjAlO2JvcmRlci1jb2xsYXBzZTpjb2xsYXBzZTttaW4td2lkdGg6IDEwMCUiPg0KPHRib2R5Pg0K PHRyPg0KPHRkIHZhbGlnbj0idG9wIiBzdHlsZT0icGFkZGluZzo3LjVwdCAxNS4wcHQgNy41cHQg MTUuMHB0Ij4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIGFsaWdu PSJjZW50ZXIiIHN0eWxlPSJ0ZXh0LWFsaWduOmNlbnRlciI+PGI+PHNwYW4gc3R5bGU9ImZvbnQt c2l6ZToxMy41cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xv cjpibGFjayI+SUNBTk4gQ29tbXVuaXR5IExlYWRlcnNoaXAgRGlnZXN0PC9zcGFuPjwvYj48bzpw PjwvbzpwPjwvcD4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvdGQ+DQo8L3RyPg0KPC90Ym9k eT4NCjwvdGFibGU+DQo8L2Rpdj4NCjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQo8 L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIGFsaWduPSJjZW50ZXIiIHN0eWxlPSJ0ZXh0LWFs aWduOmNlbnRlciI+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj4mbmJzcDs8L3NwYW4+PG86cD48 L286cD48L3A+DQo8ZGl2IGFsaWduPSJjZW50ZXIiPg0KPHRhYmxlIGNsYXNzPSJNc29Ob3JtYWxU YWJsZSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSIx MDAlIiBzdHlsZT0id2lkdGg6MTAwLjAlO2JvcmRlci1jb2xsYXBzZTpjb2xsYXBzZTttaW4td2lk dGg6IDEwMCUiPg0KPHRib2R5Pg0KPHRyPg0KPHRkIHdpZHRoPSIxMDAlIiB2YWxpZ249InRvcCIg c3R5bGU9IndpZHRoOjEwMC4wJTtwYWRkaW5nOjBjbSAwY20gMGNtIDBjbSI+DQo8ZGl2Pg0KPHRh YmxlIGNsYXNzPSJNc29Ob3JtYWxUYWJsZSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2Vs bHBhZGRpbmc9IjAiIHdpZHRoPSIxMDAlIiBzdHlsZT0id2lkdGg6MTAwLjAlO2JvcmRlci1jb2xs YXBzZTpjb2xsYXBzZTttaW4td2lkdGg6IDEwMCUiPg0KPHRib2R5Pg0KPHRyPg0KPHRkIHZhbGln bj0idG9wIiBzdHlsZT0icGFkZGluZzo3LjVwdCAwY20gNy41cHQgMGNtIj4NCjxkaXY+DQo8cCBj bGFzcz0iTXNvTm9ybWFsIiBhbGlnbj0iY2VudGVyIiBzdHlsZT0idGV4dC1hbGlnbjpjZW50ZXIi PjxpbWcgd2lkdGg9IjI3NSIgc3R5bGU9IndpZHRoOjIuODY0NWluIiBpZD0iX3gwMDAwX2kxMDI3 IiBzcmM9Imh0dHBzOi8vZmlsZXMuY29uc3RhbnRjb250YWN0LmNvbS8zMDRiM2ZkMzUwMS8zMWYz MGFiNS0xNDQ1LTQ1YzMtYWVmNy1jMGVhNGViY2M1OGMuanBnIj48bzpwPjwvbzpwPjwvcD4NCjwv ZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPC90ZD4NCjwv dHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgYWxp Z249ImNlbnRlciIgc3R5bGU9InRleHQtYWxpZ246Y2VudGVyIj48c3BhbiBzdHlsZT0iY29sb3I6 YmxhY2siPiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxkaXYgYWxpZ249ImNlbnRlciI+ DQo8dGFibGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIw IiBjZWxscGFkZGluZz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxlPSJ3aWR0aDoxMDAuMCU7Ym9yZGVy LWNvbGxhcHNlOmNvbGxhcHNlO21pbi13aWR0aDogMTAwJSI+DQo8dGJvZHk+DQo8dHI+DQo8dGQg d2lkdGg9IjEwMCUiIHZhbGlnbj0idG9wIiBzdHlsZT0id2lkdGg6MTAwLjAlO3BhZGRpbmc6MGNt IDBjbSAwY20gMGNtIj4NCjxkaXY+DQo8dGFibGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxlIiBib3Jk ZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxl PSJ3aWR0aDoxMDAuMCU7Ym9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO21pbi13aWR0aDogMTAwJSI+ DQo8dGJvZHk+DQo8dHI+DQo8dGQgdmFsaWduPSJ0b3AiIHN0eWxlPSJwYWRkaW5nOjcuNXB0IDE1 LjBwdCA3LjVwdCAxNS4wcHQiPg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBh bGlnbj0iY2VudGVyIiBzdHlsZT0idGV4dC1hbGlnbjpjZW50ZXIiPjxzcGFuIHN0eWxlPSJmb250 LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xv cjpibGFjayI+VGhlIElDQU5OIG9yZyBQb2xpY3kgRGV2ZWxvcG1lbnQgU3VwcG9ydCBmdW5jdGlv biBwdWJsaXNoZXMgdGhpcyB0d2ljZS13ZWVrbHkgZGlnZXN0DQo8L3NwYW4+PG86cD48L286cD48 L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBhbGlnbj0iY2VudGVyIiBzdHlsZT0idGV4dC1hbGln bjpjZW50ZXIiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7 QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+dG8gaGVscCBJQ0FOTiBjb21tdW5p dHkgbGVhZGVycyB0cmFjayByZXF1ZXN0cyBhbmQgZm9sbG93IHVwZGF0ZXMuPC9zcGFuPjxvOnA+ PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFi bGU+DQo8L2Rpdj4NCjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQo8L2Rpdj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiIGFsaWduPSJjZW50ZXIiIHN0eWxlPSJ0ZXh0LWFsaWduOmNlbnRl ciI+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj4mbmJzcDs8L3NwYW4+PG86cD48L286cD48L3A+ DQo8ZGl2IGFsaWduPSJjZW50ZXIiPg0KPHRhYmxlIGNsYXNzPSJNc29Ob3JtYWxUYWJsZSIgYm9y ZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSIxMDAlIiBzdHls ZT0id2lkdGg6MTAwLjAlO2JvcmRlci1jb2xsYXBzZTpjb2xsYXBzZTttaW4td2lkdGg6IDEwMCUi Pg0KPHRib2R5Pg0KPHRyPg0KPHRkIHdpZHRoPSIxMDAlIiB2YWxpZ249InRvcCIgc3R5bGU9Indp ZHRoOjEwMC4wJTtiYWNrZ3JvdW5kOiMxRDM1Njc7cGFkZGluZzowY20gMGNtIDBjbSAwY20iPg0K PGRpdj4NCjx0YWJsZSBjbGFzcz0iTXNvTm9ybWFsVGFibGUiIGJvcmRlcj0iMCIgY2VsbHNwYWNp bmc9IjAiIGNlbGxwYWRkaW5nPSIwIiB3aWR0aD0iMTAwJSIgc3R5bGU9IndpZHRoOjEwMC4wJTti b3JkZXItY29sbGFwc2U6Y29sbGFwc2U7bWluLXdpZHRoOiAxMDAlIj4NCjx0Ym9keT4NCjx0cj4N Cjx0ZCB2YWxpZ249InRvcCIgc3R5bGU9InBhZGRpbmc6Ny41cHQgMTUuMHB0IDcuNXB0IDE1LjBw dCI+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBhbGlnbj0iY2Vu dGVyIiBzdHlsZT0idGV4dC1hbGlnbjpjZW50ZXIiPjxiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6 MTMuNXB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6d2hp dGUiPlRhYmxlIG9mIENvbnRlbnRzPC9zcGFuPjwvYj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0K PC9kaXY+DQo8L2Rpdj4NCjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQo8L2Rpdj4N CjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29O b3JtYWwiIGFsaWduPSJjZW50ZXIiIHN0eWxlPSJ0ZXh0LWFsaWduOmNlbnRlciI+PHNwYW4gc3R5 bGU9ImNvbG9yOmJsYWNrIj4mbmJzcDs8L3NwYW4+PG86cD48L286cD48L3A+DQo8ZGl2IGFsaWdu PSJjZW50ZXIiPg0KPHRhYmxlIGNsYXNzPSJNc29Ob3JtYWxUYWJsZSIgYm9yZGVyPSIwIiBjZWxs c3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSIxMDAlIiBzdHlsZT0id2lkdGg6MTAw LjAlO2JvcmRlci1jb2xsYXBzZTpjb2xsYXBzZTttaW4td2lkdGg6IDEwMCUiPg0KPHRib2R5Pg0K PHRyPg0KPHRkIHdpZHRoPSIxMDAlIiB2YWxpZ249InRvcCIgc3R5bGU9IndpZHRoOjEwMC4wJTtw YWRkaW5nOjBjbSAwY20gMGNtIDBjbSI+DQo8ZGl2Pg0KPHRhYmxlIGNsYXNzPSJNc29Ob3JtYWxU YWJsZSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSIx MDAlIiBzdHlsZT0id2lkdGg6MTAwLjAlO2JvcmRlci1jb2xsYXBzZTpjb2xsYXBzZTttaW4td2lk dGg6IDEwMCUiPg0KPHRib2R5Pg0KPHRyPg0KPHRkIHZhbGlnbj0idG9wIiBzdHlsZT0icGFkZGlu Zzo3LjVwdCAxNS4wcHQgNy41cHQgMTUuMHB0Ij4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1p bHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUExOTFBIj5JbmZvcm1hdGlv biBTaGFyaW5nPC9zcGFuPjwvYj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1z b05vcm1hbCIgc3R5bGU9Im1hcmdpbi1sZWZ0OjMwLjBwdDt0ZXh0LWluZGVudDotMTIuMHB0O21z by1saXN0OmwyIGxldmVsMSBsZm8yIj4NCjwhW2lmICFzdXBwb3J0TGlzdHNdPjxzcGFuIHN0eWxl PSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OlN5bWJvbCI+PHNwYW4gc3R5bGU9Im1zby1s aXN0Oklnbm9yZSI+wrc8c3BhbiBzdHlsZT0iZm9udDo3LjBwdCAmcXVvdDtUaW1lcyBOZXcgUm9t YW4mcXVvdDsiPiZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOw0KPC9zcGFuPjwvc3Bhbj48L3NwYW4+ PCFbZW5kaWZdPjxzcGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7 QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojQkYzRjJGIj5EVUUgVE9EQVk6PC9zcGFuPjxz cGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDss c2Fucy1zZXJpZjtjb2xvcjojQ0Y4RjEyIj4NCjwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXpl OjkuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6Ymxh Y2siPkFwcG9pbnRtZW50cyB0byBHTlNPIFBEUCB0byBSZXZpZXcgdGhlIFRyYW5zZmVyIFBvbGlj eTwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0Fy aWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzQwM0Y0MiI+DQo8L3NwYW4+PG86cD48L286cD48 L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibWFyZ2luLWxlZnQ6MzAuMHB0O3RleHQt aW5kZW50Oi0xMi4wcHQ7bXNvLWxpc3Q6bDIgbGV2ZWwxIGxmbzIiPg0KPCFbaWYgIXN1cHBvcnRM aXN0c10+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6U3ltYm9sIj48 c3BhbiBzdHlsZT0ibXNvLWxpc3Q6SWdub3JlIj7CtzxzcGFuIHN0eWxlPSJmb250OjcuMHB0ICZx dW90O1RpbWVzIE5ldyBSb21hbiZxdW90OyI+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7DQo8L3Nw YW4+PC9zcGFuPjwvc3Bhbj48IVtlbmRpZl0+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtm b250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiNCRjNGMkYiPlRP TU9SUk9XOg0KPC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6 JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+V2ViaW5hciBvbiBQcmlv cml0aXphdGlvbiBvZiBJQ0FOTiBXb3JrIGFuZCBTdXBwbGVtZW50YWwgRnVuZCBmb3IgSW1wbGVt ZW50YXRpb24gb2YgQ29tbXVuaXR5IFJlY29tbWVuZGF0aW9uczwvc3Bhbj48c3BhbiBzdHlsZT0i Zm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7 Y29sb3I6IzQwM0Y0MiI+DQo8L3NwYW4+PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9y bWFsIiBzdHlsZT0ibWFyZ2luLWxlZnQ6MzAuMHB0O3RleHQtaW5kZW50Oi0xMi4wcHQ7bXNvLWxp c3Q6bDIgbGV2ZWwxIGxmbzIiPg0KPCFbaWYgIXN1cHBvcnRMaXN0c10+PHNwYW4gc3R5bGU9ImZv bnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6U3ltYm9sIj48c3BhbiBzdHlsZT0ibXNvLWxpc3Q6 SWdub3JlIj7CtzxzcGFuIHN0eWxlPSJmb250OjcuMHB0ICZxdW90O1RpbWVzIE5ldyBSb21hbiZx dW90OyI+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7DQo8L3NwYW4+PC9zcGFuPjwvc3Bhbj48IVtl bmRpZl0+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlh bCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMzODdCMzciPk5FVzoNCjwvc3Bhbj48c3BhbiBzdHls ZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2Vy aWY7Y29sb3I6YmxhY2siPkF0LUxhcmdlIENvbW11bml0eSBMYXVuY2hlcyBUd28gSUNBTk4gTGVh cm4gQ291cnNlczwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5 OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzQwM0Y0MiI+DQo8L3NwYW4+PG86 cD48L286cD48L3A+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGI+PHNwYW4gc3R5bGU9 ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlm O2NvbG9yOmJsYWNrIj5QdWJsaWMgQ29tbWVudDwvc3Bhbj48L2I+PG86cD48L286cD48L3A+DQo8 L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJnaW4tbGVmdDozMC4wcHQ7dGV4 dC1pbmRlbnQ6LTEyLjBwdDttc28tbGlzdDpsMCBsZXZlbDEgbGZvNCI+DQo8IVtpZiAhc3VwcG9y dExpc3RzXT48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDtmb250LWZhbWlseTpTeW1ib2wi PjxzcGFuIHN0eWxlPSJtc28tbGlzdDpJZ25vcmUiPsK3PHNwYW4gc3R5bGU9ImZvbnQ6Ny4wcHQg JnF1b3Q7VGltZXMgTmV3IFJvbWFuJnF1b3Q7Ij4mbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsNCjwv c3Bhbj48L3NwYW4+PC9zcGFuPjwhW2VuZGlmXT48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0 O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6I0NGOEYxMiI+ Q0xPU0VTIFRISVMgRlJJREFZOjwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2Zv bnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6YmxhY2siPiBHTlNP Jm5ic3A7UmV2aWV3IG9mIEFsbCBSaWdodHMgUHJvdGVjdGlvbiBNZWNoYW5pc21zIGluDQogQWxs IGdUTERzIFBvbGljeSBEZXZlbG9wbWVudCBQcm9jZXNzIFBoYXNlIDEgRmluYWwgUmVjb21tZW5k YXRpb25zIGZvciZuYnNwO0lDQU5OJm5ic3A7Qm9hcmQgQ29uc2lkZXJhdGlvbjwvc3Bhbj48c3Bh biBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNh bnMtc2VyaWY7Y29sb3I6IzQwM0Y0MiI+DQo8L3NwYW4+PG86cD48L286cD48L3A+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIiBzdHlsZT0ibWFyZ2luLWxlZnQ6MzAuMHB0O3RleHQtaW5kZW50Oi0xMi4w cHQ7bXNvLWxpc3Q6bDAgbGV2ZWwxIGxmbzQiPg0KPCFbaWYgIXN1cHBvcnRMaXN0c10+PHNwYW4g c3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6U3ltYm9sIj48c3BhbiBzdHlsZT0i bXNvLWxpc3Q6SWdub3JlIj7CtzxzcGFuIHN0eWxlPSJmb250OjcuMHB0ICZxdW90O1RpbWVzIE5l dyBSb21hbiZxdW90OyI+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7DQo8L3NwYW4+PC9zcGFuPjwv c3Bhbj48IVtlbmRpZl0+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTom cXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMzODdCMzciPk5FVzo8L3NwYW4+PHNw YW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90Oyxz YW5zLXNlcmlmO2NvbG9yOiM0MDNGNDIiPg0KPC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6 OS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjpibGFj ayI+R05TTyBOZXcgZ1RMRCBTdWJzZXF1ZW50IFByb2NlZHVyZXMgRmluYWwgT3V0cHV0cyBmb3Ig SUNBTk4gQm9hcmQgQ29uc2lkZXJhdGlvbjwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjku MHB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzQwM0Y0 MiI+DQo8L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+ DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90 YWJsZT4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgYWxpZ249ImNlbnRlciIgc3R5bGU9 InRleHQtYWxpZ246Y2VudGVyIj48c3BhbiBzdHlsZT0iY29sb3I6YmxhY2siPiZuYnNwOzwvc3Bh bj48bzpwPjwvbzpwPjwvcD4NCjxkaXYgYWxpZ249ImNlbnRlciI+DQo8dGFibGUgY2xhc3M9Ik1z b05vcm1hbFRhYmxlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIg d2lkdGg9IjEwMCUiIHN0eWxlPSJ3aWR0aDoxMDAuMCU7Ym9yZGVyLWNvbGxhcHNlOmNvbGxhcHNl O21pbi13aWR0aDogMTAwJSI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgc3R5bGU9InBhZGRpbmc6MGNt IDBjbSAwY20gMGNtIj48L3RkPg0KPC90cj4NCjwvdGJvZHk+DQo8L3RhYmxlPg0KPC9kaXY+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIiBhbGlnbj0iY2VudGVyIiBzdHlsZT0idGV4dC1hbGlnbjpjZW50 ZXIiPjxzcGFuIHN0eWxlPSJjb2xvcjpibGFjayI+Jm5ic3A7PC9zcGFuPjxvOnA+PC9vOnA+PC9w Pg0KPGRpdiBhbGlnbj0iY2VudGVyIj4NCjx0YWJsZSBjbGFzcz0iTXNvTm9ybWFsVGFibGUiIGJv cmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIiB3aWR0aD0iMTAwJSIgc3R5 bGU9IndpZHRoOjEwMC4wJTtib3JkZXItY29sbGFwc2U6Y29sbGFwc2U7bWluLXdpZHRoOiAxMDAl Ij4NCjx0Ym9keT4NCjx0cj4NCjx0ZCBzdHlsZT0icGFkZGluZzowY20gMGNtIDBjbSAwY20iPjwv dGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiIGFsaWduPSJjZW50ZXIiIHN0eWxlPSJ0ZXh0LWFsaWduOmNlbnRlciI+PHNwYW4gc3R5bGU9 ImNvbG9yOmJsYWNrIj4mbmJzcDs8L3NwYW4+PG86cD48L286cD48L3A+DQo8ZGl2IGFsaWduPSJj ZW50ZXIiPg0KPHRhYmxlIGNsYXNzPSJNc29Ob3JtYWxUYWJsZSIgYm9yZGVyPSIwIiBjZWxsc3Bh Y2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSIxMDAlIiBzdHlsZT0id2lkdGg6MTAwLjAl O2JvcmRlci1jb2xsYXBzZTpjb2xsYXBzZTttaW4td2lkdGg6IDEwMCUiPg0KPHRib2R5Pg0KPHRy Pg0KPHRkIHdpZHRoPSIxMDAlIiB2YWxpZ249InRvcCIgc3R5bGU9IndpZHRoOjEwMC4wJTtiYWNr Z3JvdW5kOiMxRDM1Njc7cGFkZGluZzowY20gMGNtIDBjbSAwY20iPg0KPGRpdj4NCjx0YWJsZSBj bGFzcz0iTXNvTm9ybWFsVGFibGUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRk aW5nPSIwIiB3aWR0aD0iMTAwJSIgc3R5bGU9IndpZHRoOjEwMC4wJTtib3JkZXItY29sbGFwc2U6 Y29sbGFwc2U7bWluLXdpZHRoOiAxMDAlIj4NCjx0Ym9keT4NCjx0cj4NCjx0ZCB2YWxpZ249InRv cCIgc3R5bGU9InBhZGRpbmc6Ny41cHQgMTUuMHB0IDcuNXB0IDE1LjBwdCI+DQo8ZGl2Pg0KPGRp dj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBhbGlnbj0iY2VudGVyIiBzdHlsZT0idGV4 dC1hbGlnbjpjZW50ZXIiPjxiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTMuNXB0O2ZvbnQtZmFt aWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6d2hpdGUiPkluZm9ybWF0aW9u IFNoYXJpbmc8L3NwYW4+PC9iPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2 Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+ DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgYWxpZ249 ImNlbnRlciIgc3R5bGU9InRleHQtYWxpZ246Y2VudGVyIj48c3BhbiBzdHlsZT0iY29sb3I6Ymxh Y2siPiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxkaXYgYWxpZ249ImNlbnRlciI+DQo8 dGFibGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBj ZWxscGFkZGluZz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxlPSJ3aWR0aDoxMDAuMCU7Ym9yZGVyLWNv bGxhcHNlOmNvbGxhcHNlO21pbi13aWR0aDogMTAwJSI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgd2lk dGg9IjEwMCUiIHZhbGlnbj0idG9wIiBzdHlsZT0id2lkdGg6MTAwLjAlO3BhZGRpbmc6MGNtIDBj bSAwY20gMGNtIj4NCjxkaXY+DQo8dGFibGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxlIiBib3JkZXI9 IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxlPSJ3 aWR0aDoxMDAuMCU7Ym9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO21pbi13aWR0aDogMTAwJSI+DQo8 dGJvZHk+DQo8dHI+DQo8dGQgdmFsaWduPSJ0b3AiIHN0eWxlPSJwYWRkaW5nOjcuNXB0IDE1LjBw dCA3LjVwdCAxNS4wcHQiPg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlh bCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiNCRjNGMkYiPkRVRSBUT0RBWToNCjwvc3Bhbj48L2I+ PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZx dW90OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNrIj5BcHBvaW50bWVudHMgdG88L3NwYW4+PC9iPjxi PjxzcGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVv dDssc2Fucy1zZXJpZjtjb2xvcjojMzg3QjM3Ij4NCjwvc3Bhbj48L2I+PGI+PHNwYW4gc3R5bGU9 ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlm O2NvbG9yOmJsYWNrIj5HTlNPIFBEUCB0byBSZXZpZXcgdGhlIFRyYW5zZmVyIFBvbGljeTwvc3Bh bj48L2I+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlh bCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiM0MDNGNDIiPg0KPC9zcGFuPjxvOnA+PC9vOnA+PC9w Pg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQt c2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9y OiM0MDNGNDIiPiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1p bHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+VGhlIEdlbmVyaWMg TmFtZXMgU3VwcG9ydGluZyBPcmdhbml6YXRpb24gKEdOU08pIENvdW5jaWwgcmVjZW50bHkgaW5p dGlhdGVkIGEgdHdvLXBoYXNlZCBwb2xpY3kgZGV2ZWxvcG1lbnQgcHJvY2VzcyAoUERQKSB0byBy ZXZpZXcgdGhlIFRyYW5zZmVyIFBvbGljeSwgd2hpY2ggd2lsbA0KIGRldGVybWluZSBpZiBjaGFu Z2VzIHRvIHRoZSBwb2xpY3kgYXJlIG5lZWRlZCB0byBpbXByb3ZlIHRoZSBlYXNlLCBzZWN1cml0 eSwgYW5kIGVmZmljYWN5IG9mIGludGVyLXJlZ2lzdHJhciBhbmQgaW50ZXItcmVnaXN0cmFudCB0 cmFuc2ZlcnMuPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVv dDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiM0MDNGNDIiPiZuYnNwOzwvc3Bhbj48bzpw PjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjx1PjxzcGFu IHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fu cy1zZXJpZjtjb2xvcjpibGFjayI+Q2FsbCBmb3IgVm9sdW50ZWVyczogR05TTyBQRFAgV29ya2lu ZyBHcm91cCB0byBSZXZpZXcgdGhlIFRyYW5zZmVyIFBvbGljeTwvc3Bhbj48L3U+PG86cD48L286 cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0i Zm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7 Y29sb3I6IzQwM0Y0MiI+Jm5ic3A7PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8cCBj bGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibWFyZ2luLWxlZnQ6MzAuMHB0O3RleHQtaW5kZW50Oi0x Mi4wcHQ7bXNvLWxpc3Q6bDEgbGV2ZWwxIGxmbzYiPg0KPCFbaWYgIXN1cHBvcnRMaXN0c10+PHNw YW4gc3R5bGU9ImZvbnQtc2l6ZToxMC4wcHQ7Zm9udC1mYW1pbHk6U3ltYm9sIj48c3BhbiBzdHls ZT0ibXNvLWxpc3Q6SWdub3JlIj7CtzxzcGFuIHN0eWxlPSJmb250OjcuMHB0ICZxdW90O1RpbWVz IE5ldyBSb21hbiZxdW90OyI+Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7DQo8L3NwYW4+PC9zcGFu Pjwvc3Bhbj48IVtlbmRpZl0+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWls eTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNrIj5TdXBwb3J0aW5nIE9y Z2FuaXphdGlvbiwgQWR2aXNvcnkgQ29tbWl0dGVlLCBTdGFrZWhvbGRlciBHcm91cCwgYW5kIENv bnN0aXR1ZW5jeSBjaGFpcnMgcmVjZWl2ZWQgYSBsZXR0ZXIgaW52aXRpbmcgdGhlbSB0byBhcHBv aW50IGEgbGltaXRlZCBudW1iZXIgb2YgbWVtYmVycw0KIGFuZCBhbHRlcm5hdGVzIHRvIHRoZSBH TlNPIFBEUCB3b3JraW5nIGdyb3VwIHRvIHJldmlldyB0aGUgVHJhbnNmZXIgUG9saWN5LiA8L3Nw YW4+DQo8bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtYXJnaW4t bGVmdDozMC4wcHQ7dGV4dC1pbmRlbnQ6LTEyLjBwdDttc28tbGlzdDpsMSBsZXZlbDEgbGZvNiI+ DQo8IVtpZiAhc3VwcG9ydExpc3RzXT48c3BhbiBzdHlsZT0iZm9udC1zaXplOjEwLjBwdDtmb250 LWZhbWlseTpTeW1ib2wiPjxzcGFuIHN0eWxlPSJtc28tbGlzdDpJZ25vcmUiPsK3PHNwYW4gc3R5 bGU9ImZvbnQ6Ny4wcHQgJnF1b3Q7VGltZXMgTmV3IFJvbWFuJnF1b3Q7Ij4mbmJzcDsmbmJzcDsm bmJzcDsmbmJzcDsNCjwvc3Bhbj48L3NwYW4+PC9zcGFuPjwhW2VuZGlmXT48Yj48c3BhbiBzdHls ZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2Vy aWY7Y29sb3I6YmxhY2siPlRoZSBkZWFkbGluZSBmb3IgYXBwb2ludG1lbnRzIGlzIE1vbmRheSwg MjYgQXByaWwgMjAyMS48L3NwYW4+PC9iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9u dC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+DQo8L3Nw YW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5 Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwv ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgYWxpZ249ImNlbnRlciIgc3R5bGU9InRleHQtYWxp Z246Y2VudGVyIj48c3BhbiBzdHlsZT0iY29sb3I6YmxhY2siPiZuYnNwOzwvc3Bhbj48bzpwPjwv bzpwPjwvcD4NCjxkaXYgYWxpZ249ImNlbnRlciI+DQo8dGFibGUgY2xhc3M9Ik1zb05vcm1hbFRh YmxlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIgd2lkdGg9IjEw MCUiIHN0eWxlPSJ3aWR0aDoxMDAuMCU7Ym9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO21pbi13aWR0 aDogMTAwJSI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgd2lkdGg9IjEwMCUiIHZhbGlnbj0idG9wIiBz dHlsZT0id2lkdGg6MTAwLjAlO3BhZGRpbmc6MGNtIDBjbSAwY20gMGNtIj4NCjxkaXY+DQo8dGFi bGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxs cGFkZGluZz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxlPSJ3aWR0aDoxMDAuMCU7Ym9yZGVyLWNvbGxh cHNlOmNvbGxhcHNlO21pbi13aWR0aDogMTAwJSI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgdmFsaWdu PSJ0b3AiIHN0eWxlPSJwYWRkaW5nOjBjbSAwY20gMGNtIDBjbSI+DQo8ZGl2IGFsaWduPSJjZW50 ZXIiPg0KPHRhYmxlIGNsYXNzPSJNc29Ob3JtYWxUYWJsZSIgYm9yZGVyPSIwIiBjZWxsc3BhY2lu Zz0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSIxMDAlIiBzdHlsZT0id2lkdGg6MTAwLjAlO2Jv cmRlci1jb2xsYXBzZTpjb2xsYXBzZTttaW4td2lkdGg6IDEwMCU7Y3Vyc29yOmRlZmF1bHQiPg0K PHRib2R5Pg0KPHRyPg0KPHRkIHdpZHRoPSIxMDAlIiB2YWxpZ249InRvcCIgc3R5bGU9IndpZHRo OjEwMC4wJTtwYWRkaW5nOjYuNzVwdCAwY20gNi43NXB0IDBjbSI+DQo8ZGl2IGFsaWduPSJjZW50 ZXIiPg0KPHRhYmxlIGNsYXNzPSJNc29Ob3JtYWxUYWJsZSIgYm9yZGVyPSIwIiBjZWxsc3BhY2lu Zz0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSI5NCUiIHN0eWxlPSJ3aWR0aDo5NC4wJTtib3Jk ZXItY29sbGFwc2U6Y29sbGFwc2U7bWluLXdpZHRoOiA5NCUiPg0KPHRib2R5Pg0KPHRyIHN0eWxl PSJoZWlnaHQ6Ljc1cHQiPg0KPHRkIHN0eWxlPSJiYWNrZ3JvdW5kOiMxRDM1Njc7cGFkZGluZzow Y20gMGNtIDBjbSAwY207aGVpZ2h0Oi43NXB0Ij4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFs IiBhbGlnbj0iY2VudGVyIiBzdHlsZT0idGV4dC1hbGlnbjpjZW50ZXI7bXNvLWxpbmUtaGVpZ2h0 LWFsdDouNzVwdCI+DQo8c3BhbiBzdHlsZT0iY29sb3I6d2hpdGUiPjxpbWcgd2lkdGg9IjUiIGhl aWdodD0iMSIgc3R5bGU9IndpZHRoOi4wNTJpbjtoZWlnaHQ6LjAxMDRpbiIgaWQ9Il94MDAwMF9p MTAyNiIgc3JjPSJodHRwczovL2ltZ3NzbC5jb25zdGFudGNvbnRhY3QuY29tL2xldHRlcnMvaW1h Z2VzLzExMDExMTY3ODQyMjEvUy5naWYiPjwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0K PC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8 L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJs ZT4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCIgYWxpZ249ImNlbnRlciIgc3R5bGU9InRleHQtYWxpZ246Y2VudGVy Ij48c3BhbiBzdHlsZT0iY29sb3I6YmxhY2siPiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4N CjxkaXYgYWxpZ249ImNlbnRlciI+DQo8dGFibGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxlIiBib3Jk ZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxl PSJ3aWR0aDoxMDAuMCU7Ym9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO21pbi13aWR0aDogMTAwJSI+ DQo8dGJvZHk+DQo8dHI+DQo8dGQgd2lkdGg9IjEwMCUiIHZhbGlnbj0idG9wIiBzdHlsZT0id2lk dGg6MTAwLjAlO3BhZGRpbmc6MGNtIDBjbSAwY20gMGNtIj4NCjxkaXY+DQo8dGFibGUgY2xhc3M9 Ik1zb05vcm1hbFRhYmxlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0i MCIgd2lkdGg9IjEwMCUiIHN0eWxlPSJ3aWR0aDoxMDAuMCU7Ym9yZGVyLWNvbGxhcHNlOmNvbGxh cHNlO21pbi13aWR0aDogMTAwJSI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgdmFsaWduPSJ0b3AiIHN0 eWxlPSJwYWRkaW5nOjcuNXB0IDE1LjBwdCA3LjVwdCAxNS4wcHQiPg0KPGRpdj4NCjxkaXY+DQo8 ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBw dDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiNCRjNGMkYi PlRPTU9SUk9XOg0KPC9zcGFuPjwvYj48Yj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2Zv bnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFBMTkxQSI+V2Vi aW5hciBvbiBQcmlvcml0aXphdGlvbiBvZiBJQ0FOTiBXb3JrIGFuZCBTdXBwbGVtZW50YWwgRnVu ZCBmb3IgSW1wbGVtZW50YXRpb24gb2YgQ29tbXVuaXR5IFJlY29tbWVuZGF0aW9uczwvc3Bhbj48 L2I+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZx dW90OyxzYW5zLXNlcmlmO2NvbG9yOiM0MDNGNDIiPg0KPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0K PC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6 ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiM0 MDNGNDIiPiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6 JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+VGhlIElDQU5OIG9yZyBQ bGFubmluZyBhbmQgRmluYW5jZSB0ZWFtcyB3aWxsIGhvc3QgYSB3ZWJpbmFyIG9uDQo8Yj5UdWVz ZGF5LCAyNyBBcHJpbCAyMDIxIGF0IDE1OjAwIFVUQzwvYj4gdG8gZGlzY3VzcyBwcmlvcml0aXpp bmcgSUNBTk4gd29yayBhbmQgdGhlIHByb3Bvc2VkIHN1cHBsZW1lbnRhbCBmdW5kIGZvciBpbXBs ZW1lbnRhdGlvbiBvZiBjb21tdW5pdHkgcmVjb21tZW5kYXRpb25zLiZuYnNwOzxiPlBsZWFzZQ0K PC9iPjwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5OiZxdW90 O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzQwM0Y0MiI+PGEgaHJlZj0iaHR0cHM6Ly91 cmxkZWZlbnNlLmNvbS92My9fX2h0dHA6L3IyMC5yczYubmV0L3RuLmpzcD9mPTAwMXRRdkM5OTR5 QmhQNWRYTzVTbXFrODcyTUJpUlh6WXVRblVDRXdsZ0RtSHVNc1BvTl9mU3A3S2gxRzYzVm83X2lP b0RPVWthWFVRaEZlLTVyei11NXlfaEpBODhkSE9TbGlXSWxVYmJIWGFoancxNVV2akp0aDhBb0JB R0lqQURGTFU5T3p5MG5CZkY1NnZCUzNaX1VnVkUydDk2Ulpqcy1wa24tdXRXNlFDMUY1S0V5WVp1 ckNNYWxsTmVoV01HaDl2aEY3UzRJMzFqZEdIRTVZY0EzM204UE9tY3czdjdoJmFtcDtjPTRzLVpo N0xjM05yb1JBRy0zT1BoUzlEVHFMQWJkQUhyaHA2MzJKTzB6VTVUbDhXRGlJVVVmQT09JmFtcDtj aD0zQUhScUlIemxOWGRpdEZXR2I4VEhBYUhuZ1pnSU1NdHNOQno5QjVWbTJLR3FZWU5pYWdTZEE9 PSZhbXA7anJjPTFfXzshIVB0R0phYjQhcjBsaVhlVkFlUk1XNk1Zekg1SURXR2kxM3h3M2tFQW9F MGlrOU5NUVF2Ymh1cVRiQ1cyMUR2c3p5ZkZJWVZIMTFIMlRwNHFnM3ckIiB0YXJnZXQ9Il9ibGFu ayI+PGI+PHNwYW4gc3R5bGU9ImNvbG9yOiMzNjhBOUMiPnJlZ2lzdGVyDQogW3IyMC5yczYubmV0 XTwvc3Bhbj48L2I+PC9hPjwvc3Bhbj48Yj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2Zv bnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6YmxhY2siPiBpbiBh ZHZhbmNlIHRvIHJlY2VpdmUgZGV0YWlscyB0byBqb2luIHRoaXMgd2ViaW5hci48L3NwYW4+PC9i PjxzcGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVv dDssc2Fucy1zZXJpZjtjb2xvcjojNDAzRjQyIj4NCjwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwv ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6 OS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojNDAz RjQyIj4mbmJzcDs8L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5OiZx dW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6YmxhY2siPkluIHRoaXMgd2ViaW5hciwg dGhlIFBsYW5uaW5nIHRlYW0gd2lsbCBwcm92aWRlIGFuIG92ZXJ2aWV3IG9mIHRoZSAmcXVvdDtQ cmlvcml0aXphdGlvbiBvZiBJQ0FOTiBXb3JrJnF1b3Q7IHByb2plY3Q8aT4sPC9pPiBpbmNsdWRp bmcgaXRzIHB1cnBvc2UgYW5kIHNjb3BlLCB3b3JrIHBsYW4sIGFuZCBjb21tdW5pdHkNCiBlbmdh Z2VtZW50LiBQcmlvcml0aXphdGlvbiBvZiBJQ0FOTiB3b3JrIGlzIGEgdGFyZ2V0ZWQgb3V0Y29t ZSBvZiB0aGUgUGxhbm5pbmcgYXQgSUNBTk4gb3BlcmF0aW5nIGluaXRpYXRpdmUgaW4gdGhlIElD QU5OIEZZMjEtMjUgT3BlcmF0aW5nIFBsYW4uIEl0IGluY2x1ZGVzIHRoZSBkZXNpZ24gYW5kIGlt cGxlbWVudGF0aW9uIG9mIGEgcHJpb3JpdGl6YXRpb24gZnJhbWV3b3JrIGluIGNvbGxhYm9yYXRp b24gd2l0aCB0aGUgSUNBTk4gY29tbXVuaXR5LA0KIEJvYXJkIGFuZCBvcmcuIFRoZSBGaW5hbmNl IHRlYW0gd2lsbCBhbHNvIHNoYXJlIHRoZSBwcm9wb3NlZCBzdXBwbGVtZW50YWwgZnVuZCBmb3Ig aW1wbGVtZW50YXRpb24gb2YgY29tbXVuaXR5IHJlY29tbWVuZGF0aW9ucy4mbmJzcDs8L3NwYW4+ PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90 OyxzYW5zLXNlcmlmO2NvbG9yOiM0MDNGNDIiPg0KPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9k aXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwv ZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCIgYWxpZ249ImNlbnRlciIgc3R5bGU9InRleHQtYWxpZ246Y2VudGVyIj48c3Bh biBzdHlsZT0iY29sb3I6YmxhY2siPiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxkaXYg YWxpZ249ImNlbnRlciI+DQo8dGFibGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxlIiBib3JkZXI9IjAi IGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxlPSJ3aWR0 aDoxMDAuMCU7Ym9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO21pbi13aWR0aDogMTAwJSI+DQo8dGJv ZHk+DQo8dHI+DQo8dGQgd2lkdGg9IjEwMCUiIHZhbGlnbj0idG9wIiBzdHlsZT0id2lkdGg6MTAw LjAlO3BhZGRpbmc6MGNtIDBjbSAwY20gMGNtIj4NCjxkaXY+DQo8dGFibGUgY2xhc3M9Ik1zb05v cm1hbFRhYmxlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIgd2lk dGg9IjEwMCUiIHN0eWxlPSJ3aWR0aDoxMDAuMCU7Ym9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO21p bi13aWR0aDogMTAwJSI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgdmFsaWduPSJ0b3AiIHN0eWxlPSJw YWRkaW5nOjBjbSAwY20gMGNtIDBjbSI+DQo8ZGl2IGFsaWduPSJjZW50ZXIiPg0KPHRhYmxlIGNs YXNzPSJNc29Ob3JtYWxUYWJsZSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRp bmc9IjAiIHdpZHRoPSIxMDAlIiBzdHlsZT0id2lkdGg6MTAwLjAlO2JvcmRlci1jb2xsYXBzZTpj b2xsYXBzZTttaW4td2lkdGg6IDEwMCU7Y3Vyc29yOmRlZmF1bHQiPg0KPHRib2R5Pg0KPHRyPg0K PHRkIHdpZHRoPSIxMDAlIiB2YWxpZ249InRvcCIgc3R5bGU9IndpZHRoOjEwMC4wJTtwYWRkaW5n OjYuNzVwdCAwY20gNi43NXB0IDBjbSI+DQo8ZGl2IGFsaWduPSJjZW50ZXIiPg0KPHRhYmxlIGNs YXNzPSJNc29Ob3JtYWxUYWJsZSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRp bmc9IjAiIHdpZHRoPSI5NCUiIHN0eWxlPSJ3aWR0aDo5NC4wJTtib3JkZXItY29sbGFwc2U6Y29s bGFwc2U7bWluLXdpZHRoOiA5NCUiPg0KPHRib2R5Pg0KPHRyIHN0eWxlPSJoZWlnaHQ6Ljc1cHQi Pg0KPHRkIHN0eWxlPSJiYWNrZ3JvdW5kOiMxRDM1Njc7cGFkZGluZzowY20gMGNtIDBjbSAwY207 aGVpZ2h0Oi43NXB0Ij4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBhbGlnbj0iY2VudGVy IiBzdHlsZT0idGV4dC1hbGlnbjpjZW50ZXI7bXNvLWxpbmUtaGVpZ2h0LWFsdDouNzVwdCI+DQo8 c3BhbiBzdHlsZT0iY29sb3I6d2hpdGUiPjxpbWcgYm9yZGVyPSIwIiB3aWR0aD0iNSIgaGVpZ2h0 PSIxIiBzdHlsZT0id2lkdGg6LjA1MmluO2hlaWdodDouMDEwNGluIiBpZD0iX3gwMDAwX2kxMDI1 IiBzcmM9Imh0dHBzOi8vaW1nc3NsLmNvbnN0YW50Y29udGFjdC5jb20vbGV0dGVycy9pbWFnZXMv MTEwMTExNjc4NDIyMS9TLmdpZiI+PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L3Rk Pg0KPC90cj4NCjwvdGJvZHk+DQo8L3RhYmxlPg0KPC9kaXY+DQo8L3RkPg0KPC90cj4NCjwvdGJv ZHk+DQo8L3RhYmxlPg0KPC9kaXY+DQo8L3RkPg0KPC90cj4NCjwvdGJvZHk+DQo8L3RhYmxlPg0K PC9kaXY+DQo8L3RkPg0KPC90cj4NCjwvdGJvZHk+DQo8L3RhYmxlPg0KPC9kaXY+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIiBhbGlnbj0iY2VudGVyIiBzdHlsZT0idGV4dC1hbGlnbjpjZW50ZXIiPjxz cGFuIHN0eWxlPSJjb2xvcjpibGFjayI+Jm5ic3A7PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPGRp diBhbGlnbj0iY2VudGVyIj4NCjx0YWJsZSBjbGFzcz0iTXNvTm9ybWFsVGFibGUiIGJvcmRlcj0i MCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIiB3aWR0aD0iMTAwJSIgc3R5bGU9Indp ZHRoOjEwMC4wJTtib3JkZXItY29sbGFwc2U6Y29sbGFwc2U7bWluLXdpZHRoOiAxMDAlIj4NCjx0 Ym9keT4NCjx0cj4NCjx0ZCB3aWR0aD0iMTAwJSIgdmFsaWduPSJ0b3AiIHN0eWxlPSJ3aWR0aDox MDAuMCU7cGFkZGluZzowY20gMGNtIDBjbSAwY20iPg0KPGRpdj4NCjx0YWJsZSBjbGFzcz0iTXNv Tm9ybWFsVGFibGUiIGJvcmRlcj0iMCIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIwIiB3 aWR0aD0iMTAwJSIgc3R5bGU9IndpZHRoOjEwMC4wJTtib3JkZXItY29sbGFwc2U6Y29sbGFwc2U7 bWluLXdpZHRoOiAxMDAlIj4NCjx0Ym9keT4NCjx0cj4NCjx0ZCB2YWxpZ249InRvcCIgc3R5bGU9 InBhZGRpbmc6Ny41cHQgMTUuMHB0IDcuNXB0IDE1LjBwdCI+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48Yj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2Zv bnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzM4N0IzNyI+TkVX Og0KPC9zcGFuPjwvYj48Yj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5 OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6YmxhY2siPkF0LUxhcmdlIENvbW11 bml0eSBMYXVuY2hlcyBUd28gSUNBTk4gTGVhcm4gQ291cnNlczwvc3Bhbj48L2I+PHNwYW4gc3R5 bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNl cmlmO2NvbG9yOiM0MDNGNDIiPg0KPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2 Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250 LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiM0MDNGNDIiPiZuYnNw Ozwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwm cXVvdDssc2Fucy1zZXJpZjtjb2xvcjpibGFjayI+VHdvIG5ldyBjb3Vyc2VzIGFib3V0IHRoZSBB dC1MYXJnZSBjb21tdW5pdHkgYXJlIG5vdyBhdmFpbGFibGUgb24gSUNBTk4gTGVhcm4uIFRoZSBm aXJzdCBjb3Vyc2UgcHJvdmlkZXMgYW4gaW50cm9kdWN0aW9uIHRvIHRoZSBBdC1MYXJnZSBjb21t dW5pdHkgYW5kIHRoZSBBdC1MYXJnZQ0KIEFkdmlzb3J5IENvbW1pdHRlZSAoQUxBQyksIGhvdyB0 aGV5IGZ1bmN0aW9uIHdpdGhpbiB0aGUgSUNBTk4gY29tbXVuaXR5LCBhbmQgaG93IGVuZCB1c2Vy cyBjYW4gc3RhcnQgYW5kIGNvbnRpbnVlIHRoZWlyIGludm9sdmVtZW50LiBUaGUgc2Vjb25kIGNv dXJzZSwg4oCcSUNBTk4gUG9saWN5IERldmVsb3BtZW50OiBBIEd1aWRlIGZvciBBdC1MYXJnZSBQ YXJ0aWNpcGFudHPigJ0gcHJvdmlkZXMgYSBkZWVwZXIgZGl2ZSBpbnRvIGhvdyB0aGUgQUxBQyBk ZXZlbG9wcw0KIHBvbGljeSBhZHZpY2UgYW5kIGZvcm1zIHBvbGljeSBwb3NpdGlvbnMuIDwvc3Bh bj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1 b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzQwM0Y0MiI+PGEgaHJlZj0iaHR0cHM6Ly91cmxkZWZlbnNl LmNvbS92My9fX2h0dHA6L3IyMC5yczYubmV0L3RuLmpzcD9mPTAwMXRRdkM5OTR5QmhQNWRYTzVT bXFrODcyTUJpUlh6WXVRblVDRXdsZ0RtSHVNc1BvTl9mU3A3S0JoeXJPamZHekVTcWxKZ3NacHV0 VGtuMnVqNllxNFZKaWRybUl4TjkwdkV6aVVwN2ZpUjE5S0drRXRabTRnRDJrOEtWdGxHd2xhQ0hO NWFac0xUV0RJVlNxUEY5SVNqQT09JmFtcDtjPTRzLVpoN0xjM05yb1JBRy0zT1BoUzlEVHFMQWJk QUhyaHA2MzJKTzB6VTVUbDhXRGlJVVVmQT09JmFtcDtjaD0zQUhScUlIemxOWGRpdEZXR2I4VEhB YUhuZ1pnSU1NdHNOQno5QjVWbTJLR3FZWU5pYWdTZEE9PSZhbXA7anJjPTFfXzshIVB0R0phYjQh cjBsaVhlVkFlUk1XNk1Zekg1SURXR2kxM3h3M2tFQW9FMGlrOU5NUVF2Ymh1cVRiQ1cyMUR2c3p5 ZkZJWVZIMTFIMjczUlpic3ckIiB0YXJnZXQ9Il9ibGFuayI+PGI+PHNwYW4gc3R5bGU9ImNvbG9y OiMzNjhBOUMiPlRha2UNCiB0aGUgY291cnNlcyEgW3IyMC5yczYubmV0XTwvc3Bhbj48L2I+PC9h Pjwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0Fy aWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6YmxhY2siPg0KPC9zcGFuPjxvOnA+PC9vOnA+PC9w Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJs ZT4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCIgYWxpZ249ImNlbnRlciIgc3R5bGU9InRleHQtYWxpZ246Y2VudGVy Ij48c3BhbiBzdHlsZT0iY29sb3I6YmxhY2siPiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4N CjxkaXYgYWxpZ249ImNlbnRlciI+DQo8dGFibGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxlIiBib3Jk ZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxl PSJ3aWR0aDoxMDAuMCU7Ym9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO21pbi13aWR0aDogMTAwJSI+ DQo8dGJvZHk+DQo8dHI+DQo8dGQgd2lkdGg9IjEwMCUiIHZhbGlnbj0idG9wIiBzdHlsZT0id2lk dGg6MTAwLjAlO2JhY2tncm91bmQ6IzFEMzU2NztwYWRkaW5nOjBjbSAwY20gMGNtIDBjbSI+DQo8 ZGl2Pg0KPHRhYmxlIGNsYXNzPSJNc29Ob3JtYWxUYWJsZSIgYm9yZGVyPSIwIiBjZWxsc3BhY2lu Zz0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSIxMDAlIiBzdHlsZT0id2lkdGg6MTAwLjAlO2Jv cmRlci1jb2xsYXBzZTpjb2xsYXBzZTttaW4td2lkdGg6IDEwMCUiPg0KPHRib2R5Pg0KPHRyPg0K PHRkIHZhbGlnbj0idG9wIiBzdHlsZT0icGFkZGluZzo3LjVwdCAxNS4wcHQgNy41cHQgMTUuMHB0 Ij4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIGFsaWduPSJjZW50 ZXIiIHN0eWxlPSJ0ZXh0LWFsaWduOmNlbnRlciI+PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTox My41cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjp3aGl0 ZSI+UHVibGljIENvbW1lbnQ8L3NwYW4+PC9iPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rp dj4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPC90 ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1h bCIgYWxpZ249ImNlbnRlciIgc3R5bGU9InRleHQtYWxpZ246Y2VudGVyIj48c3BhbiBzdHlsZT0i Y29sb3I6YmxhY2siPiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxkaXYgYWxpZ249ImNl bnRlciI+DQo8dGFibGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxlIiBib3JkZXI9IjAiIGNlbGxzcGFj aW5nPSIwIiBjZWxscGFkZGluZz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxlPSJ3aWR0aDoxMDAuMCU7 Ym9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO21pbi13aWR0aDogMTAwJSI+DQo8dGJvZHk+DQo8dHI+ DQo8dGQgd2lkdGg9IjEwMCUiIHZhbGlnbj0idG9wIiBzdHlsZT0id2lkdGg6MTAwLjAlO3BhZGRp bmc6MGNtIDBjbSAwY20gMGNtIj4NCjxkaXY+DQo8dGFibGUgY2xhc3M9Ik1zb05vcm1hbFRhYmxl IiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMCIgd2lkdGg9IjEwMCUi IHN0eWxlPSJ3aWR0aDoxMDAuMCU7Ym9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlO21pbi13aWR0aDog MTAwJSI+DQo8dGJvZHk+DQo8dHI+DQo8dGQgdmFsaWduPSJ0b3AiIHN0eWxlPSJwYWRkaW5nOjcu NXB0IDE1LjBwdCA3LjVwdCAxNS4wcHQiPg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWlseTomcXVv dDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiM0MDNGNDIiPjxhIGhyZWY9Imh0dHBzOi8v dXJsZGVmZW5zZS5jb20vdjMvX19odHRwOi9yMjAucnM2Lm5ldC90bi5qc3A/Zj0wMDF0UXZDOTk0 eUJoUDVkWE81U21xazg3Mk1CaVJYell1UW5VQ0V3bGdEbUh1TXNQb05fZlNwN0c4RE1BM2xvWGZN aVVQT2FHdEZIRXcydDE3RVJsd3J4ZnREUUh4eXB6Tnlrd2NaUnZJOVNGOF9XTU9tMXRuR2VGNlRI clhrOWZheDU1bUpRSmhVZFM2WnRLTXJ4SkZuMTIteHhFamxyZm5GTEl6TGdMbG5CTkJ2N1FvS2c4 bm1POGhvNmVfREtzVGUtODE1SG1mRFVzRlNXZUM2Y3dHeTlkandVMl82SGM4U2NIRGNfdjhBNVFr Ml9HSWFoSGNCZWc9PSZhbXA7Yz00cy1aaDdMYzNOcm9SQUctM09QaFM5RFRxTEFiZEFIcmhwNjMy Sk8welU1VGw4V0RpSVVVZkE9PSZhbXA7Y2g9M0FIUnFJSHpsTlhkaXRGV0diOFRIQWFIbmdaZ0lN TXRzTkJ6OUI1Vm0yS0dxWVlOaWFnU2RBPT0mYW1wO2pyYz0xX187ISFQdEdKYWI0IXIwbGlYZVZB ZVJNVzZNWXpINUlEV0dpMTN4dzNrRUFvRTBpazlOTVFRdmJodXFUYkNXMjFEdnN6eWZGSVlWSDEx SDNXUnRwRFpRJCIgdGFyZ2V0PSJfYmxhbmsiPjxiPjxzcGFuIHN0eWxlPSJjb2xvcjojMzY4QTlD Ij5HTlNPJm5ic3A7UmV2aWV3DQogb2YgQWxsIFJpZ2h0cyBQcm90ZWN0aW9uIE1lY2hhbmlzbXMg aW4gQWxsIGdUTERzIFBvbGljeSBEZXZlbG9wbWVudCBQcm9jZXNzIFBoYXNlIDEgRmluYWwgUmVj b21tZW5kYXRpb25zIGZvciZuYnNwO0lDQU5OJm5ic3A7Qm9hcmQgQ29uc2lkZXJhdGlvbiBbcjIw LnJzNi5uZXRdPC9zcGFuPjwvYj48L2E+PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8 ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBw dDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNrIj5D bG9zZSBEYXRlOg0KPC9zcGFuPjwvYj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQt ZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6YmxhY2siPkZyaWRheSwg MzAgQXByaWwgMjAyMTwvc3Bhbj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQtZmFt aWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzQwM0Y0MiI+DQo8L3NwYW4+ PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh biBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNh bnMtc2VyaWY7Y29sb3I6IzQwM0Y0MiI+Jm5ic3A7PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9k aXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6 ZTo5LjBwdDtmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMz ODdCMzciPk5FVzo8L3NwYW4+PC9iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1m YW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojNDAzRjQyIj4NCjxhIGhy ZWY9Imh0dHBzOi8vdXJsZGVmZW5zZS5jb20vdjMvX19odHRwOi9yMjAucnM2Lm5ldC90bi5qc3A/ Zj0wMDF0UXZDOTk0eUJoUDVkWE81U21xazg3Mk1CaVJYell1UW5VQ0V3bGdEbUh1TXNQb05fZlNw N0tCaHlyT2pmR3pFc1F2M0JYYXlNM05TcWFsMHVpelRNRXZpWlVWeF8zZDRjcW5HdE1FN0wtOUNp ZHQtZ3J6Tlh2R09LV3VNSUFZTFYwc0ZFb18zeWczOEZ4Z3l3UEVTMmswM1ZUTlp6d3lzNGI5V1g5 S2dfdjlQMDh6cXVSam1DOVZnQVFXc1ZPcU1DNFZnd3FMWkVSWHhyU29WZjljWmR4V0VYQkV2LXFI Q19OcGpRNUNZZUgtQzk0M255N3ZucXc9PSZhbXA7Yz00cy1aaDdMYzNOcm9SQUctM09QaFM5RFRx TEFiZEFIcmhwNjMySk8welU1VGw4V0RpSVVVZkE9PSZhbXA7Y2g9M0FIUnFJSHpsTlhkaXRGV0di OFRIQWFIbmdaZ0lNTXRzTkJ6OUI1Vm0yS0dxWVlOaWFnU2RBPT0mYW1wO2pyYz0xX187ISFQdEdK YWI0IXIwbGlYZVZBZVJNVzZNWXpINUlEV0dpMTN4dzNrRUFvRTBpazlOTVFRdmJodXFUYkNXMjFE dnN6eWZGSVlWSDExSDFBcnQtTGh3JCIgdGFyZ2V0PSJfYmxhbmsiPg0KPGI+PHNwYW4gc3R5bGU9 ImNvbG9yOiMzNjhBOUMiPkdOU08gTmV3IGdUTEQgU3Vic2VxdWVudCBQcm9jZWR1cmVzIEZpbmFs IE91dHB1dHMgZm9yIElDQU5OIEJvYXJkIENvbnNpZGVyYXRpb24gW3IyMC5yczYubmV0XTwvc3Bh bj48L2I+PC9hPg0KPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWls eTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOmJsYWNrIj5DbG9zZSBEYXRlOg0K PC9zcGFuPjwvYj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjkuMHB0O2ZvbnQtZmFtaWx5OiZxdW90 O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6YmxhY2siPlR1ZXNkYXksIDEgSnVuZSAyMDIx PC9zcGFuPjxzcGFuIHN0eWxlPSJmb250LXNpemU6OS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJp YWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojNDAzRjQyIj4NCjwvc3Bhbj48bzpwPjwvbzpwPjwv cD4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFi bGU+DQo8L2Rpdj4NCjwvdGQ+DQo8L3RyPg0KPC90Ym9keT4NCjwvdGFibGU+DQo8L2Rpdj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiIGFsaWduPSJjZW50ZXIiIHN0eWxlPSJ0ZXh0LWFsaWduOmNlbnRl ciI+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj4mbmJzcDs8L3NwYW4+PG86cD48L286cD48L3A+ DQo8ZGl2IGFsaWduPSJjZW50ZXIiPg0KPHRhYmxlIGNsYXNzPSJNc29Ob3JtYWxUYWJsZSIgYm9y ZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSIxMDAlIiBzdHls ZT0id2lkdGg6MTAwLjAlO2JvcmRlci1jb2xsYXBzZTpjb2xsYXBzZTttaW4td2lkdGg6IDEwMCUi Pg0KPHRib2R5Pg0KPHRyPg0KPHRkIHdpZHRoPSIxMDAlIiB2YWxpZ249InRvcCIgc3R5bGU9Indp ZHRoOjEwMC4wJTtiYWNrZ3JvdW5kOiMxRDM1Njc7cGFkZGluZzowY20gMGNtIDBjbSAwY20iPg0K PGRpdj4NCjx0YWJsZSBjbGFzcz0iTXNvTm9ybWFsVGFibGUiIGJvcmRlcj0iMCIgY2VsbHNwYWNp bmc9IjAiIGNlbGxwYWRkaW5nPSIwIiB3aWR0aD0iMTAwJSIgc3R5bGU9IndpZHRoOjEwMC4wJTti b3JkZXItY29sbGFwc2U6Y29sbGFwc2U7bWluLXdpZHRoOiAxMDAlIj4NCjx0Ym9keT4NCjx0cj4N Cjx0ZCB2YWxpZ249InRvcCIgc3R5bGU9InBhZGRpbmc6Ny41cHQgMTUuMHB0IDcuNXB0IDE1LjBw dCI+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBhbGlnbj0iY2Vu dGVyIiBzdHlsZT0idGV4dC1hbGlnbjpjZW50ZXIiPjxiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6 OS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjp3aGl0 ZSI+Vm9sdW1lIDMsIElzc3VlIDMxIHwNCjwvc3Bhbj48L2I+PGI+PHNwYW4gc3R5bGU9ImZvbnQt c2l6ZToxOC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xv cjp3aGl0ZSI+PGEgaHJlZj0iaHR0cHM6Ly91cmxkZWZlbnNlLmNvbS92My9fX2h0dHA6L3IyMC5y czYubmV0L3RuLmpzcD9mPTAwMXRRdkM5OTR5QmhQNWRYTzVTbXFrODcyTUJpUlh6WXVRblVDRXds Z0RtSHVNc1BvTl9mU3A3SWpkTmV0d3ljVGZ4OGtPUVo1cWxfNkJfRUkxbjlTSFV0RVByQTZhMHFy N3lXRFlJZHhYemNxNGFYMXdPZnNaZWNQR0JhbGlvRjE4ZkRDYnpaOC1qRkt4d3Y4RWROb3FsMFpM QUxLUXpOX0l1cWdBNzBpa2NHcllVaXNhaWxWb1Q1U19lUUtDU3VoeWwyV0hWeU41a0ZqeWxSSk1v QWJfaGRzYnQxd29vWWZBdF9LWHJUdmhkQWM9JmFtcDtjPTRzLVpoN0xjM05yb1JBRy0zT1BoUzlE VHFMQWJkQUhyaHA2MzJKTzB6VTVUbDhXRGlJVVVmQT09JmFtcDtjaD0zQUhScUlIemxOWGRpdEZX R2I4VEhBYUhuZ1pnSU1NdHNOQno5QjVWbTJLR3FZWU5pYWdTZEE9PSZhbXA7anJjPTFfXzshIVB0 R0phYjQhcjBsaVhlVkFlUk1XNk1Zekg1SURXR2kxM3h3M2tFQW9FMGlrOU5NUVF2Ymh1cVRiQ1cy MUR2c3p5ZkZJWVZIMTFIMEVBNFZsMXckIiB0YXJnZXQ9Il9ibGFuayI+PHNwYW4gc3R5bGU9ImZv bnQtc2l6ZTo5LjBwdDtjb2xvcjp3aGl0ZSI+QXJjaGl2ZQ0KIFtyMjAucnM2Lm5ldF08L3NwYW4+ PC9hPjwvc3Bhbj48L2I+PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjBwdDtmb250LWZhbWls eTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOndoaXRlIj4gfCBOZXh0IElzc3Vl OiBUaHVyc2RheSwgMjkgQXByaWwgMjAyMTwvc3Bhbj48L2I+PGI+PHNwYW4gc3R5bGU9ImZvbnQt c2l6ZToxOC4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xv cjp3aGl0ZSI+DQo8L3NwYW4+PC9iPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwv ZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPC90ZD4NCjwv dHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0K PC90YWJsZT4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2 Pg0KPC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+ DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPC90ZD4NCjwvdHI+DQo8dHI+DQo8dGQgc3R5 bGU9InBhZGRpbmc6MGNtIDBjbSAwY20gMGNtIj48L3RkPg0KPC90cj4NCjwvdGJvZHk+DQo8L3Rh YmxlPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+Jm5ic3A7PG86cD48L286cD48L3A+DQo8dGFibGUg Y2xhc3M9Ik1zb05vcm1hbFRhYmxlIiBib3JkZXI9IjAiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFk ZGluZz0iMCIgd2lkdGg9IjEwMCUiIHN0eWxlPSJ3aWR0aDoxMDAuMCU7YmFja2dyb3VuZDp3aGl0 ZTtib3JkZXItY29sbGFwc2U6Y29sbGFwc2UiPg0KPHRib2R5Pg0KPHRyPg0KPHRkIHdpZHRoPSIx MDAlIiB2YWxpZ249InRvcCIgc3R5bGU9IndpZHRoOjEwMC4wJTtwYWRkaW5nOjBjbSAwY20gMGNt IDBjbSI+DQo8ZGl2IGFsaWduPSJjZW50ZXIiPg0KPHRhYmxlIGNsYXNzPSJNc29Ob3JtYWxUYWJs ZSIgYm9yZGVyPSIwIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjAiIHdpZHRoPSIxMDAl IiBzdHlsZT0id2lkdGg6MTAwLjAlO2JvcmRlci1jb2xsYXBzZTpjb2xsYXBzZSI+DQo8dGJvZHk+ DQo8dHI+DQo8dGQgdmFsaWduPSJ0b3AiIHN0eWxlPSJwYWRkaW5nOjEyLjBwdCAwY20gMTIuMHB0 IDBjbSI+PC90ZD4NCjwvdHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjwvZGl2Pg0KPC90ZD4NCjwv dHI+DQo8L3Rib2R5Pg0KPC90YWJsZT4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPiZuYnNwOzxvOnA+ PC9vOnA+PC9wPg0KPC9kaXY+DQo8L2JvZHk+DQo8L2h0bWw+DQo= --_000_3A3A0F2F6E3040C3A7E31D22F32A18ECicannorg_-- ========================================================================= Date: Mon, 26 Apr 2021 16:57:44 +0000 Reply-To: ICANN Policy Calendar <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: ICANN Policy Calendar <[log in to unmask]> Subject: NCUC webinar on Civil Society Participation at ICANN | 6 May 2021 at 12:00 UTC X-To: NCUC Discuss <[log in to unmask]>, Npoc-discuss <[log in to unmask]>, Maryam Bakoshi <[log in to unmask]>, Brenda Brewer <[log in to unmask]> Content-Type: multipart/alternative; boundary="_000_9602f473cde1491e816b2655c1947247icannorg_" MIME-Version: 1.0 Message-ID: <[log in to unmask]> --_000_9602f473cde1491e816b2655c1947247icannorg_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Please join NCUC webinar on Civil Society Participation at ICANN on 6 May 2= 021 at 12:00 UTC. See additional time zone support here. <https://www.timeanddate.com/worldclock/fixedtime.html?msg=3DNCUC+webinar+o= n+Civil+Society+Participation+at+ICANN&iso=3D20210506T12&p1=3D1440&ah=3D1> <https://www.timeanddate.com/worldclock/fixedtime.html?msg=3DNCUC+webinar+o= n+Civil+Society+Participation+at+ICANN&iso=3D20210506T12&p1=3D1440&ah=3D1> Join Zoom Meeting: https://icann.zoom.us/j/91915096276?pwd=3DNlFuczVaZjQ5b= kJLbjRkaWU2NURQUT09 Meeting ID: 919 1509 6276 Passcode: gY!1eduG=3D2 PHONE ONLY DETAILS: One tap mobile +19294362866,,91915096276#,,,,*7160345661# US (New York) +13017158592,,91915096276#,,,,*7160345661# US (Washington DC) Find your local number: https://icann.zoom.us/u/adGhghFMmJ Meeting ID: 919 1509 6276 Phone only passcode: 7160345661 --_000_9602f473cde1491e816b2655c1947247icannorg_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <html xmlns:o=3D"urn:schemas-microsoft-com:office:office" xmlns:w=3D"urn:sc= hemas-microsoft-com:office:word" xmlns:m=3D"http://schemas.microsoft.com/of= fice/2004/12/omml" xmlns=3D"http://www.w3.org/TR/REC-html40"> <head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Diso-8859-= 1"> <meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)"> <style><!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} @font-face {font-family:"Times New Roman \(Body CS\)"; panose-1:2 11 6 4 2 2 2 2 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; font-size:11.0pt; font-family:"Calibri",sans-serif;} a:link, span.MsoHyperlink {mso-style-priority:99; color:#0563C1; text-decoration:underline;} span.EmailStyle17 {mso-style-type:personal-compose; font-family:"Calibri",sans-serif; color:windowtext;} .MsoChpDefault {mso-style-type:export-only; font-family:"Calibri",sans-serif;} @page WordSection1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.WordSection1 {page:WordSection1;} --></style> </head> <body lang=3D"EN-US" link=3D"#0563C1" vlink=3D"#954F72" style=3D"word-wrap:= break-word"> <div class=3D"WordSection1"> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt">Please join <b>NCUC= webinar</b> <b>on</b> <b>Civil Society Participation at ICANN</b> on 6 May 2021 at 12:0= 0 UTC. </span>See additional time zone support <a href=3D"https://www.timeanddate.= com/worldclock/fixedtime.html?msg=3DNCUC+webinar+on+Civil+S= ociety+Participation+at+ICANN&iso=3D20210506T12&p1=3D14= 40&ah=3D1"> here.<span style=3D"font-size:12.0pt;color:windowtext;text-decoration:none"= ><o:p><br> </o:p></span></a></p> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt"><a href=3D"https://= www.timeanddate.com/worldclock/fixedtime.html?msg=3DNCUC+webinar+on= +Civil+Society+Participation+at+ICANN&iso=3D2021050= 6T12&p1=3D1440&ah=3D1"><span style=3D"color:windowtext;text-decorat= ion:none"><o:p><br> </o:p></span></a></span></p> <p class=3D"MsoNormal"><b><span style=3D"font-size:13.0pt">Join Zoom Meetin= g: <span style=3D"background:yellow;mso-highlight:yellow"> <a href=3D"https://icann.zoom.us/j/91915096276?pwd=3DNlFuczVaZjQ5bkJLbjRkaW= U2NURQUT09">https://icann.zoom.us/j/91915096276?pwd=3DNlFuczVaZjQ5bkJLbjRka= WU2NURQUT09</a></span><o:p><br> </o:p></span></b></p> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt"><o:p><br> </o:p></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt">Meeting ID: 919 150= 9 6276<o:p><br> </o:p></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt">Passcode: gY!1eduG= =3D2<o:p><br> </o:p></span></p> <div style=3D"mso-element:para-border-div;border:none;border-bottom:solid w= indowtext 1.5pt;padding:0in 0in 1.0pt 0in"> <p class=3D"MsoNormal" style=3D"border:none;padding:0in"><span style=3D"fon= t-size:12.0pt"><o:p><br> </o:p></span></p> </div> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt"><o:p><br> </o:p></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt">PHONE ONLY DETAILS:= <o:p><br> </o:p></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt">One tap mobile<o:p>= <br> </o:p></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt">+19294362866,,9= 1915096276#,,,,*7160345661# US (New York)<o:p><br> </o:p></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt">+13017158592,,9= 1915096276#,,,,*7160345661# US (Washington DC)<o:p><br> </o:p></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt"><o:p><br> </o:p></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt">Find your local num= ber: https://icann.zoom.us/u/adGhghFMmJ<o:p><br> </o:p></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt">Meeting ID: 919 150= 9 6276<o:p><br> </o:p></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt">Phone only passcode= : 7160345661<o:p><br> </o:p></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:12.0pt"><o:p><br> </o:p></span></p> </div> </body> </html> --_000_9602f473cde1491e816b2655c1947247icannorg_ Content-Type: text/calendar; charset="utf-8"; method=REQUEST Content-Transfer-Encoding: base64 QkVHSU46VkNBTEVOREFSDQpNRVRIT0Q6UkVRVUVTVA0KUFJPRElEOk1pY3Jvc29mdCBFeGNoYW5n ZSBTZXJ2ZXIgMjAxMA0KVkVSU0lPTjoyLjANCkJFR0lOOlZUSU1FWk9ORQ0KVFpJRDpVVEMNCkJF R0lOOlNUQU5EQVJEDQpEVFNUQVJUOjE2MDEwMTAxVDAwMDAwMA0KVFpPRkZTRVRGUk9NOiswMDAw DQpUWk9GRlNFVFRPOiswMDAwDQpFTkQ6U1RBTkRBUkQNCkJFR0lOOkRBWUxJR0hUDQpEVFNUQVJU OjE2MDEwMTAxVDAwMDAwMA0KVFpPRkZTRVRGUk9NOiswMDAwDQpUWk9GRlNFVFRPOiswMDAwDQpF TkQ6REFZTElHSFQNCkVORDpWVElNRVpPTkUNCkJFR0lOOlZFVkVOVA0KT1JHQU5JWkVSO0NOPUlD QU5OIFBvbGljeSBDYWxlbmRhcjpNQUlMVE86UG9saWN5Q2FsZW5kYXJAaWNhbm4ub3JnDQpBVFRF TkRFRTtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJT047UlNWUD1GQUxT RTtDTj1OQ1VDIERpc2MNCiB1c3M6TUFJTFRPOm5jdWMtZGlzY3Vzc0BsaXN0cy5uY3VjLm9yZw0K QVRURU5ERUU7Uk9MRT1SRVEtUEFSVElDSVBBTlQ7UEFSVFNUQVQ9TkVFRFMtQUNUSU9OO1JTVlA9 RkFMU0U7Q049TkNTRy1EaXNjDQogdXNzOk1BSUxUTzpOQ1NHLURJU0NVU1NATElTVFNFUlYuU1lS LkVEVQ0KQVRURU5ERUU7Uk9MRT1SRVEtUEFSVElDSVBBTlQ7UEFSVFNUQVQ9TkVFRFMtQUNUSU9O O1JTVlA9RkFMU0U7Q049TnBvYy1kaXNjDQogdXNzOk1BSUxUTzpucG9jLWRpc2N1c3NAaWNhbm4u b3JnDQpBVFRFTkRFRTtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJT047 UlNWUD1GQUxTRTtDTj1NYXJ5YW0gQmENCiBrb3NoaTpNQUlMVE86bWFyeWFtLmJha29zaGlAaWNh bm4ub3JnDQpBVFRFTkRFRTtST0xFPVJFUS1QQVJUSUNJUEFOVDtQQVJUU1RBVD1ORUVEUy1BQ1RJ T047UlNWUD1GQUxTRTtDTj1CcmVuZGEgQnINCiBld2VyOk1BSUxUTzpicmVuZGEuYnJld2VyQGlj YW5uLm9yZw0KREVTQ1JJUFRJT047TEFOR1VBR0U9ZW4tVVM6UGxlYXNlIGpvaW4gTkNVQyB3ZWJp bmFyIG9uIENpdmlsIFNvY2lldHkgUGFydGljDQogaXBhdGlvbiBhdCBJQ0FOTiBvbiA2IE1heSAy MDIxIGF0IDEyOjAwIFVUQy4gIFNlZSBhZGRpdGlvbmFsIHRpbWUgem9uZSBzdXANCiBwb3J0IGhl cmUuXG48aHR0cHM6Ly93d3cudGltZWFuZGRhdGUuY29tL3dvcmxkY2xvY2svZml4ZWR0aW1lLmh0 bWw/bXNnPU5DVQ0KIEMrd2ViaW5hcitvbitDaXZpbCtTb2NpZXR5K1BhcnRpY2lwYXRpb24rYXQr SUNBTk4maXNvPTIwMjEwNTA2VDEyJnAxPTE0NDAmDQogYWg9MT5cblxuPGh0dHBzOi8vd3d3LnRp bWVhbmRkYXRlLmNvbS93b3JsZGNsb2NrL2ZpeGVkdGltZS5odG1sP21zZz1OQ1VDK3cNCiBlYmlu YXIrb24rQ2l2aWwrU29jaWV0eStQYXJ0aWNpcGF0aW9uK2F0K0lDQU5OJmlzbz0yMDIxMDUwNlQx MiZwMT0xNDQwJmFoPQ0KIDE+XG5Kb2luIFpvb20gTWVldGluZzogIGh0dHBzOi8vaWNhbm4uem9v bS51cy9qLzkxOTE1MDk2Mjc2P3B3ZD1ObEZ1Y3pWYVpqDQogUTVia0pMYmpSa2FXVTJOVVJRVVQw OVxuXG5cblxuTWVldGluZyBJRDogOTE5IDE1MDkgNjI3NlxuXG5QYXNzY29kZTogZ1khMWUNCiBk dUc9MlxuXG5cblxuXG5cblBIT05FIE9OTFkgREVUQUlMUzpcblxuT25lIHRhcCBtb2JpbGVcblxu JiM0M1w7MTkyOTQzNjI4Ng0KIDZcLFwsOTE5MTUwOTYyNzYjXCxcLFwsXCwqNzE2MDM0NTY2MSMg VVMgKE5ldyBZb3JrKVxuXG4mIzQzXDsxMzAxNzE1ODU5MlwsDQogXCw5MTkxNTA5NjI3NiNcLFws XCxcLCo3MTYwMzQ1NjYxIyBVUyAoV2FzaGluZ3RvbiBEQylcblxuXG5cbkZpbmQgeW91ciBsb2MN CiBhbCBudW1iZXI6IGh0dHBzOi8vaWNhbm4uem9vbS51cy91L2FkR2hnaEZNbUpcblxuTWVldGlu ZyBJRDogOTE5IDE1MDkgNjI3Ng0KIFxuXG5QaG9uZSBvbmx5IHBhc3Njb2RlOiA3MTYwMzQ1NjYx XG5cblxuDQpVSUQ6RjA4Qzk1M0EtM0NENS00NUQyLTlFMjMtMTlBQzU1NkIwQTlBDQpTVU1NQVJZ O0xBTkdVQUdFPWVuLVVTOk5DVUMgd2ViaW5hciBvbiBDaXZpbCBTb2NpZXR5IFBhcnRpY2lwYXRp b24gYXQgSUNBTk4NCiAgfCA2IE1heSAyMDIxIGF0IDEyOjAwIFVUQw0KRFRTVEFSVDtUWklEPVVU QzoyMDIxMDUwNlQxMjAwMDANCkRURU5EO1RaSUQ9VVRDOjIwMjEwNTA2VDEzMDAwMA0KQ0xBU1M6 UFVCTElDDQpQUklPUklUWTo1DQpEVFNUQU1QOjIwMjEwNDI2VDE2NTc0M1oNClRSQU5TUDpPUEFR VUUNClNUQVRVUzpDT05GSVJNRUQNClNFUVVFTkNFOjANCkxPQ0FUSU9OO0xBTkdVQUdFPWVuLVVT Omh0dHBzOi8vaWNhbm4uem9vbS51cy9qLzkxOTE1MDk2Mjc2P3B3ZD1ObEZ1Y3pWYVpqUQ0KIDVi a0pMYmpSa2FXVTJOVVJRVVQwOQ0KWC1NSUNST1NPRlQtQ0RPLUFQUFQtU0VRVUVOQ0U6MA0KWC1N SUNST1NPRlQtQ0RPLU9XTkVSQVBQVElEOjIxMTk0ODgyMzgNClgtTUlDUk9TT0ZULUNETy1CVVNZ U1RBVFVTOlRFTlRBVElWRQ0KWC1NSUNST1NPRlQtQ0RPLUlOVEVOREVEU1RBVFVTOkJVU1kNClgt TUlDUk9TT0ZULUNETy1BTExEQVlFVkVOVDpGQUxTRQ0KWC1NSUNST1NPRlQtQ0RPLUlNUE9SVEFO Q0U6MQ0KWC1NSUNST1NPRlQtQ0RPLUlOU1RUWVBFOjANClgtTUlDUk9TT0ZULURPTk9URk9SV0FS RE1FRVRJTkc6RkFMU0UNClgtTUlDUk9TT0ZULURJU0FMTE9XLUNPVU5URVI6VFJVRQ0KQkVHSU46 VkFMQVJNDQpERVNDUklQVElPTjpSRU1JTkRFUg0KVFJJR0dFUjtSRUxBVEVEPVNUQVJUOi1QVDMw TQ0KQUNUSU9OOkRJU1BMQVkNCkVORDpWQUxBUk0NCkVORDpWRVZFTlQNCkVORDpWQ0FMRU5EQVIN Cg== --_000_9602f473cde1491e816b2655c1947247icannorg_-- ========================================================================= Date: Tue, 27 Apr 2021 12:01:57 +1000 Reply-To: Tomslin Samme-Nlar <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: Tomslin Samme-Nlar <[log in to unmask]> Subject: Call for Volunteers - GNSO New gTLD Subsequent Procedures Final Outputs for ICANN Board Consideration X-cc: ncsg-pc <[log in to unmask]> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="00000000000049690405c0eaa645" Message-ID: <[log in to unmask]> --00000000000049690405c0eaa645 Content-Type: text/plain; charset="UTF-8" Dear members, There is a running public proceeding seeking to obtain community input prior to the Board consideration on the New gTLD Subsequent Procedures Final Outputs. Please let me know off-list if you'd like to volunteer for the comment drafting. It'll be nice to have more than one volunteer. The comment period closes on 01 June 2021. More information on the public comment can be found here : https://www.icann.org/public-comments/gnso-gtld-subsequent-procedures-final-outputs-2021-04-22-en A draft Google doc for the comment can be found here: https://docs.google.com/document/d/1R6aZr6T7urEQdlCLsRk_wjNr4HMqDN7P08F1UyeRyBo/edit?usp=sharing You can find previous NCSG comments here: https://community.icann.org/display/gnsononcomstake/Public+Comments+-+2021 Regards, Tomslin --00000000000049690405c0eaa645 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div> <div>Dear members,</div><div><br></div><div>There is a running public=20 proceeding seeking to obtain community input prior to the Board considerati= on=20 on the New gTLD Subsequent Procedures Final Outputs.</div><div><br></div><d= iv>Please let me know off-list if you'd like to <span class=3D"gmail-il= ">volunteer</span> for the comment drafting. It'll be nice to have more= than one <span class=3D"gmail-il">volunteer</span>.<br></div><div><br></di= v><div> The comment period closes on 01 June 2021. <br></div><div><br></div><div>Mo= re information on the public comment can be found here : <a href=3D"https:/= /www.icann.org/public-comments/gnso-gtld-subsequent-procedures-final-output= s-2021-04-22-en">https://www.icann.org/public-comments/gnso-gtld-subsequent= -procedures-final-outputs-2021-04-22-en</a><br><br>A draft Google doc for t= he comment can be found here: <a href=3D"https://docs.google.com/document/d= /1R6aZr6T7urEQdlCLsRk_wjNr4HMqDN7P08F1UyeRyBo/edit?usp=3Dsharing">https://d= ocs.google.com/document/d/1R6aZr6T7urEQdlCLsRk_wjNr4HMqDN7P08F1UyeRyBo/edit= ?usp=3Dsharing</a><br><br>You can find previous NCSG comments here: <a href= =3D"https://community.icann.org/display/gnsononcomstake/Public+Comments+-+2= 021" target=3D"_blank">https://community.icann.org/display/gnsononcomstake/= Public+Comments+-+2021</a><br><br></div><div><div dir=3D"ltr"><div dir=3D"l= tr"><div><div dir=3D"ltr"><div><div dir=3D"ltr"><div dir=3D"ltr"><div dir= =3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div>Regards,<b= r></div>Tomslin</div></div></div></div></div></div></div></div></div></div>= </div></div> </div></div> --00000000000049690405c0eaa645-- ========================================================================= Date: Tue, 27 Apr 2021 17:39:48 +0100 Reply-To: Mark Leiser <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: Mark Leiser <[log in to unmask]> Subject: Re: EPDP policy issues - [adding Kathy] X-To: [log in to unmask] In-Reply-To: <[log in to unmask]> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="000000000000b379ac05c0f6e922" Message-ID: <[log in to unmask]> --000000000000b379ac05c0f6e922 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hello all, I'm Assistant Professor in Law and Digital Technologies at Leiden University in the Netherlands. I wanted to add a little European perspective to this thread. I find it all a bit bizarre and some of the arguments to be a little off point. Article 4(1) GDPR states that personal data is 'any information related to an identifiable living person', The Article 29 Working Party has made this clear - ANY information is to be interpreted very broadly. This approach has been endorsed by the CJEU. Furthermore, it matters not whether someone has given permission, consented, or otherwise. It is still personal data and as far as the GDPR goes, you need to have a valid ground for processing personal data - otherwise you will be falling foul of the Regulation. Pseudonymous data is also to be considered personal data. Either way, the Registrars will be processing personal data if any information is related to a living individual. Let me answer Kathy's questions - a) Is a name =E2=80=9Cpersonal data=E2=80=9D? *YES* b) Is an address =E2=80=9Cpersonal data=E2=80=9D? *YES - because it is= 'any information' 'relating to' a living individual (the people that live there)= * c) Is a cell phone =E2=80=9Cpersonal data=E2=80=9D? *YES - because it= is information that relates to a living individual* d) Is an email =E2=80=9Cpersonal data=E2=80=9D? *YES - because most em= ails are related to an identifiable person. Kathy's email above relates to her, therefore, it is personal data. * Therefore, [log in to unmask] is personal data if someone behind it is identifiable. If more than one person is running that account it would amount to personal data about BOTH individuals. So Kathy is kind of right here. As far as the GDPR goes, you are processing personal data. Furthermore, even if someone is not identifiable, if the email is able to be combined with data from another set to reveal the user of the account, the email would still amount to 'personal data' within the meaning of Article 4(1). Stephanie's email made reference to the fact that employees do not know and understand their rights. The GDPR offers the type of protection that makes this irrelevant.. They are protected. The GDPR would also protect 'legal persons' if there is a natural person behind the entity that is identifiable. The confusion comes from Recital 14 of the GDPR which states that it only applies to natural persons and does not cover the processing of personal data concerning legal persons, in particular undertakings established as legal persons or legal entities. This also includes the name of the legal person, the form, and the contact details of the legal person. But the second you start adding identifiers to these details, it stops becoming the data of a 'legal person' and starts becoming personal data. Secondly, I find this statement, "I think it is simplest to just say to the registrant, if you=E2=80=99re a company and don=E2=80=99t mind (or even wan= t) your data to be published, check this box. If you=E2=80=99re not, or you do mind, don=E2= =80=99t check it." to be BOTH perplexing and inaccurate. Whether someone checks the box, or does not check the box is completely irrelevant for determining whether it is personal data. Whether someone checks the box is a question of CONSENT to processing AND publication, not whether this amounts to personal data. So If MIlton's position (as represented by Stephanie is true), if the Registrars overrule the designation of a registrant or whether Stephanie's approach of 'erring on the side of caution' is viable. Registrants must protect personal data as a legal obligation - and must have a legal ground for processing personal data in all instances. Remember the GDPR has extra-jurisdictional effects. If a registrant chooses to self-designate as a legal person or not is irrelevant for the purposes of the GDPR. If a registrar decides to identify you, or take steps to do so then they are processing personal data and need a legal basis for doing so. If the legal person becomes identifiable, then the registrar is STILL processing personal data. And it would make sense for them to have a LEGAL BASIS for doing so. So without a lot of further discussion from me about the three emails in this thread, I would just conclude that what you are all proposing is somewhat irrelevant for compliance with European data privacy obligations. If the person is identifiable from the data, the registrar will be processing personal data if there is a living individual that is related to that personal data. The Registrar might not want to be a data controller and subject to the GDPR's obligations. Although a legal person might not be considered 'personal data' under Recital 14, if this data can be combined with additional data, it will become personal data. Therefore it is not a question of whether they should designate as a legal person or not, it is whether either a 'natural' person or a 'legal' person consents to the publication of its data. Finally, Kathy, MIlton, and Stephanie are confusing the regulatory obligations under the GDPR, with the privacy rights of both the EU Charter and the European Convention of Human Rights. Data Protection is a STANDALONE fundamental right in Europe. While you may be compliant with the GDPR but you have to ALSO be compliant with the privacy obligations of the European Convention of Human Rights. Therefore, to build on Kathy's suggestion in the email thread and to cover the GDPR's requirements and the ECHR's privacy obligations, I would argue that the question needs to be at least the following: 'do you consent to your domain name registration data being published in the WHOIS/RDS database?'. I would also argue that the default should be 'no' in order to comply with both the GDPR and European privacy obligations. Happy to discuss further. Regards, Mark *Dr Mark Leiser | Law and Digital Technologies | FRSA FHEA |* On Mon, 26 Apr 2021 at 14:19, <[log in to unmask]> wrote: > Dear Milton, > This is a very important conversation we are having. I'll respond in > order, but note that the most interesting thing you said was in your last > sentence. That's worth discussing! > > To my questions: > a) Is a name =E2=80=9Cpersonal data=E2=80=9D? > > b) Is an address =E2=80=9Cpersonal data=E2=80=9D? > > c) Is a cell phone =E2=80=9Cpersonal data=E2=80=9D? > > d) Is an email =E2=80=9Cpersonal data=E2=80=9D? > > > > You believe "In a digital world, there is no hard, well-defined nugget of > data that is =E2=80=9Cpersonal=E2=80=9D and > > everything else is not." *In the legal world, however, there hard but > not fast answers. * That's why after being an attorney in this space for > a long time, I can tell you that the answer is "it depends" to many of th= e > questions above. Under EU rules, my email can be personal data since it > includes my name. Under EU rules, as I understand them, even > [log in to unmask] can be personal data if only person runs the "Info" desk > of a hypothetical "myorg". > > These are not easy questions for anyone going through the fast process of > domain name registrations (where questions should be clear and > straightforward). > > Please do not underestimate the value of domain name data. SSN, driver's > licenses and national ID cards all have high level of protection under > national and state laws. They are not available in 24*7 open and public > databases as WHOIS has been (prior to GDPR-based redaction). More on this > below. > > > > > > *But happily, you email ended on a stunning note: > So I think it is > simplest to just say to the registrant, if you=E2=80=99re a > company and= don=E2=80=99t > mind (or even want) your data to be published, > check this box. If you= =E2=80=99re > not, or you do mind, don=E2=80=99t check it.* > > *Great - can we ask exactly what you said above?! * *Not the binary > question: are you a legal or natural person (with its legal liability), b= ut > would you like like to have your domain name registration data published = in > the WHOIS/RDS database? * That way there are no traps for the unwary, no > legal liability for wrong answers, and our NCSG members don't have to > become great data protection scholars before registering a domain ame. > > I think we'll find that some companies, organizations and individuals wil= l > want their data published and some won't (banks were one of the biggest > users of proxy/privacy services in the WHOIS I Review Team Studies). It's= a > clear question with no legal liability for wrong answers. > > Are we done? Does this work? It seems odd that it would be so simple, > but I'm willing to take "yes" for an answer :-). > > ------------------------- > > As for WHOIS/RDS data, please don't diminish its value. On the first > WHOIS Reveiw Team (I vice-chaired), we found great concern about > then-massive publication of WHOIS data. The WHOIS/RDS databases were > (before GDPR) a major place to associate a speaker and his/her speech. > That's a huge issue, especially for speakers and organizations who are > supposed to be assured privacy under freedom of expression, free speech a= nd > freedom of association laws. > > For our NCSG members, this is a real problem since this association can > lead to jailing, fining, doxxing, and more of themselves or their > familiers. We are the human rights representatives in ICANN, among other > groups and orgs we represent. No other Stakeholder Group faces the risks > that our members - and those we speak for across the world - do. > > In our Review Team research, we also clear evidence of data miners > gathering WHOIS data in large numbers. It was part of the large system of > data mining and profiling - and the EU is right, IMHO, to work to shut th= is > down. > > *So can we leave the binary question aside and ask the underlying > question: Do you want your data published? It leads to a much clearer, > cleaner, simpler answer without unintended legal liability and pitfalls.* > > Best regards, > Kathy > > > > > > Quoting "Mueller, Milton L" <[log in to unmask]>: > > > Kathy, > > Thanks for your helpful intervention. I especially liked your > > discussion of this: > > > > a) Is a name =E2=80=9Cpersonal data=E2=80=9D? > > b) Is an address =E2=80=9Cpersonal data=E2=80=9D? > > c) Is a cell phone =E2=80=9Cpersonal data=E2=80=9D? > > d) Is an email =E2=80=9Cpersonal data=E2=80=9D? > > > > Thinking about this problem =E2=80=93 what is personal data =E2=80=93 i= s what led me > > to start modifying my position on this issue. In a digital world > > there is no hard, well-defined nugget of data that is =E2=80=9Cpersonal= =E2=80=9D and > > everything else is not. Your =E2=80=9Cpersonality=E2=80=9D is reflected= in a lot of > > _activity_ on the net, and anyone who can gather and correlate all of > > those footprints knows a lot of personal info about you. True, your > > name and location, where you live, or your SSN or national identity > > number of drivers=E2=80=99 license, provide a stronger basis for puttin= g all > > these correlations into an actionable identity. And that data is out > > there in a number of places, whois is relatively small part of that > > problem. A very small part, in fact > > > > This is one of the reasons I don=E2=80=99t like Stephanie=E2=80=99s pro= posed approach > > (I will try to answer her message separately). Instead of a simple > > self-designation as legal or natural (company or individual), they > > want to try to force registrars into an elaborate process of > > eliminating personal data from the record. But anything can be > > personal data. OR some things that seem to be personal are not so > > personal. I think such a process is going to make registering a > > domain complicated and expensive and ultimately will not protect > > much. Worse, such a process will also be a camel=E2=80=99s nose under t= he > > tent process in which registrars assume more and more responsibility > > for determining the accuracy of registration data and for verifying > > the identity of everyone who registers. > > > > Let=E2=80=99s keep it simple and under the registrants=E2=80=99 control= . The more you > > involve third party rules and regulations in the registration > > process, the more complicated and expensive it becomes, and the > > privacy gains of such processes are miniscule, they are mostly > > hypothetical and theoretical. > > > > So I think it is simplest to just say to the registrant, if you=E2=80= =99re a > > company and don=E2=80=99t mind (or even want) your data to be published= , > > check this box. If you=E2=80=99re not, or you do mind, don=E2=80=99t ch= eck it. > > --000000000000b379ac05c0f6e922 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">Hello all,=C2=A0<div><br></div><div>I'm Assistant Prof= essor in Law and Digital Technologies at Leiden University in the Netherlan= ds. I wanted to add a little European perspective to this thread. I find it= all a bit bizarre and some of the arguments to be a little off point. Arti= cle 4(1) GDPR states that personal data is 'any information related to = an identifiable=C2=A0living=C2=A0person', The Article 29 Working Party = has made this clear - ANY information is to be interpreted very broadly. Th= is approach has been endorsed by the CJEU. Furthermore, it matters not whet= her someone has given permission, consented, or otherwise. It is still pers= onal data and as far as the GDPR goes, you need to have a valid ground for = processing personal data - otherwise you=C2=A0will be falling foul of the R= egulation. Pseudonymous=C2=A0data is also to be considered personal data. E= ither way, the Registrars will be processing personal data if any informati= on is related to a living individual.=C2=A0</div><div><br></div><div>Let me= answer Kathy's questions=C2=A0 -</div><div><br></div><div><span style= =3D"font-family:Arial">a)=C2=A0 =C2=A0 =C2=A0 Is a name =E2=80=9Cpersonal d= ata=E2=80=9D? <b>YES</b></span><br style=3D"font-family:Arial"><span style= =3D"font-family:Arial">b)=C2=A0 =C2=A0 =C2=A0 Is an address =E2=80=9Cperson= al data=E2=80=9D? <b>YES - because it is 'any information' 'rel= ating to' a living individual (the people that live there)</b></span></= div><div><span style=3D"font-family:Arial">c)=C2=A0 =C2=A0 =C2=A0 =C2=A0Is = a cell phone =E2=80=9Cpersonal data=E2=80=9D? <b>YES - because it is inform= ation that relates to a living individual</b></span></div><div><span style= =3D"font-family:Arial">d)=C2=A0 =C2=A0 =C2=A0 Is an email =E2=80=9Cpersonal= data=E2=80=9D? <b>YES - because most emails are related to an identifiable= person. Kathy's email above relates to her, therefore, it is personal = data.=C2=A0</b></span><br></div><div><span style=3D"font-family:Arial"><b><= br></b></span></div><div><font face=3D"Arial">Therefore, <a href=3D"mailto:= [log in to unmask]">[log in to unmask]</a> is personal data if someone behind it is= identifiable. If more than one person is running that account it would amo= unt to personal data about BOTH individuals. So Kathy is kind of right here= .=C2=A0</font><span style=3D"font-family:Arial">As far as the GDPR goes, yo= u are processing personal data. Furthermore, even if someone is not identif= iable, if the email is able to be combined with data from another set to re= veal the user of the account, the email would still amount to 'personal= data' within the meaning of Article 4(1).=C2=A0</span></div><div><span= style=3D"font-family:Arial"><br></span></div><div><span style=3D"font-fami= ly:Arial">Stephanie's email made reference to the fact that employees d= o not know and understand their rights. The GDPR offers=C2=A0the type of pr= otection that makes this irrelevant.. They are protected. The GDPR would al= so protect 'legal persons' if there is a natural person behind the = entity that is identifiable. The confusion comes from=C2=A0</span>Recital 1= 4 of the GDPR which states that it only applies to natural persons and does= not cover the processing of personal data concerning legal persons, in par= ticular undertakings established as legal persons or legal entities. This a= lso includes the name of the legal person, the form, and the contact detail= s of the legal person.</div><div><br></div><div>But the second you start ad= ding identifiers to these details, it stops becoming the data of a 'leg= al person' and starts becoming personal data.=C2=A0</div><div><br></div= ><div>Secondly, I find this statement, "I think it is simplest to just= say to the registrant, if you=E2=80=99re a company and don=E2=80=99t mind = (or even want) your data to be published, check this box. If you=E2=80=99re= not, or you do mind, don=E2=80=99t check it."=C2=A0 to be BOTH perplexing and inaccurate.=C2=A0=C2=A0</div><div><br></div><div= >Whether someone checks the box, or does not check the box is completely ir= relevant for determining whether it is personal data. Whether someone check= s the box is a question of CONSENT to processing AND publication, not wheth= er this amounts to personal data. So If MIlton's position (as represent= ed by Stephanie is true), if the Registrars overrule the designation of a r= egistrant or whether Stephanie's approach of 'erring on the side of= caution' is viable. Registrants must protect personal data as a legal = obligation - and must have a legal ground for processing personal data in a= ll instances. Remember the GDPR has extra-jurisdictional effects.=C2=A0 If = a registrant chooses to self-designate as a legal person or not is irreleva= nt for the purposes of the GDPR. If a registrar decides to identify you, or= take steps to do so then they are processing personal data and need a lega= l basis for doing so. If the legal person becomes identifiable, then the re= gistrar is STILL processing personal data. And it would make sense for them= to have a LEGAL BASIS for doing so.=C2=A0</div><div><br></div><div>So with= out a lot of further discussion from me about the three emails in this thre= ad, I would just conclude that what you are all proposing is somewhat irrel= evant for compliance with European data privacy obligations. If the person = is identifiable from the data, the registrar will be processing personal da= ta if there is a living individual that is related to that personal data. T= he Registrar might not want to be a data controller and subject to the GDPR= 's=C2=A0obligations. Although a legal person might not be considered &#= 39;personal data' under Recital 14, if this data can be combined with a= dditional data, it will become personal data. Therefore it is not a questio= n of whether they should designate as a legal person or not, it is whether = either a 'natural' person or a 'legal' person consents to t= he publication of its data.=C2=A0</div><div><br></div><div>Finally, Kathy, = MIlton, and Stephanie are confusing the regulatory obligations under the GD= PR, with the privacy rights of both the EU Charter and the European Convent= ion of Human Rights. Data Protection is a STANDALONE fundamental right in E= urope. While you may be compliant with the GDPR but you have to ALSO be com= pliant with the privacy obligations of the European Convention of Human Rig= hts. Therefore, to build on Kathy's suggestion in the email thread and = to cover the GDPR's requirements and the ECHR's=C2=A0privacy obliga= tions, I would argue that the question needs to be at least the following: = 'do you consent to your domain name registration data being published i= n the WHOIS/RDS database?'.=C2=A0 I would also argue that the default s= hould be 'no' in order to comply with both the GDPR and European pr= ivacy obligations.=C2=A0</div><div><br></div><div>Happy to discuss further.= =C2=A0</div><div><br></div><div>Regards,</div><div><br>Mark=C2=A0</div><div= ><br></div><div><div><div dir=3D"ltr" class=3D"gmail_signature" data-smartm= ail=3D"gmail_signature"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr">= <div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div di= r=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"lt= r"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div><div style=3D"fo= nt-size:12.8px"><b><font color=3D"#674ea7"><span style=3D"font-size:small;f= ont-family:Tahoma">Dr Mark Leiser | </span><span style=3D"font-size:small">= Law and Digital Technologies=C2=A0</span><span style=3D"font-size:small;fon= t-family:Tahoma">| FRSA FHEA=C2=A0</span><span style=3D"font-family:Tahoma;= font-size:small">|</span></font></b></div></div></div></div></div></div></d= iv></div></div></div></div></div></div></div></div></div></div></div></div>= <br></div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gm= ail_attr">On Mon, 26 Apr 2021 at 14:19, <[log in to unmask]> wrote:<br><= /div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;bo= rder-left:1px solid rgb(204,204,204);padding-left:1ex"><u></u> <div style=3D"font-family:Arial;font-size:14px"> <p>Dear Milton,<br> This is a very important conversation we are having.=C2=A0 I'll respond= in order, but note that the most interesting thing you said was in your la= st sentence.=C2=A0 That's worth discussing!<br> <br> To my questions:<br> a)=C2=A0 =C2=A0 =C2=A0 Is a name =E2=80=9Cpersonal data=E2=80=9D?<br> > b)=C2=A0 =C2=A0 =C2=A0 Is an address =E2=80=9Cpersonal data=E2=80=9D?<= br> > c)=C2=A0 =C2=A0 =C2=A0 =C2=A0Is a cell phone =E2=80=9Cpersonal data=E2= =80=9D?<br> > d)=C2=A0 =C2=A0 =C2=A0 Is an email =E2=80=9Cpersonal data=E2=80=9D?<br= > ><br> <br> You believe "In a digital world, there is no hard, well-defined nugget= of data that is =E2=80=9Cpersonal=E2=80=9D and<br> > everything else is not." <em>In the legal world, however, there h= ard but not fast answers.=C2=A0</em> That's why after being an attorney= in this space for a long time, I can tell you that the answer is "it = depends" to many of the questions above. Under EU rules, my email can = be personal data since it includes my name.=C2=A0 Under EU rules, as I unde= rstand them, even <a href=3D"mailto:[log in to unmask]" target=3D"_blank">info@= myorg.org</a> can be personal data if only person runs the "Info"= desk of a hypothetical "myorg".<br> <br> These are not easy questions for anyone going through the fast process of d= omain name registrations (where questions should be clear and straightforwa= rd).<br> <br> Please do not underestimate the value of domain name data. SSN, driver'= s licenses and national ID cards all have high level of protection under na= tional and state laws.=C2=A0 They are not available in 24*7 open and public= databases as WHOIS has been (prior to GDPR-based redaction). More on this = below.<br> <br> <strong>But happily, you email ended on a stunning note:<br> <br> > So I think it is simplest to just say to the registrant, if you=E2=80= =99re a<br> > company and don=E2=80=99t mind (or even want) your data to be publishe= d,<br> > check this box. If you=E2=80=99re not, or you do mind, don=E2=80=99t c= heck it.</strong><br> <br> <em><strong>Great - can we ask exactly what you said above?!=C2=A0</strong>= </em> <strong>Not the binary question: are you a legal or natural person (w= ith its legal liability), but <em>would you like like to have your domain n= ame registration data published in the WHOIS/RDS database?=C2=A0</em></stro= ng> That way there are no traps for the unwary, no legal liability for wron= g answers, and our NCSG members don't have to become great data protect= ion scholars before registering a domain ame.<br> <br> I think we'll find that some companies, organizations and individuals w= ill want their data published and some won't (banks were one of the big= gest users of proxy/privacy services in the WHOIS I Review Team Studies). I= t's a clear question with no legal liability for wrong answers.<br> <br> Are we done?=C2=A0 Does this work?=C2=A0 It seems odd that it would be so s= imple, but I'm willing to take "yes" for an answer :-).<br> <br> -------------------------<br> <br> As for WHOIS/RDS data, please don't diminish its value.=C2=A0 On the fi= rst WHOIS Reveiw Team (I vice-chaired), we found great concern about then-m= assive publication of WHOIS data. The WHOIS/RDS databases were (before GDPR= ) a major place to associate a speaker and his/her speech.=C2=A0 That's= a huge issue, especially for speakers and organizations who are supposed t= o be assured privacy under freedom of expression, free speech and freedom o= f association laws.=C2=A0<br> <br> For our NCSG members, this is a real problem since this association can lea= d to jailing, fining, doxxing, and more of themselves or their familiers.= =C2=A0 We are the human rights representatives in ICANN, among other groups= and orgs we represent. No other Stakeholder Group faces the risks that our= members - and those we speak for across the world - do.<br> <br> In our Review Team research, we also clear evidence of data miners gatherin= g WHOIS data in large numbers. It was part of the large system of data mini= ng and profiling - and the EU is right, IMHO, to work to shut this down.<br= > <br> <em>So can we leave the binary question aside and ask the underlying questi= on:=C2=A0 Do you want your data published?=C2=A0 It leads to a much clearer= , cleaner, simpler answer without unintended legal liability and pitfalls.<= /em><br> <br> Best regards,<br> Kathy<br> <br> <br> <br> ><br> Quoting "Mueller, Milton L" <<a href=3D"mailto:[log in to unmask] du" target=3D"_blank">[log in to unmask]</a>>:<br> <br> > Kathy,<br> > Thanks for your helpful intervention. I especially liked your<br> > discussion of this:<br> ><br> > a)=C2=A0 =C2=A0 =C2=A0 Is a name =E2=80=9Cpersonal data=E2=80=9D?<br> > b)=C2=A0 =C2=A0 =C2=A0 Is an address =E2=80=9Cpersonal data=E2=80=9D?<= br> > c)=C2=A0 =C2=A0 =C2=A0 =C2=A0Is a cell phone =E2=80=9Cpersonal data=E2= =80=9D?<br> > d)=C2=A0 =C2=A0 =C2=A0 Is an email =E2=80=9Cpersonal data=E2=80=9D?<br= > ><br> > Thinking about this problem =E2=80=93 what is personal data =E2=80=93 = is what led me<br> > to start modifying my position on this issue. In a digital world<br> > there is no hard, well-defined nugget of data that is =E2=80=9Cpersona= l=E2=80=9D and<br> > everything else is not. Your =E2=80=9Cpersonality=E2=80=9D is reflecte= d in a lot of<br> > _activity_ on the net, and anyone who can gather and correlate all of<= br> > those footprints knows a lot of personal info about you. True, your<br= > > name and location, where you live, or your SSN or national identity<br= > > number of drivers=E2=80=99 license, provide a stronger basis for putti= ng all<br> > these correlations into an actionable identity. And that data is out<b= r> > there in a number of places, whois is relatively small part of that<br= > > problem. A very small part, in fact<br> ><br> > This is one of the reasons I don=E2=80=99t like Stephanie=E2=80=99s pr= oposed approach<br> > (I will try to answer her message separately). Instead of a simple<br> > self-designation as legal or natural (company or individual), they<br> > want to try to force registrars into an elaborate process of<br> > eliminating personal data from the record. But anything can be<br> > personal data. OR some things that seem to be personal are not so<br> > personal. I think such a process is going to make registering a<br> > domain complicated and expensive and ultimately will not protect<br> > much. Worse, such a process will also be a camel=E2=80=99s nose under = the<br> > tent process in which registrars assume more and more responsibility<b= r> > for determining the accuracy of registration data and for verifying<br= > > the identity of everyone who registers.<br> ><br> > Let=E2=80=99s keep it simple and under the registrants=E2=80=99 contro= l. The more you<br> > involve third party rules and regulations in the registration<br> > process, the more complicated and expensive it becomes, and the<br> > privacy gains of such processes are miniscule, they are mostly<br> > hypothetical and theoretical.<br> ><br> > So I think it is simplest to just say to the registrant, if you=E2=80= =99re a<br> > company and don=E2=80=99t mind (or even want) your data to be publishe= d,<br> > check this box. If you=E2=80=99re not, or you do mind, don=E2=80=99t c= heck it.<br> <br></p> </div> </blockquote></div> --000000000000b379ac05c0f6e922-- ========================================================================= Date: Tue, 27 Apr 2021 19:35:42 +0000 Reply-To: "Mueller, Milton L" <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: "Mueller, Milton L" <[log in to unmask]> Subject: Re: EPDP policy issues - [adding Kathy] X-To: Mark Leiser <[log in to unmask]> In-Reply-To: <[log in to unmask]> Content-Type: multipart/alternative; boundary="_000_BN7PR07MB4689A55D0B73D70AA775DB92A1419BN7PR07MB4689namp_" MIME-Version: 1.0 Message-ID: <[log in to unmask]> --_000_BN7PR07MB4689A55D0B73D70AA775DB92A1419BN7PR07MB4689namp_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 TWFyaywNClRoYW5rcyBmb3IgeW91ciBpbnRlcnZlbnRpb24uIEhlcmUgaXMgdGhlIGNvbXBsZXRl IGRlZmluaXRpb24gb2YgcGVyc29uYWwgZGF0YSBpbiBHRFBSOg0K4oCYcGVyc29uYWwgZGF0YeKA mSBtZWFucyBhbnkgaW5mb3JtYXRpb24gcmVsYXRpbmcgdG8gYW4gaWRlbnRpZmllZCBvciBpZGVu dGlmaWFibGUgbmF0dXJhbCBwZXJzb24gKOKAmGRhdGEgc3ViamVjdOKAmSk7IGFuIGlkZW50aWZp YWJsZSBuYXR1cmFsIHBlcnNvbiBpcyBvbmUgd2hvIGNhbiBiZSBpZGVudGlmaWVkLCBkaXJlY3Rs eSBvciBpbmRpcmVjdGx5LCBpbiBwYXJ0aWN1bGFyIGJ5IHJlZmVyZW5jZSB0byBhbiBpZGVudGlm aWVyIHN1Y2ggYXMgYSBuYW1lLCBhbiBpZGVudGlmaWNhdGlvbiBudW1iZXIsIGxvY2F0aW9uIGRh dGEsIGFuIG9ubGluZSBpZGVudGlmaWVyIG9yIHRvIG9uZSBvciBtb3JlIGZhY3RvcnMgc3BlY2lm aWMgdG8gdGhlIHBoeXNpY2FsLCBwaHlzaW9sb2dpY2FsLCBnZW5ldGljLCBtZW50YWwsIGVjb25v bWljLCBjdWx0dXJhbCBvciBzb2NpYWwgaWRlbnRpdHkgb2YgdGhhdCBuYXR1cmFsIHBlcnNvbjsN CkFsYXMsIHRoaXMgcmFpc2VzIG1vcmUgcXVlc3Rpb25zIHRoYW4gaXQgYW5zd2Vycy4gSXQgaXMg bm90IGVudGlyZWx5IGNsZWFyIHdoYXQg4oCccmVsYXRpbmcgdG/igJ0gbWVhbnMgaW4gdGhpcyBj b25zdHJ1Y3QuIEUuZy4sIGlmIHRoZSBuYW1lIG9mIG15IGNvbXBhbnkgaXMgTWlsdG9uIE11ZWxs ZXLigJlzIFBvcmtiZWxseSBEaW5lciwgaXMgdGhlIG5hbWUgcmVsYXRpbmcgdG8gbWUgYXMgYSBw ZXJzb24sIG9yIHRvIG15IGJ1c2luZXNzPyBTdHJpY3RseSBzcGVha2luZyBpdOKAmXMgYSBidXNp bmVzcyBuYW1lLiBCdXQgaXQgY291bGQgYmUgdXNlZCB0byBpZGVudGlmeSBtZS4gQW4gb3Zlcmx5 IGJyb2FkIGludGVycHJldGF0aW9uIG9mIHRoaXMgZGVmaW5pdGlvbiB3b3VsZCBjbGFzc2lmeSBB TlkgZGF0YSBhYm91dCBBTllUSElORyBhcyDigJxwZXJzb25hbCBkYXRh4oCdIGJlY2F1c2UgYXQg c29tZSBwb2ludCBpdCBjb3VsZCBiZSDigJxyZWxhdGVkIHRv4oCdIGFuIOKAnGlkZW50aWZpYWJs ZSBuYXR1cmFsIHBlcnNvbi7igJ0gU28gc3VkZGVubHkgdGhlIGJ1c2luZXNzIG5hbWUgYmVjb21l cyBwZXJzb25hbCBkYXRhLiBPciBhIGJ1bmNoIG9mIG9ic2N1cmUgdGVjaG5pY2FsIGluZGljYXRv cnMgaW5oZXJlbnQgaW4geW91ciB1c2Ugb2YgdGhlIGludGVybmV0LCBzdWNoIGFzIHBvcnQgbnVt YmVycywgYnJvd3NlciBjb25maWcsIGV0Yy4sIGNvdWxkIGJlIOKAnHJlbGF0ZWTigJ0gdG8geW91 ciBJU1AgYWNjb3VudCBudW1iZXIsIGFuZCB0aGVuIHVzZWQgdG8gaWRlbnRpZnkgeW91LCBwZXJz b25hbGx5LiBCdXQgZG9lcyB0aGF0IG1lYW4gdGhhdCBldmVyeSB3ZWJzaXRlIGFuZCBob3N0aW5n IHNlcnZpY2UgaW4gdGhlIHdvcmxkIHRoYXQgdXNlcyB0aGF0IHRlY2huaWNhbCBkYXRhIGluIHRo ZSBjb3Vyc2Ugb2YgdGhlaXIgb3BlcmF0aW9ucyBjYW5ub3QgcHJvY2VzcyB0aGF0IGluZm8gd2l0 aG91dCB5b3VyIGV4cGxpY2l0IHBlcm1pc3Npb24sIGJlY2F1c2UgaXTigJlzIOKAnHBlcnNvbmFs IGRhdGE/4oCdIEkgaG9wZSBub3QsIGJlY2F1c2UgdGhlIGludGVybmV0IHdvdWxkIGNlYXNlIHRv IGZ1bmN0aW9uIGlmIHNvLg0KDQo+VGhlcmVmb3JlLCBpbmZvQG15b3JnLm9yZzxtYWlsdG86aW5m b0BteW9yZy5vcmc+IGlzIHBlcnNvbmFsIGRhdGEgaWYgc29tZW9uZSBiZWhpbmQgaXQgaXMgaWRl bnRpZmlhYmxlLg0KDQpNeSBwb2ludCBpcyB0aGF0IHdoZXRoZXIgdGhlIHVzZXIgb2YgaW5mb0Bt eW9yZy5vcmc8bWFpbHRvOmluZm9AbXlvcmcub3JnPiBpcyBpZGVudGlmaWFibGUgZG9lcyBub3Qg ZGVwZW5kIG9uIHRoYXQgY2h1bmsgb2YgZGF0YSwgYnV0IG9uIGEgYnVuY2ggb2YgYWN0aXZpdGll cyB0aGF0IHJlbGF0ZSB0aGF0IGRhdGEgdG8gb3RoZXIgdGhpbmdzLiBBbmQgaW4gYSBkaWdpdGFs IHdvcmxkIHdpdGggcG93ZXJmdWwgcHJvY2Vzc2luZyBjYXBhYmlsaXRpZXMsIG5vIG9uZSBjYW4g ZnVsbHkgY29udHJvbCB0aG9zZSBjb3JyZWxhdGlvbnMgYW5kIHNlYXJjaGVzLiBBbnkgYXR0ZW1w dCB0byBkbyBzbyBzaW1wbHkgY3JpcHBsZXMgdGhlIGVudGlyZSBpbmZvcm1hdGlvbiBlY29ub215 LiBTbyB0aGUgaWRlYSBvZiBsb29raW5nIGF0IGEgcmVnaXN0cmF0aW9uIHJlY29yZCBhbmQgc2F5 aW5nIOKAnGlzIHRoZXJlIHBlcnNvbmFsIGRhdGEgaW4gaGVyZSBvciBub3TigJ0gaXMgYSBjb21w bGV0ZWx5IGludmFsaWQgdGVzdC4NCg0KVGhlcmUgaXMgYW4gZWVyaWUgc2ltaWxhcml0eSBiZXR3 ZWVuIHRoZXNlIGV4YWdnZXJhdGVkIGFwcGxpY2F0aW9ucyBvZiBwcml2YWN5IGxhdyBhbmQgdGhl IGNvcHlyaWdodCBtYXhpbWFsaXN0cyBvZiB0aGUgMTk5MHMuIFRoZSBJUCBpbnRlcmVzdHMgdGhv dWdodCB5b3UgbmVlZGVkIHBlcm1pc3Npb24gdG8gdHJhbnNtaXQgYSBjb3B5cmlnaHRlZCB3b3Jr IG92ZXIgdGhlIGludGVybmV0LCBhIGNsYWltIHRoYXQgd291bGQgaGF2ZSBjcmlwcGxlZCBJU1Bz IHdobyBoYWQgbm8gaWRlYSB3aGF0IHBhY2tldHMgd2VyZSBwYXJ0cyBvZiBjb3B5cmlnaHRlZCBt YXRlcmlhbCBvciBub3QuIFByaXZhY3kgbWF4aW1hbGlzdHMgaGF2ZSByZWFjaGVkIHRoZSBzYW1l IHBvaW50IG9mIGFic3VyZGl0eSwgYnV0IHRoZXkgZG9u4oCZdCBzZWVtIHRvIHJlYWxpemUgaXQu IFRoZXkgYXJlIG5vIGxvbmdlciBwcm90ZWN0aW5nIGEgdGFuZ2libGUgcHJpdmFjeSBpbnRlcmVz dCBvZiBpbnRlcm5ldCB1c2VycywgdGhleSBhcmUgdHJ5aW5nIHRvIGdpdmUgaW5kaXZpZHVhbHMg cmlnaWQgY29udHJvbCBvdmVyIGluZm9ybWF0aW9uIGV4Y2hhbmdlcyBhbmQgaW1wb3NpbmcgbGFy Z2VseSBtZWFuaW5nbGVzcyBjb25zZW50IHJlcXVpcmVtZW50cyB0aGF0IGRvIG5vIG9uZSBhbnkg Z29vZC4NCg0KPlRoZSBjb25mdXNpb24gY29tZXMgZnJvbSBSZWNpdGFsIDE0IG9mIHRoZSBHRFBS IHdoaWNoIHN0YXRlcyB0aGF0IGl0IG9ubHkgYXBwbGllcyB0byBuYXR1cmFsIHBlcnNvbnMgYW5k IGRvZXMgbm90IGNvdmVyIHRoZSBwcm9jZXNzaW5nIG9mIHBlcnNvbmFsIGRhdGEgY29uY2Vybmlu ZyBsZWdhbCBwZXJzb25zLCBpbiBwYXJ0aWN1bGFyIHVuZGVydGFraW5ncyBlc3RhYmxpc2hlZCBh cyBsZWdhbCBwZXJzb25zIG9yIGxlZ2FsIGVudGl0aWVzLiBUaGlzIGFsc28gaW5jbHVkZXMgdGhl IG5hbWUgb2YgdGhlIGxlZ2FsIHBlcnNvbiwgdGhlIGZvcm0sIGFuZCB0aGUgY29udGFjdCBkZXRh aWxzIG9mIHRoZSBsZWdhbCBwZXJzb24uIEJ1dCB0aGUgc2Vjb25kIHlvdSBzdGFydCBhZGRpbmcg aWRlbnRpZmllcnMgdG8gdGhlc2UgZGV0YWlscywgaXQgc3RvcHMgYmVjb21pbmcgdGhlIGRhdGEg b2YgYSAnbGVnYWwgcGVyc29uJyBhbmQgc3RhcnRzIGJlY29taW5nIHBlcnNvbmFsIGRhdGEuDQoN ClllcywgaW5kZWVkLCB0aGUgR0RQUiBpcyBjb25mdXNlZCBvbiB0aGlzIHNjb3JlLiBVbmZvcnR1 bmF0ZWx5LCB5b3UgZG9u4oCZdCBlc2NhcGUgdGhhdCBjb25mdXNpb24gYnkgc2F5aW5nIOKAnGFk ZGluZyBpZGVudGlmaWVyc+KAnSBpcyB0aGUgcHJvYmxlbS4gWW91ciBhcmd1bWVudCBmYWlscyBi ZWNhdXNlIG5hbWVzIG9mIGxlZ2FsIHBlcnNvbnMgYW5kIGNvbnRhY3QgZGV0YWlscyBBUkUg4oCc aWRlbnRpZmllcnMs4oCdIHRoZXkgYXJlIGp1c3QgaWRlbnRpZmllcnMgb2YgbGVnYWwgcGVyc29u cy4gQXMgSSBwb2ludGVkIG91dCB0aGV5IGNhbiBlYXNpbHkgb3ZlcmxhcCB3aXRoLCBvciBiZSB1 c2VkIHRvIGlkZW50aWZ5LCBuYXR1cmFsIHBlcnNvbnMuDQoNClNvIG15IGJhc2ljIHBvaW50IGlz IHRoYXQgd2UgZG8gbm90IHNvbHZlIHRoaXMgcHJvYmxlbSBieSByZWZlcmVuY2UgdG8gR0RQUiBk ZWZpbml0aW9ucy4gSW4gZmFjdCBpZiBHRFBSIGlzIHRha2VuIGxpdGVyYWxseSBubyBvbmUgY2Fu IGV2ZXIgcHVibGlzaCBhbmQgc2hhcmUgYW55IGtpbmQgb2YgaW5mb3JtYXRpb24gd2l0aG91dCBh YnN1cmQgb3ZlcmhlYWQgYW5kIGxlZ2FsIGJ1cmVhdWNyYWN5LCBiZWNhdXNlIEFMTCBvZiBpdCBj YW4gYmUgdXNlZCB0byBpZGVudGlmeSB5b3UgaW4gc29tZSB3YXkuIFRoZXNlIGtpbmRzIG9mIGlu dGVycHJldGF0aW9ucyBhY3R1YWxseSBkaXNjcmVkaXQgcHJpdmFjeSBsYXdzIGFuZCBwcm90ZWN0 aW9ucywgYnkgdGFraW5nIHRoZW0gdG8gY291bnRlcnByb2R1Y3RpdmUgbGVuZ3Rocy4gV2UgaGF2 ZSB0byBtYWtlIGNvbW1vbiBzZW5zZS1iYXNlZCwgcHJhY3RpY2FsIGRpc3RpbmN0aW9ucyBiZXR3 ZWVuIHdoYXQgZGF0YSBuZWVkcyBwcm90ZWN0aW9uLCB3aGF0IGRhdGEgY2FuIGJlIGVhc2lseSBz aGFyZWQgYXQgdGhlIHJlZ2lzdHJhbnRz4oCZIGNob2ljZS4NCg0KU2Vjb25kbHksIEkgZmluZCB0 aGlzIHN0YXRlbWVudCwgIkkgdGhpbmsgaXQgaXMgc2ltcGxlc3QgdG8ganVzdCBzYXkgdG8gdGhl IHJlZ2lzdHJhbnQsIGlmIHlvdeKAmXJlIGEgY29tcGFueSBhbmQgZG9u4oCZdCBtaW5kIChvciBl dmVuIHdhbnQpIHlvdXIgZGF0YSB0byBiZSBwdWJsaXNoZWQsIGNoZWNrIHRoaXMgYm94LiBJZiB5 b3XigJlyZSBub3QsIG9yIHlvdSBkbyBtaW5kLCBkb27igJl0IGNoZWNrIGl0LiIgIHRvIGJlIEJP VEggcGVycGxleGluZyBhbmQgaW5hY2N1cmF0ZS4gIFdoZXRoZXIgc29tZW9uZSBjaGVja3MgdGhl IGJveCwgb3IgZG9lcyBub3QgY2hlY2sgdGhlIGJveCBpcyBjb21wbGV0ZWx5IGlycmVsZXZhbnQg Zm9yIGRldGVybWluaW5nIHdoZXRoZXIgaXQgaXMgcGVyc29uYWwgZGF0YS4gV2hldGhlciBzb21l b25lIGNoZWNrcyB0aGUgYm94IGlzIGEgcXVlc3Rpb24gb2YgQ09OU0VOVCB0byBwcm9jZXNzaW5n IEFORCBwdWJsaWNhdGlvbiwgbm90IHdoZXRoZXIgdGhpcyBhbW91bnRzIHRvIHBlcnNvbmFsIGRh dGEuDQoNCldlIGFjdHVhbGx5IHNlZW0gdG8gYWdyZWUgaGVyZSwgbW9yZSB0aGFuIHlvdSB0aGlu ay4gSSBhbSBzYXlpbmcgdGhhdCB0aGUgdXNlciwgdGhlIHJlZ2lzdHJhbnQsIGdldHMgdG8gZGVj aWRlIHdoYXQgaXMgcGVyc29uYWwgZGF0YSBvciBub3QsIGJlY2F1c2UgVEhFUkUgSVMgTk8gT0JK RUNUSVZFLCBDTEVBUiBMRUdBTCBERUZJTklUSU9OLiBTbyB0aGUgdXNlciBjYW4gZGVjaWRlIHdo ZXRoZXIgdGhleSB3YW50IHRvIGJlIGNsYXNzaWZpZWQgYXMgYSBsZWdhbCBwZXJzb24gYW5kIOKA nGNvbnNlbnTigJ0gdG8gcHVibGlzaGluZyB0aGVpciBkYXRhIG9yIG5vdC4gQXMgYW4gZXhhbXBs ZSwgdGhhdCBpZiBJIGRlY2lkZSB0aGF0IHB1Ymxpc2hpbmcgdGhlIG5hbWUgb2Yg4oCcTWlsdG9u IE11ZWxsZXLigJlzIFBvcmtiZWxseSBEaW5lcuKAnSBpcyBub3QgYSB2aW9sYXRpb24gb2YgbXkg cHJpdmFjeSwgaXQgaXNu4oCZdC4gSXQgZG9lc27igJl0IG1hdHRlciB3aGF0IHRoZSBFdXJvcGVh biBVbmlvbiBzYXlzLCBpdOKAmXMgbXkgY2hvaWNlLg0KDQpBbmQgbGV04oCZcyBub3Qgb3Zlcmxv b2sgdGhlIGVtYmFycmFzc2luZyBmYWN0IHRoYXQgdGhlIEV1cm9wZWFuIFVuaW9uIGlzIG5vdyBv bmUgb2YgdGhlIGtleSBwbGF5ZXJzIHB1c2hpbmcgaGFyZCBmb3IgcHVibGljYXRpb24gb2YgbGVn YWwgcGVyc29uIGRhdGEuIEJ1dCBJ4oCZbGwgbGVhdmUgdGhhdCBvbmUgdG8gbGF0ZXIuDQo= --_000_BN7PR07MB4689A55D0B73D70AA775DB92A1419BN7PR07MB4689namp_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6bz0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6b2ZmaWNlIiB4 bWxuczp3PSJ1cm46c2NoZW1hcy1taWNyb3NvZnQtY29tOm9mZmljZTp3b3JkIiB4bWxuczptPSJo dHRwOi8vc2NoZW1hcy5taWNyb3NvZnQuY29tL29mZmljZS8yMDA0LzEyL29tbWwiIHhtbG5zPSJo dHRwOi8vd3d3LnczLm9yZy9UUi9SRUMtaHRtbDQwIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVp dj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiPg0KPG1l dGEgbmFtZT0iR2VuZXJhdG9yIiBjb250ZW50PSJNaWNyb3NvZnQgV29yZCAxNSAoZmlsdGVyZWQg bWVkaXVtKSI+DQo8c3R5bGU+PCEtLQ0KLyogRm9udCBEZWZpbml0aW9ucyAqLw0KQGZvbnQtZmFj ZQ0KCXtmb250LWZhbWlseToiQ2FtYnJpYSBNYXRoIjsNCglwYW5vc2UtMToyIDQgNSAzIDUgNCA2 IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToy IDE1IDUgMiAyIDIgNCAzIDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OiJTZWdvZSBV SSI7DQoJcGFub3NlLTE6MiAxMSA1IDIgNCAyIDQgMiAyIDM7fQ0KQGZvbnQtZmFjZQ0KCXtmb250 LWZhbWlseTppbmhlcml0Ow0KCXBhbm9zZS0xOjAgMCAwIDAgMCAwIDAgMCAwIDA7fQ0KLyogU3R5 bGUgRGVmaW5pdGlvbnMgKi8NCnAuTXNvTm9ybWFsLCBsaS5Nc29Ob3JtYWwsIGRpdi5Nc29Ob3Jt YWwNCgl7bWFyZ2luOjBpbjsNCgltYXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1zaXplOjEy LjBwdDsNCglmb250LWZhbWlseToiVGltZXMgTmV3IFJvbWFuIixzZXJpZjt9DQphOmxpbmssIHNw YW4uTXNvSHlwZXJsaW5rDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjpibHVlOw0K CXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KYTp2aXNpdGVkLCBzcGFuLk1zb0h5cGVybGlu a0ZvbGxvd2VkDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjpwdXJwbGU7DQoJdGV4 dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQpwDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCglt c28tbWFyZ2luLXRvcC1hbHQ6YXV0bzsNCgltYXJnaW4tcmlnaHQ6MGluOw0KCW1zby1tYXJnaW4t Ym90dG9tLWFsdDphdXRvOw0KCW1hcmdpbi1sZWZ0OjBpbjsNCglmb250LXNpemU6MTIuMHB0Ow0K CWZvbnQtZmFtaWx5OiJUaW1lcyBOZXcgUm9tYW4iLHNlcmlmO30NCnAubXNvbm9ybWFsMCwgbGku bXNvbm9ybWFsMCwgZGl2Lm1zb25vcm1hbDANCgl7bXNvLXN0eWxlLW5hbWU6bXNvbm9ybWFsOw0K CW1zby1tYXJnaW4tdG9wLWFsdDphdXRvOw0KCW1hcmdpbi1yaWdodDowaW47DQoJbXNvLW1hcmdp bi1ib3R0b20tYWx0OmF1dG87DQoJbWFyZ2luLWxlZnQ6MGluOw0KCWZvbnQtc2l6ZToxMi4wcHQ7 DQoJZm9udC1mYW1pbHk6IlRpbWVzIE5ldyBSb21hbiIsc2VyaWY7fQ0Kc3Bhbi5FbWFpbFN0eWxl MjENCgl7bXNvLXN0eWxlLXR5cGU6cGVyc29uYWw7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLHNh bnMtc2VyaWY7DQoJY29sb3I6IzFGNDk3RDt9DQpzcGFuLkVtYWlsU3R5bGUyMg0KCXttc28tc3R5 bGUtdHlwZTpwZXJzb25hbC1jb21wb3NlOw0KCWZvbnQtZmFtaWx5OiJDYWxpYnJpIixzYW5zLXNl cmlmOw0KCWNvbG9yOndpbmRvd3RleHQ7fQ0KLk1zb0NocERlZmF1bHQNCgl7bXNvLXN0eWxlLXR5 cGU6ZXhwb3J0LW9ubHk7DQoJZm9udC1mYW1pbHk6IkNhbGlicmkiLHNhbnMtc2VyaWY7fQ0KQHBh Z2UgV29yZFNlY3Rpb24xDQoJe3NpemU6OC41aW4gMTEuMGluOw0KCW1hcmdpbjoxLjBpbiAxLjBp biAxLjBpbiAxLjBpbjt9DQpkaXYuV29yZFNlY3Rpb24xDQoJe3BhZ2U6V29yZFNlY3Rpb24xO30N Ci8qIExpc3QgRGVmaW5pdGlvbnMgKi8NCkBsaXN0IGwwDQoJe21zby1saXN0LWlkOjMzMjQxNjIz MjsNCgltc28tbGlzdC10ZW1wbGF0ZS1pZHM6LTE4MjEwODg5MjQ7fQ0KQGxpc3QgbDENCgl7bXNv LWxpc3QtaWQ6MTMzMjAyOTM2MTsNCgltc28tbGlzdC10ZW1wbGF0ZS1pZHM6LTI5OTM2ODQxNjt9 DQpvbA0KCXttYXJnaW4tYm90dG9tOjBpbjt9DQp1bA0KCXttYXJnaW4tYm90dG9tOjBpbjt9DQot LT48L3N0eWxlPg0KPC9oZWFkPg0KPGJvZHkgbGFuZz0iRU4tVVMiIGxpbms9ImJsdWUiIHZsaW5r PSJwdXJwbGUiPg0KPGRpdiBjbGFzcz0iV29yZFNlY3Rpb24xIj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGli cmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj5NYXJrLA0KPG86cD48L286cD48L3Nw YW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4w cHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5 N0QiPlRoYW5rcyBmb3IgeW91ciBpbnRlcnZlbnRpb24uIEhlcmUgaXMgdGhlIGNvbXBsZXRlIGRl ZmluaXRpb24gb2YgcGVyc29uYWwgZGF0YSBpbiBHRFBSOjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6MTIuMHB0O21h cmdpbi1yaWdodDowaW47bWFyZ2luLWJvdHRvbToxMi4wcHQ7bWFyZ2luLWxlZnQ6MzAuMHB0O2Jh Y2tncm91bmQ6d2hpdGU7dmVydGljYWwtYWxpZ246YmFzZWxpbmUiPg0KPHNwYW4gc3R5bGU9ImZv bnQtZmFtaWx5OiZxdW90O2luaGVyaXQmcXVvdDssc2VyaWY7Y29sb3I6IzMzMzMzMyI+4oCYcGVy c29uYWwgZGF0YeKAmSBtZWFucyBhbnkgaW5mb3JtYXRpb24gcmVsYXRpbmcgdG8gYW4gaWRlbnRp ZmllZCBvciBpZGVudGlmaWFibGUgbmF0dXJhbCBwZXJzb24gKOKAmGRhdGEgc3ViamVjdOKAmSk7 IGFuIGlkZW50aWZpYWJsZSBuYXR1cmFsIHBlcnNvbiBpcyBvbmUgd2hvIGNhbiBiZSBpZGVudGlm aWVkLCBkaXJlY3RseSBvciBpbmRpcmVjdGx5LCBpbg0KIHBhcnRpY3VsYXIgYnkgcmVmZXJlbmNl IHRvIGFuIGlkZW50aWZpZXIgc3VjaCBhcyBhIG5hbWUsIGFuIGlkZW50aWZpY2F0aW9uIG51bWJl ciwgbG9jYXRpb24gZGF0YSwgYW4gb25saW5lIGlkZW50aWZpZXIgb3IgdG8gb25lIG9yIG1vcmUg ZmFjdG9ycyBzcGVjaWZpYyB0byB0aGUgcGh5c2ljYWwsIHBoeXNpb2xvZ2ljYWwsIGdlbmV0aWMs IG1lbnRhbCwgZWNvbm9taWMsIGN1bHR1cmFsIG9yIHNvY2lhbCBpZGVudGl0eSBvZiB0aGF0IG5h dHVyYWwNCiBwZXJzb247PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1h bCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJy aSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0QiPkFsYXMsIHRoaXMgcmFpc2VzIG1vcmUg cXVlc3Rpb25zIHRoYW4gaXQgYW5zd2Vycy4gSXQgaXMgbm90IGVudGlyZWx5IGNsZWFyIHdoYXQg 4oCccmVsYXRpbmcgdG/igJ0gbWVhbnMgaW4gdGhpcyBjb25zdHJ1Y3QuIEUuZy4sIGlmIHRoZSBu YW1lIG9mIG15IGNvbXBhbnkgaXMgTWlsdG9uDQogTXVlbGxlcuKAmXMgUG9ya2JlbGx5IERpbmVy LCBpcyB0aGUgbmFtZSByZWxhdGluZyB0byBtZSBhcyBhIHBlcnNvbiwgb3IgdG8gbXkgYnVzaW5l c3M/IFN0cmljdGx5IHNwZWFraW5nIGl04oCZcyBhIGJ1c2luZXNzIG5hbWUuIEJ1dCBpdCBjb3Vs ZCBiZSB1c2VkIHRvIGlkZW50aWZ5IG1lLiBBbiBvdmVybHkgYnJvYWQgaW50ZXJwcmV0YXRpb24g b2YgdGhpcyBkZWZpbml0aW9uIHdvdWxkIGNsYXNzaWZ5IEFOWSBkYXRhIGFib3V0IEFOWVRISU5H IGFzIOKAnHBlcnNvbmFsDQogZGF0YeKAnSBiZWNhdXNlIGF0IHNvbWUgcG9pbnQgaXQgY291bGQg YmUg4oCccmVsYXRlZCB0b+KAnSBhbiDigJxpZGVudGlmaWFibGUgbmF0dXJhbCBwZXJzb24u4oCd IFNvIHN1ZGRlbmx5IHRoZSBidXNpbmVzcyBuYW1lIGJlY29tZXMgcGVyc29uYWwgZGF0YS4gT3Ig YSBidW5jaCBvZiBvYnNjdXJlIHRlY2huaWNhbCBpbmRpY2F0b3JzIGluaGVyZW50IGluIHlvdXIg dXNlIG9mIHRoZSBpbnRlcm5ldCwgc3VjaCBhcyBwb3J0IG51bWJlcnMsIGJyb3dzZXIgY29uZmln LA0KIGV0Yy4sIGNvdWxkIGJlIOKAnHJlbGF0ZWTigJ0gdG8geW91ciBJU1AgYWNjb3VudCBudW1i ZXIsIGFuZCB0aGVuIHVzZWQgdG8gaWRlbnRpZnkgeW91LCBwZXJzb25hbGx5LiBCdXQgZG9lcyB0 aGF0IG1lYW4gdGhhdCBldmVyeSB3ZWJzaXRlIGFuZCBob3N0aW5nIHNlcnZpY2UgaW4gdGhlIHdv cmxkIHRoYXQgdXNlcyB0aGF0IHRlY2huaWNhbCBkYXRhIGluIHRoZSBjb3Vyc2Ugb2YgdGhlaXIg b3BlcmF0aW9ucyBjYW5ub3QgcHJvY2VzcyB0aGF0IGluZm8NCiB3aXRob3V0IHlvdXIgZXhwbGlj aXQgcGVybWlzc2lvbiwgYmVjYXVzZSBpdOKAmXMg4oCccGVyc29uYWwgZGF0YT/igJ0gSSBob3Bl IG5vdCwgYmVjYXVzZSB0aGUgaW50ZXJuZXQgd291bGQgY2Vhc2UgdG8gZnVuY3Rpb24gaWYgc28u DQo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHls ZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMt c2VyaWY7Y29sb3I6IzFGNDk3RCI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPGRpdj4N CjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1 b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj4mZ3Q7PC9zcGFuPjxzcGFu IHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmIj5UaGVyZWZv cmUsDQo8YSBocmVmPSJtYWlsdG86aW5mb0BteW9yZy5vcmciPmluZm9AbXlvcmcub3JnPC9hPiBp cyBwZXJzb25hbCBkYXRhIGlmIHNvbWVvbmUgYmVoaW5kIGl0IGlzIGlkZW50aWZpYWJsZS48c3Bh biBzdHlsZT0iY29sb3I6IzFGNDk3RCI+PG86cD48L286cD48L3NwYW4+PC9zcGFuPjwvcD4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFt aWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj48bzpwPiZu YnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0i Zm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2Vy aWY7Y29sb3I6IzFGNDk3RCI+TXkgcG9pbnQgaXMgdGhhdCB3aGV0aGVyIHRoZSB1c2VyIG9mDQo8 YSBocmVmPSJtYWlsdG86aW5mb0BteW9yZy5vcmciPmluZm9AbXlvcmcub3JnPC9hPiBpcyBpZGVu dGlmaWFibGUgZG9lcyBub3QgZGVwZW5kIG9uIHRoYXQgY2h1bmsgb2YgZGF0YSwgYnV0IG9uIGEg YnVuY2ggb2YgYWN0aXZpdGllcyB0aGF0IHJlbGF0ZSB0aGF0IGRhdGEgdG8gb3RoZXIgdGhpbmdz LiBBbmQgaW4gYSBkaWdpdGFsIHdvcmxkIHdpdGggcG93ZXJmdWwgcHJvY2Vzc2luZyBjYXBhYmls aXRpZXMsIG5vIG9uZSBjYW4gZnVsbHkgY29udHJvbA0KIHRob3NlIGNvcnJlbGF0aW9ucyBhbmQg c2VhcmNoZXMuIEFueSBhdHRlbXB0IHRvIGRvIHNvIHNpbXBseSBjcmlwcGxlcyB0aGUgZW50aXJl IGluZm9ybWF0aW9uIGVjb25vbXkuIFNvIHRoZSBpZGVhIG9mIGxvb2tpbmcgYXQgYSByZWdpc3Ry YXRpb24gcmVjb3JkIGFuZCBzYXlpbmcg4oCcaXMgdGhlcmUgcGVyc29uYWwgZGF0YSBpbiBoZXJl IG9yIG5vdOKAnSBpcyBhIGNvbXBsZXRlbHkgaW52YWxpZCB0ZXN0LjxvOnA+PC9vOnA+PC9zcGFu PjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0 O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdE Ij48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh biBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7 LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+VGhlcmUgaXMgYW4gZWVyaWUgc2ltaWxhcml0eSBi ZXR3ZWVuIHRoZXNlIGV4YWdnZXJhdGVkIGFwcGxpY2F0aW9ucyBvZiBwcml2YWN5IGxhdyBhbmQg dGhlIGNvcHlyaWdodCBtYXhpbWFsaXN0cyBvZiB0aGUgMTk5MHMuIFRoZSBJUCBpbnRlcmVzdHMg dGhvdWdodCB5b3UgbmVlZGVkDQogcGVybWlzc2lvbiB0byB0cmFuc21pdCBhIGNvcHlyaWdodGVk IHdvcmsgb3ZlciB0aGUgaW50ZXJuZXQsIGEgY2xhaW0gdGhhdCB3b3VsZCBoYXZlIGNyaXBwbGVk IElTUHMgd2hvIGhhZCBubyBpZGVhIHdoYXQgcGFja2V0cyB3ZXJlIHBhcnRzIG9mIGNvcHlyaWdo dGVkIG1hdGVyaWFsIG9yIG5vdC4gUHJpdmFjeSBtYXhpbWFsaXN0cyBoYXZlIHJlYWNoZWQgdGhl IHNhbWUgcG9pbnQgb2YgYWJzdXJkaXR5LCBidXQgdGhleSBkb27igJl0IHNlZW0gdG8NCiByZWFs aXplIGl0LiBUaGV5IGFyZSBubyBsb25nZXIgcHJvdGVjdGluZyBhIHRhbmdpYmxlIHByaXZhY3kg aW50ZXJlc3Qgb2YgaW50ZXJuZXQgdXNlcnMsIHRoZXkgYXJlIHRyeWluZyB0byBnaXZlIGluZGl2 aWR1YWxzIHJpZ2lkIGNvbnRyb2wgb3ZlciBpbmZvcm1hdGlvbiBleGNoYW5nZXMgYW5kIGltcG9z aW5nIGxhcmdlbHkgbWVhbmluZ2xlc3MgY29uc2VudCByZXF1aXJlbWVudHMgdGhhdCBkbyBubyBv bmUgYW55IGdvb2QuPG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+ PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZx dW90OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwv cD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJjb2xv cjojMUY0OTdEIj4mZ3Q7PC9zcGFuPlRoZSBjb25mdXNpb24gY29tZXMgZnJvbSZuYnNwO1JlY2l0 YWwgMTQgb2YgdGhlIEdEUFIgd2hpY2ggc3RhdGVzIHRoYXQgaXQgb25seSBhcHBsaWVzIHRvIG5h dHVyYWwgcGVyc29ucyBhbmQgZG9lcyBub3QgY292ZXIgdGhlIHByb2Nlc3Npbmcgb2YgcGVyc29u YWwgZGF0YSBjb25jZXJuaW5nIGxlZ2FsIHBlcnNvbnMsIGluIHBhcnRpY3VsYXIgdW5kZXJ0YWtp bmdzDQogZXN0YWJsaXNoZWQgYXMgbGVnYWwgcGVyc29ucyBvciBsZWdhbCBlbnRpdGllcy4gVGhp cyBhbHNvIGluY2x1ZGVzIHRoZSBuYW1lIG9mIHRoZSBsZWdhbCBwZXJzb24sIHRoZSBmb3JtLCBh bmQgdGhlIGNvbnRhY3QgZGV0YWlscyBvZiB0aGUgbGVnYWwgcGVyc29uLjxzcGFuIHN0eWxlPSJj b2xvcjojMUY0OTdEIj4NCjwvc3Bhbj5CdXQgdGhlIHNlY29uZCB5b3Ugc3RhcnQgYWRkaW5nIGlk ZW50aWZpZXJzIHRvIHRoZXNlIGRldGFpbHMsIGl0IHN0b3BzIGJlY29taW5nIHRoZSBkYXRhIG9m IGEgJ2xlZ2FsIHBlcnNvbicgYW5kIHN0YXJ0cyBiZWNvbWluZyBwZXJzb25hbCBkYXRhLiZuYnNw OzxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQt c2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2Nv bG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0Nh bGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj5ZZXMsIGluZGVlZCwgdGhlIEdE UFIgaXMgY29uZnVzZWQgb24gdGhpcyBzY29yZS4gVW5mb3J0dW5hdGVseSwgeW91IGRvbuKAmXQg ZXNjYXBlIHRoYXQgY29uZnVzaW9uIGJ5IHNheWluZyDigJxhZGRpbmcgaWRlbnRpZmllcnPigJ0g aXMgdGhlIHByb2JsZW0uIFlvdXIgYXJndW1lbnQgZmFpbHMNCiBiZWNhdXNlIG5hbWVzIG9mIGxl Z2FsIHBlcnNvbnMgYW5kIGNvbnRhY3QgZGV0YWlscyBBUkUg4oCcaWRlbnRpZmllcnMs4oCdIHRo ZXkgYXJlIGp1c3QgaWRlbnRpZmllcnMgb2YgbGVnYWwgcGVyc29ucy4gQXMgSSBwb2ludGVkIG91 dCB0aGV5IGNhbiBlYXNpbHkgb3ZlcmxhcCB3aXRoLCBvciBiZSB1c2VkIHRvIGlkZW50aWZ5LCBu YXR1cmFsIHBlcnNvbnMuICZuYnNwOzxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90 O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj48bzpwPiZuYnNwOzwvbzpw Pjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXpl OjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6 IzFGNDk3RCI+U28gbXkgYmFzaWMgcG9pbnQgaXMgdGhhdCB3ZSBkbyBub3Qgc29sdmUgdGhpcyBw cm9ibGVtIGJ5IHJlZmVyZW5jZSB0byBHRFBSIGRlZmluaXRpb25zLiBJbiBmYWN0IGlmIEdEUFIg aXMgdGFrZW4gbGl0ZXJhbGx5IG5vIG9uZSBjYW4gZXZlciBwdWJsaXNoIGFuZCBzaGFyZQ0KIGFu eSBraW5kIG9mIGluZm9ybWF0aW9uIHdpdGhvdXQgYWJzdXJkIG92ZXJoZWFkIGFuZCBsZWdhbCBi dXJlYXVjcmFjeSwgYmVjYXVzZSBBTEwgb2YgaXQgY2FuIGJlIHVzZWQgdG8gaWRlbnRpZnkgeW91 IGluIHNvbWUgd2F5LiBUaGVzZSBraW5kcyBvZiBpbnRlcnByZXRhdGlvbnMgYWN0dWFsbHkgZGlz Y3JlZGl0IHByaXZhY3kgbGF3cyBhbmQgcHJvdGVjdGlvbnMsIGJ5IHRha2luZyB0aGVtIHRvIGNv dW50ZXJwcm9kdWN0aXZlIGxlbmd0aHMuIFdlDQogaGF2ZSB0byBtYWtlIGNvbW1vbiBzZW5zZS1i YXNlZCwgcHJhY3RpY2FsIGRpc3RpbmN0aW9ucyBiZXR3ZWVuIHdoYXQgZGF0YSBuZWVkcyBwcm90 ZWN0aW9uLCB3aGF0IGRhdGEgY2FuIGJlIGVhc2lseSBzaGFyZWQgYXQgdGhlIHJlZ2lzdHJhbnRz 4oCZIGNob2ljZS48bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPlNlY29uZGx5LCBJIGZpbmQgdGhpcyBzdGF0ZW1lbnQsICZxdW90O0kg dGhpbmsgaXQgaXMgc2ltcGxlc3QgdG8ganVzdCBzYXkgdG8gdGhlIHJlZ2lzdHJhbnQsIGlmIHlv deKAmXJlIGEgY29tcGFueSBhbmQgZG9u4oCZdCBtaW5kIChvciBldmVuIHdhbnQpIHlvdXIgZGF0 YSB0byBiZSBwdWJsaXNoZWQsIGNoZWNrIHRoaXMgYm94LiBJZiB5b3XigJlyZSBub3QsIG9yIHlv dSBkbyBtaW5kLCBkb27igJl0IGNoZWNrIGl0LiZxdW90OyZuYnNwOyB0byBiZQ0KIEJPVEggcGVy cGxleGluZyBhbmQgaW5hY2N1cmF0ZS4mbmJzcDsmbmJzcDtXaGV0aGVyIHNvbWVvbmUgY2hlY2tz IHRoZSBib3gsIG9yIGRvZXMgbm90IGNoZWNrIHRoZSBib3ggaXMgY29tcGxldGVseSBpcnJlbGV2 YW50IGZvciBkZXRlcm1pbmluZyB3aGV0aGVyIGl0IGlzIHBlcnNvbmFsIGRhdGEuIFdoZXRoZXIg c29tZW9uZSBjaGVja3MgdGhlIGJveCBpcyBhIHF1ZXN0aW9uIG9mIENPTlNFTlQgdG8gcHJvY2Vz c2luZyBBTkQgcHVibGljYXRpb24sIG5vdCB3aGV0aGVyDQogdGhpcyBhbW91bnRzIHRvIHBlcnNv bmFsIGRhdGEuIDxzcGFuIHN0eWxlPSJjb2xvcjojMUY0OTdEIj48bzpwPjwvbzpwPjwvc3Bhbj48 L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtm b250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+ PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4g c3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90Oyxz YW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0QiPldlIGFjdHVhbGx5IHNlZW0gdG8gYWdyZWUgaGVyZSwg bW9yZSB0aGFuIHlvdSB0aGluay4gSSBhbSBzYXlpbmcgdGhhdCB0aGUgdXNlciwgdGhlIHJlZ2lz dHJhbnQsIGdldHMgdG8gZGVjaWRlIHdoYXQgaXMgcGVyc29uYWwgZGF0YSBvciBub3QsIGJlY2F1 c2UgVEhFUkUgSVMNCiBOTyBPQkpFQ1RJVkUsIENMRUFSIExFR0FMIERFRklOSVRJT04uIFNvIHRo ZSB1c2VyIGNhbiBkZWNpZGUgd2hldGhlciB0aGV5IHdhbnQgdG8gYmUgY2xhc3NpZmllZCBhcyBh IGxlZ2FsIHBlcnNvbiBhbmQg4oCcY29uc2VudOKAnSB0byBwdWJsaXNoaW5nIHRoZWlyIGRhdGEg b3Igbm90LiBBcyBhbiBleGFtcGxlLCB0aGF0IGlmIEkgZGVjaWRlIHRoYXQgcHVibGlzaGluZyB0 aGUgbmFtZSBvZiDigJxNaWx0b24gTXVlbGxlcuKAmXMgUG9ya2JlbGx5IERpbmVy4oCdDQogaXMg bm90IGEgdmlvbGF0aW9uIG9mIG15IHByaXZhY3ksIGl0IGlzbuKAmXQuIEl0IGRvZXNu4oCZdCBt YXR0ZXIgd2hhdCB0aGUgRXVyb3BlYW4gVW5pb24gc2F5cywgaXTigJlzIG15IGNob2ljZS4gJm5i c3A7Jm5ic3A7PG86cD48L286cD48L3NwYW4+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNw YW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90 OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0QiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQt ZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj5BbmQg bGV04oCZcyBub3Qgb3Zlcmxvb2sgdGhlIGVtYmFycmFzc2luZyBmYWN0IHRoYXQgdGhlIEV1cm9w ZWFuIFVuaW9uIGlzIG5vdyBvbmUgb2YgdGhlIGtleSBwbGF5ZXJzIHB1c2hpbmcgaGFyZCBmb3Ig cHVibGljYXRpb24gb2YgbGVnYWwgcGVyc29uIGRhdGEuIEJ1dCBJ4oCZbGwNCiBsZWF2ZSB0aGF0 IG9uZSB0byBsYXRlci4gPG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwv ZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K --_000_BN7PR07MB4689A55D0B73D70AA775DB92A1419BN7PR07MB4689namp_-- ========================================================================= Date: Tue, 27 Apr 2021 20:24:01 +0000 Reply-To: "Mueller, Milton L" <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: "Mueller, Milton L" <[log in to unmask]> Subject: EDPD policy options Content-Type: multipart/related; boundary="_004_BN7PR07MB4689176073D144672B922BA8A1419BN7PR07MB4689namp_"; type="multipart/alternative" MIME-Version: 1.0 Message-ID: <[log in to unmask]> --_004_BN7PR07MB4689176073D144672B922BA8A1419BN7PR07MB4689namp_ Content-Type: multipart/alternative; boundary="_000_BN7PR07MB4689176073D144672B922BA8A1419BN7PR07MB4689namp_" --_000_BN7PR07MB4689176073D144672B922BA8A1419BN7PR07MB4689namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable So I think we have exchanged views and have a pretty good idea of where peo= ple stand and what the issues are. The next step is to define a position in the EPDP that all of our members c= an adhere to. Let me emphasize that defining a viable position is strategic and not simpl= y a matter of standing up for some abstract principle. I will try to identify the set of real options below Option 1 ------------ Under the phase 1 agreement there is no requirement to differentiate betwee= n legal and natural persons, but Contracted Parties (CPs) can do so if they= want to. We are working on possible "guidance" for CPs who do try to diff= erentiate. One possibility is to leave things as they are. No guidance. No requirement to differentiate. Let the status quo stand. CPs= can do whatever they want. Benefits: most data will probably remain redacted Risks/problems: - we are already working on guidance, this may no longer be an option - some registrars could impose differentiation on their customers - GAC, including European Commission, IPC, BC, ALAC, SSAC will be unhappy a= nd apparent lack of consensus could lead to board or legislative override Option 2: ------------ (Stephanie's approach) Develop Guidance, but make it non-binding No legal or natural differentiation, focus on presence or absence of person= al data Registrant must make attestations re personal data; more difficult and cost= ly process CP involvement in and liability for decisions Option 3: ----------- (Milton's approach) Develop Guidance, but make it non-binding Ask for self-designation as legal at point of registration; registrant is i= nformed of consequences CP can alter record only at request of Registrant CP liability and responsibility for contents of reg records is minimized Option 4: ------------ Develop guidance for differentiation and make it a requirement Many different options under here. This is not an exhaustive list, but it will get us started. We need to move beyond posturing and offer specific proposals that can gain= traction in the actual EPDP group. Dr. Milton L Mueller Georgia Institute of Technology School of Public Policy [IGP_logo_gold block] --_000_BN7PR07MB4689176073D144672B922BA8A1419BN7PR07MB4689namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr= osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:= //www.w3.org/TR/REC-html40"> <head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"= > <meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)"> <!--[if !mso]><style>v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} </style><![endif]--><style><!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:"Calibri",sans-serif;} a:link, span.MsoHyperlink {mso-style-priority:99; color:#0563C1; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:#954F72; text-decoration:underline;} span.EmailStyle17 {mso-style-type:personal-compose; font-family:"Calibri",sans-serif; color:windowtext;} .MsoChpDefault {mso-style-type:export-only; font-family:"Calibri",sans-serif;} @page WordSection1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.WordSection1 {page:WordSection1;} --></style><!--[if gte mso 9]><xml> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" /> </xml><![endif]--><!--[if gte mso 9]><xml> <o:shapelayout v:ext=3D"edit"> <o:idmap v:ext=3D"edit" data=3D"1" /> </o:shapelayout></xml><![endif]--> </head> <body lang=3D"EN-US" link=3D"#0563C1" vlink=3D"#954F72"> <div class=3D"WordSection1"> <p class=3D"MsoNormal">So I think we have exchanged views and have a pretty= good idea of where people stand and what the issues are. <o:p></o:p></p> <p class=3D"MsoNormal">The next step is to define a position in the EPDP th= at all of our members can adhere to.<o:p></o:p></p> <p class=3D"MsoNormal">Let me emphasize that defining a viable position is = strategic and not simply a matter of standing up for some abstract principl= e. <o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">I will try to identify the set of real options below= <o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">Option 1<o:p></o:p></p> <p class=3D"MsoNormal">------------<o:p></o:p></p> <p class=3D"MsoNormal">Under the phase 1 agreement there is no requirement = to differentiate between legal and natural persons, but Contracted Parties = (CPs) can do so if they want to. We are working on possible “gu= idance” for CPs who do try to differentiate.<o:p></o:p></p> <p class=3D"MsoNormal">One possibility is to leave things as they are. <o:p= ></o:p></p> <p class=3D"MsoNormal">No guidance. No requirement to differentiate. Let th= e status quo stand. CPs can do whatever they want. <o:p></o:p></p> <p class=3D"MsoNormal">Benefits: most data will probably remain redacted<o:= p></o:p></p> <p class=3D"MsoNormal">Risks/problems: <o:p></o:p></p> <p class=3D"MsoNormal"> - we are already working on guidance, this may= no longer be an option<o:p></o:p></p> <p class=3D"MsoNormal">- some registrars could impose differentiation on th= eir customers<o:p></o:p></p> <p class=3D"MsoNormal">- GAC, including European Commission, IPC, BC, ALAC,= SSAC will be unhappy and apparent lack of consensus could lead to board or= legislative override<o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">Option 2:<o:p></o:p></p> <p class=3D"MsoNormal">------------<o:p></o:p></p> <p class=3D"MsoNormal">(Stephanie’s approach)<o:p></o:p></p> <p class=3D"MsoNormal">Develop Guidance, but make it non-binding<o:p></o:p>= </p> <p class=3D"MsoNormal">No legal or natural differentiation, focus on presen= ce or absence of personal data<o:p></o:p></p> <p class=3D"MsoNormal">Registrant must make attestations re personal data; = more difficult and costly process<o:p></o:p></p> <p class=3D"MsoNormal">CP involvement in and liability for decisions<o:p></= o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">Option 3:<o:p></o:p></p> <p class=3D"MsoNormal">-----------<o:p></o:p></p> <p class=3D"MsoNormal">(Milton’s approach)<o:p></o:p></p> <p class=3D"MsoNormal">Develop Guidance, but make it non-binding<o:p></o:p>= </p> <p class=3D"MsoNormal">Ask for self-designation as legal at point of regist= ration; registrant is informed of consequences<o:p></o:p></p> <p class=3D"MsoNormal">CP can alter record only at request of Registrant<o:= p></o:p></p> <p class=3D"MsoNormal">CP liability and responsibility for contents of reg = records is minimized<o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">Option 4:<o:p></o:p></p> <p class=3D"MsoNormal">------------<o:p></o:p></p> <p class=3D"MsoNormal">Develop guidance for differentiation and make it a r= equirement<o:p></o:p></p> <p class=3D"MsoNormal">Many different options under here. <o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">This is not an exhaustive list, but it will get us s= tarted. <o:p> </o:p></p> <p class=3D"MsoNormal">We need to move beyond posturing and offer specific = proposals that can gain traction in the actual EPDP group.<o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">Dr. Milton L Mueller<o:p></o:p></p> <p class=3D"MsoNormal">Georgia Institute of Technology<o:p></o:p></p> <p class=3D"MsoNormal">School of Public Policy<o:p></o:p></p> <p class=3D"MsoNormal"><img width=3D"205" height=3D"82" style=3D"width:2.13= 19in;height:.8541in" id=3D"Picture_x0020_1" src=3D"cid:image001.png@01D73B8= 1.BB1BCBE0" alt=3D"IGP_logo_gold block"><o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> </div> </body> </html> --_000_BN7PR07MB4689176073D144672B922BA8A1419BN7PR07MB4689namp_-- --_004_BN7PR07MB4689176073D144672B922BA8A1419BN7PR07MB4689namp_ Content-Type: image/png; name="image001.png" Content-Description: image001.png Content-Disposition: inline; filename="image001.png"; size=17995; creation-date="Tue, 27 Apr 2021 20:24:01 GMT"; modification-date="Tue, 27 Apr 2021 20:24:01 GMT" Content-ID: <[log in to unmask]> Content-Transfer-Encoding: base64 iVBORw0KGgoAAAANSUhEUgAAATMAAAB7CAYAAAAYJGfrAAAAAXNSR0IArs4c6QAAAAlwSFlzAAAW JQAAFiUBSVIk8AAAABl0RVh0U29mdHdhcmUATWljcm9zb2Z0IE9mZmljZX/tNXEAAEXLSURBVHhe 7V0JnBxFva7uufdIsgk5IEDCEiIJAbkvuUHlkEtExQBLDiGKAZ48UdEHJk8REZ5BeIoQEhYIT0RA RQQPEOSGAAECgQghCYEkEHLtMXf3+75/dc/O7M7uzu7OLMmmit8wm+nuOv5d9dX/ruCsWbOUKYYC hgKGAls7BYJb+wBM/w0FDAUMBUgBA2ZmHhgKGAoMCAoYMBsQr9EMwlDAUMCAmZkDhgKGAgOCAgbM BsRrNIMwFDAUMGBm5oChgKHAgKCAAbMB8RrNIAwFDAUMmJk5YChgKDAgKGDAbEC8RjMIQwFDAQNm Zg4YChgKDAgKGDAbEK/RDMJQwFDAgJmZA4YChgIDggIGzAbEazSDMBQwFDBgZuaAoYChwICggAGz AfEazSAMBQwFDJiZOWAoYCgwIChgwGxAvEYzCEMBQwEDZmYOGAoYCgwIChgwGxCv0QzCUMBQwICZ mQOGAoYCA4ICBswGxGs0gzAUMBQwYGbmgKGAocCAoIABswHxGs0gDAUMBQyYmTlgKGAoMCAoYMBs QLxGMwhDAUMBA2ZmDhgKGAoMCAoYMBsQr9EMwlDAUMCAmZkDhgKGAgOCAgbMBsRrNIMwFDAUMGBm 5oChgKHAgKCAAbMB8RoLBzFz35vPqxtsHbNxkzsAR2eGtLVToCqqVEvCXV33hQ++N3v2rLJNUgNm W/vMKNL/gHKOUYNC5wxxnQE4OjOkrZ4CUQtgll2j7lHfx1gMmG31L7SCA8DsaFGbHLVxswGzypHZ VW42jqXoKisAVsMCX+Bm5TfLDillR9qtUyt3HQ/IM/r5rt+RFWA9tr63k2IFYmjfuye/PstSlsW+ 4JMr7Eca9SXRB9TN6wV4knfdH4c3rs7bx1ictIyvq2LZYfQlrKpSgl8by/1uDGdWboqa+rYBCmAx ApACgz8NsAAfHF8JfNiMn6pVYNBE5STX4rcP8O+qNqDAQue/ed3NtiqnZQX+3gMYhAXeRXHi7yvl pOS5zorT8i7qTOCeSRpIveLiOTfXFwAeAdbNKCs8TAWi26tsyztKZZrxO8DYBzS5vh2uj1Juaj3G gfaD1SrYVfvx94BRQ2X8XY4l+SH68xFuqQzsVKbWbWA6myFuwxRwuOBrVM2h92IRD1PNz35FpVb9 XoW2m6hqj3xEOa0rVdOTJ+J7FRi2GgEKclYEv9ojHlaZ9c+qpidOUjWH4PnoiC4J2fLyTOU0LcFz /+j0vqZ/fV5lNrygag66Q9lVYwruc1Mfq9QHD6jEkh8DcDcCy1pVeMcvq6p9fqkyHz2mmp8+Q8DS 594IyuGdz1ZVn75WJd+9RbUsPF8Fa3fDuNg+uLYipfmFKSq220wVGLJvl2NJvPUzFV98hVKx4RWZ PAbMKkJWU+m2QYH26h79b7tqZ1W9380AtJMLgKJNnNOgkH7/Pty7o4h8dvVYFazbD3+3qMzaRzSn BNHVaf63J7LiJ4hyqQ/+iO8kW2njwFIfFXBk6bX/UFkAoB3dQYV3+IKKjD1PBarHqKZnzmQlueeC w49SsT1/qloXzRRurQNYQYRuK16fV/8Z2LcBHKkHHRBlndYVKr3278KNylgwpuDQg5QCt5j+ECBI 8RP3Zze9rsDyVWxqGDCrGGlNxQOeAjn9VEcddnDYoapqr6tV60sAisjQoqRoffU/5Xc33aLCu5yj ag64Xbi55ue+5gFAQAAsNPo0fV9mk2p9+UKIausBCm3iqYiz/HjgQ44qteJ3gnehHU5WtYf8XgWH H62Cg/cCuPxTA6VXIvXnq8ymRSq17Fb00+eY/Osdx9X62vcBSouBTRShdaF4Gd/wkoiwMpYdTwfX ep9yEmtV8/PnAtRaRDdHPaEVrK3YtDBgVjHSmoq3VQpQtKN4Gdnl6yq7YRHEtbkAG+is2hVZ2FDc E1y0fo3IYGPdD86BGcW+AgW9KPQBZKK4J8NDECO31QY8bNsKV6POmMqufw4As0mAStrLwycnsQbc 2yiA7nUAqDfQ14WssevXZgMyqJfz2/eMH/m6Ogs6toKxyP0+1LAD3bTRy4ljwKyXhKvkYzP3v/kk 7MnJOQvP71xRUskOmLr7RAFyLqnVDwAkrlUx6J6ym99Qaein+ryIASAiihLgRNHvQJx8G1+Flk4X Sn032aLcYKuImAQyPpNtehOg2rbkqeez7ICK1H9DVe8/VzU9fqxwhsX7qUGI3B1B0RJrLUTMlmVg yMh5tYm9fSJeHx42YNYH4lXsUUftk4XaF/UbMKsYkStXsRUapBJL56jgkP2gTD9LgGLToweLFbMv hRxbzWegM8srmx85ECD1lnaz8NiuyK4zVAj6MCs2WoW3P1E4t/jiy8UyKa4aXiE31bro2yo47DAY J/ZU1fv+WgwTFBc7FE/vVX1AY8GlpqdOgyHh0YqKj6XSzIBZqZTqz/scd5AK2pXhxftzHNtsWxAV IWq1vnIJQGKSBxS/AsD9om8UgUI9ufIucGIJcQ1xRUeFPS8PoNhACPoxxQ/hDSJm83OTVeZDAE64 Du4WG9r6AJcMWjdbFk6DtfTvKgTgi+5+Kbi6dUX6qTmv1Hv/B/vDejBiGjrcxAda7N0CigGzLeAl tO8CDERDscmad7MFvptSu0QxjOJXy8Kp4lYR3hGWxA6OtKXWpu9zs80q/tr3xP9Li5lwigW31qav 0vtfy0vfBLf0L1V7+EPKBncWHLo/LKR/l/sLC3R1QejVNr4Cw8JFqvrARlU16Scqvebhjh3zxMj4 kp+IVVIchVkjuFAr30+tZ0Mq691mwZSVnGWqzLawhbqGMysTOT+ZaggUg7DwXwNQfAtAcQfcJE7x UKkPkRkUJwmKnnOsjjggZ5THHdG9Y/3rAnzVBy1QsQlXqMzHz6nMun8VATQAUmQ74bgCQ/ZS0fGX wgJ6qkeyIpFGnhe/BmYCLCMJMFVFwV+2yKRevTIDZr0iW788ZMCsX8hcyUYAaPDfSr13tzjMRj+l XTF6XWgAgGOqNgC0Ld1sE3zR8vVcABY7WqVS79+rQu+drMI7fVVV7f0L1fTY0RAhPy7aPEXQ+Buz 0M+9VGjkZ4vc4xsA9hRLrTYA6OK0vicOuRR9P8lSdjBrbGwcYTvOwRjURAwfHIaVATP8vu2kX176 3nsvzJo1q4h28ZMkQc/bbrypcUc74mBW0aauLMe2FzU0NKzseU2dPOGqFtBuq6dT2eixRVZEEW+I 7hm5JLpHeIuZold+EaBYMlv0Z6FRxwvHVsjF4G17eidxyygovOa5YRQxAPDWpn99DhEAC7VLh/RH c2ni/7X4h6JDC9TuLoDW/Ax82Pz68sOtqHez0qr1xQvg7f+oOPGKu4hgGPVlem9tbwDgby0vnq9S Kxd49Cjsb3++urKB2U033TS0KhK90nbdsy3bHmpB8ZMrGJ+D3WLcmLFv3DFv3v+cM3Xqrf05yHK3 ZYed44PB0C2O4yjbtlUqnboQbfyqHO1cceCVwU3Z0a2YRAbMykHQStTBxY0QIPqP2QAQcibkVqjL Sq28U7s35AGAKOitDCyHF4E7u0ycSbVY5q0RcDkOuCsCAn2/dMm7hvpZbxuwFA6Kfm2sL7nidkh/ 2yFqADGX5JzgZyaOqy9+HTq7L0mf7JoxcBV5HfXdpdLrnvTiMlmf9nVzEDvZ8sJ5cOKdCrH0KXS9 GuPaBCdcWjHBeXVwwaB7xrttUQocS8tyPRZygeID1z9uG2UBM3Bj46sj0QewsMdzgbvMJCDkycMz /GZb1kT4tcy9/db5B5w7bcqMSsyzfqpzYzab/QhjxVBFt7WxXO1uCNZVWRk3Cdolzz60MXrn0w0w XZmyRVGAlkSEFMVfvQzdcrTfVXgIgGO1cCkElkJPdwJFDKCwURTtFBHzuTNyUHRYbRGdFp1mwbl5 oMHnHLheSL2dqKS0Ej4sXJj0B/X5Qe7k1jLrnoABAF4+zNaBf2fhrd8iQBYWq2tbxegn79/0qsq8 iOVJj31aQAlwMCr4EQYF74LqsgDETo/L4zf97KS/noGiv3zQ+gxmALIaK+v8iUCGBS6cChb5OxnX vRl4vATQVmsp+3hwaufIuwDYBUPBC8ChPQkODdtNYUF9O6t0GnEVoVQ8E181Y8aMPFtyxyl9NzjC RCw2OphOhzKh0FqIewjzbytXXnmlXV9fHw4Gg24mk7FwXcChcc6c6mhd3XD8YyN+y4GRbl+NCKrg hsnTJ2OLU2rOnDmx4cOHi9Z26dKlqbq6ugfrotF9OAsYdbYhkSjoY2Mj6lZ1oxPpdG0wFMqCxVqP 9ldPnjwZeVK6LrGEqkq6VrNrO+4OKk63cANm3RHtE7muLYm54omZVqiuk95o8YvgoEvBVq+BpaiL A+4jOHZar98cgShfvPXr96IL/AgDtlvQVnuE1MCbi1iQcRFgh3RD5bb2ZJx2d/eX/6X1GcxUNntB MBD8VIZABtESnMpSN2AfBoBgrg+/3NU4b/7igG1/Owuks8i9KQvefErAbMGCBaFMMnmRbdmTAYB7 WMFQmNxdtR1dd8f8255ystZ1DdMbnsgf/h3z5n/Wsq2L3HDkEDvrDnPg2WxnnRbc/yo6ces5U6eI KFs/pv60gKuuyyRTLjy33Dvmz5+Gn4+3Bw8+O+Nawywncx3+/cPGefNOQP8utxx3P1hnYlk3lb19 3vy/4ZE/Dx085DI87wSAyPU77XSKEwgMC1j2TRgLhgrTYzj8A9Rxb+PcufsFAqH/tN0hh6UsZ0eI otjBMVLXTTjZ9Krb5zfe525SsxsuaYDLdPGSUTW1IFAT7e3xhEMwgx3eFEMBQ4HuKNAnMCPXs+uY sV+DsKXboZ7McX7c0HBePpDJpYapU67B/T+HAUBu5rP8Bic0EgaD+wGIh5CNZV3Au+W4VBewA9th BzvVCrinNM6fP7VhypTb+AwA6fvQy11F+Q6AJmItK7XtQDX+OgTXDgEQnXju1ClnoJEYMGgsgZYF 9zYGA4Gd+TfqVwAkBSA7Bn//xR+Cp+8LAKhOQF9O0L8z0Z3UAcccNdgKWZ9ind5vkQVzF+xqB4IL 8ZCMIQs2MGu5r6DFYWwfz40LBezLUoOyo/H32Z29mLTKMGdM3HHsFPrOv03pQAEqYalSJNcCKoni vQvjL7kLP3Eg722v98lda1N0d2zSi3/0n+0qqaJv1euQrJAyWTH9EcbhcUDFx9HN9VxsZif1+9c7 szbmrncyfo7DH297+rWLCy2kW2fjrcyU7hOYQdyKgOsYRTBhoQ4Ji/n5/K6Cg7oEi/7zjutkAHxp gAwBwN517Ni1ALRv1o8dewuA5BCCCspKO5s5ffL06S8tuHJBKDs2dSMY3PP1lLVuBvA9iA7Xg4O7 ygdQ1LsQ16FVdTaj8Zm4r4F1AbC+CG4QCgr3bcult7TuIwBqZ3CRK0DmR9DdNNSX76L2m7z+s29J PP+fwYD9ZNrJTrBd65dYJ9v5gMlhQpTOyr+9D8EnE0h9LmgH3ktns3HUvT7gOmdPnjZVxFRwi79D vWeSewX0fgHjGAzOdVMnr7QaZoUW21GhkK0ql2KgMvOpgrWCqsyQSo936HKYDJDiDP2sfHcDK0Ry +aAGStNTHh7uolPyxDt6wEvgNXVFVJJzg5IssdAAMLWOOIDmF92uLGYJGQIY8t8CDO1FtHaa4pwR QEyCkgHDzTBKjSJqvkgoiicJd8oFnLfvA10xClLyeDcImFAUhJGBeclkw20H7OwH7hOftHwLpt9G UYAF/Rh+hagD6gO1mIk6YORw05qmQoPcs8VoUcHpUKTqPoGZrq8d4dLpQmcTVx0dCoeOz1C0FPFS cznZbGZV/U71+1muc7IWUUXX9nLGDg29Y+78U5wxbsZ21St4TWIOATiFnGz2q1lXTQwECE58gVYK AHY2gOEtb2znASwPRP0TCGjoGYAQYORNAraB35+GbHjSuZ6ebMHcxgPcoNqNhgsAHfrl3NYwbcqN Xn2LAIiDKFL6YFjs9aAnQ6dMmfJrXPs1gGpIIJ0eDb5h5B3zGg8Gj/YpdPSAvOdIMKZQKApmYOxq Ao5qytqqKs0Un6bIHGOeL3qaR8ZdCOfT03TmVaaehn9Tdv1CseQx2aB2S8D9ACy7aicV2X063CE+ n0ta6CC7auqDB2GJvFWysBIAq/eDVbJmV5V8+waVXN5YqAsDQHAxV+8/T7zpW2AZpHI/tufVevYX 5OdiPxNIeHg6QCCuqg/+rQZSSWsd1MHetCQiwDu95iEBVPYzUn+BfFLLb1OJf//Cyy2mXzzHF931 W7j+dZVg/9DvnK5ONLYhOOTCiokcYsyD1vrqd/KAkkkhW5Fo8XqJAmiFEy3vsbgRyErUSSOr9/lf FajbX5T82Y0vCuC56Q1w59gD7U5F+qBjZOw6sP1N+M3dI0623ESie/xI3gdBVPue+aCGNb55iWph CiDhnitv0ewTmG3YsCE5rHbwKoDHDlzs1B8hWuwYjOiN3Bq01TMQuAZnHEli/hl8aglmAJl1UHKN ExAT8RL8SMA+FXWc6ptySRaCjEwaveMciXk6RNy7tH5u9bJl7y4tXO/WQnCCE4Rzc92RuHFUjrzc AF13ng9kfC5lZ0eFuNt6BbZJZJDLK46N2I3CFtr/C68pDoNCTWDQkKuQif3ErB0YGwoG4RcNvg8V wjBCq6cvknZZWVrZtcDUOPd/BJsbMCO1sCDtyEgJt5Gkf94iZwwhU9jYyNnFvF2tr3xbJZfdzHmC 4OmD4RN1m7cIGc64Gr/b4rwawye805mq5blzxDOegdqh7U9Skd0uwSJFHrCcyIc/wUmFx5ytgtsd Bq7kY/hzvSROqIFa7FGcnzlXCpmlhFH2TsAriHbIzfEe1kNwDQyaIG4S8cU/AHBdzwaUFR0p9TFR YrZ5qUqv/osHaJzDuB7DGGvGyX35zrHMjhFCVEFoxNHSlwCSQibe+RXiJWED8zlMzKJA9S6SolsS Rj5+DALOV+cy4HKWBWrHy0e4VXJwsLqGd/wistH+bw4YmXiRVthg3QHyYWB6y7Pn6jHhWT4ntPBB i7JUwdkDXa+hclztE5hB/+VAl3VT0LIOlBcrC9b+AfRH/4QlUEDhnClTuIVd3Tiv8Vjbdg/DTdJv 4AMYL7XBBxrNNbn3Qhr9IygjXn+OZSGPicu0mvC9JTJk1gLxfuhPGTRWt/322w/B5Q15xKjP2VUs izx9AQeEOgv8t+xAYDmV9NIG+2WpL+Lrhlx9tnuWsO7tuei8BgFmtjt48DzUdaaAr+umM+n0XbA4 /FNl7Rexhi4O2vbUnG6xizeHuqqgDtqIyEyeDjFAxUwuUl8Pw5mQ53PVnjZcXPitZv+bBcjoNxV/ 7TKk1HlcxCqKP+HRp4P7OlEcRzmz7NgOAL47sZ5HiltCfPF/ASTgJY/3GKidiNQ8P0Pozj6SZnrz o4eBG5unIrt+QwVqdgNofQZZU8G9iBiIlsFthHf6ivQqCc7JjTPLqt7dsk1L4bB6rB5Lvj6Kollk BNY3xbqIal04XZIiWuHB8DP7rorudjG+vwMO7Xfo1zIRP/1Ste9NGnCQelu7d2jxVIp85++srors PFlfwvhs9J8hU4ml16ItX1ymuC1LCPTYHoB2i2p6CmFVLkVSTXdyk1JIa4jlshHsD/sZuNz0mr+K w6/4kmGNBoceLHna0khxBCV1rm/kNltenFZo9SRDkRep0MW0L8ulPoEZe7Bs+fLb63ceex4YkSPo moEXPcoJpJ++fd68u13LWoxbYparDsIrOAWIBMNi7nVUx1OpZ6vCkeXQQY2lKAiuZvu3Vyy/CyAp x7xAZBsL3dH5rputUVk3Ci3StRBVG9HG8RRZ8dyg6nDkusabbroM7hGtwwYNOg9geigBBWIpXlLm zwC+ZR4X5xOsgN9dtmzZ69DlPQvR9WCv/0dBVH0G7/g59HkiOMXP+txhMYqL+Ola49D/o7PAHz3R 3X+eO20q+GtdYLCYpE0Uesp4n6IvEBxZtbKd5oBjV0HUxFY8sAoXDl0Q7NiO2vyPfzvIvKD1OR0T GJL7CCNWMLjdEVhrKQncJudiMysqTyTCIRnkcBLv3CSHixBYmAKHQEbn0eZnzxI9j4ATKJ8BCPK3 2qMel8UfqZ8GsPupLNowMroyPz7/lhfFhV23LxYw9mpwSFywED/yXggqJBAwlCiXRrqTkB72Ffq+ JDin6K7flEVvRUbBfR/5yHIzIyPjIpDwDAHRgXVS5ACTmk9J6BHp1/r6lQDnu5By6GvgTn/jcZft RQpkLwCHWbXnVXDgvdgTN/Mb0JuMhF3hHXFzaHnuq3LykpxlgGvptX+TFNnifpGX7VYAncJXLujc 00X2g3jpj6DPYEbgAeicCV3TvQCEw8jl4L9BUOp/PQdbQDNZwfkKTNeN0ocMlsRv4sKDRAGUQwEs 798+f/7jIEUMQHQ86gzZQPdUOr1SxdXlDTOm/LZx3m1fCgUCZ4hezLanWOHwyUNDkTie34ntUKeG a3ARCVwBH7jjCuZDuwBu4S4bG6dAzH0AADiO3BMA7GDUezBBDABHJX49Pv7MsMBQY9noSS1AaTkf gid9H64b22ngsw4FmN+AvqzBQ6cHAsH9PKAkDbRSp5MCp7QaVN0K4RtjsDuu7q0Y26i/CQ7ZGzs/ DNcACopeFG3IgWSg9+KhHFoHlUceAEVw1Odk1OL8CQ7Hjm2v7xHlN2YJdWcyt+hrVYsFru9Pwmte 9GIQUX3WmokKCXLMv09uLDTqBHAe14iHPcGMaXB4KIh41WNxhkeTUbfAWT0qQeM6b5hfyFXyxCMs oxxn5nGdeXeJkYKnIOFSYMTu2nCR2SxAnK9Loj4suN3hAp5Ve12DlNudOKoKMSBiMp02QQecZOq9 36vsxCtFl8iU3en8HGMeJ5l461oVHUf92wyVQaaMFNoryIALwwZpG8LGIfTDBsH3pNNpexKVcIua JUHUXR4pKJ/g3YlRxb+9C3GmAvO4z2DGPkEB/yEsk0eNGzsW1kMFPy5rD3+4vC7ilaUWAzB+Ckn6 InBUB9FHC/5lkYapUx8C53IMKDMLE/IwANFIXP8y6eU44HWyWXjbZ+5zk/Z3G2Y0SKKlZSvePRNt /Rem8QX45w5w64ALB/VTYj5vBqD+3rGt79EZFgr86u7CX3EfUnCq3RbMn38OsO6IjHLqlZPdhHfS CH4xg834z3ncWZE3ZH2E+y90LftugOBoAFwNAPhbXGCZdPZt6Az/BnXi5/hvjC1mp9O7oD0/bqXw tdoqin0e230QNljxMxsQhUAWGn4EdC17qzQO5cgiREfbdiAW8uANLEyKYdz12yx6FFPAxUEXxEIw wf/lGY0MEQAhXr33iz42DfdDnJL7mVm1Q9odLfrINRQqtu3YCAFJ6s6ouwptfwK4vRtFXA0JmEG3 ynAi0YW1AW2gpl4NOu4F7tLyu4QCPXMGOCUYK/LeWnA4VL1wsA1A7xUZ/225kkT9kiwxT6+UhSiX fHe+GnTMk8gQO1VS88SX/NIfXVuNPLYO9YV3/qruGw85yaYB0PerwO7fE7GYHFT7kuZhJPFViNG8 HkYBpspejA0CkQB+b6HfIEfrW34diNFKcv23n/Id92LqLAcfDzucx4mRA25BnKeOMOhG6dyhp737 oSxgxqY90fAXALXrx9fX7wnr5e6I0xyGlxyHFfKtZe+995zHxT3tpN3tcO5MC73p+Sz0ao/h68gF jY27Z7LuRDubGgWei34MK7D6EcR9XsHC93zVZoOjuh5oty/2411BcLhQW6vgN/FSw3kNq3LkCNh/ BCn3cR0IrGCnINquzCcV+mvBTeRqWCyHwaaK1ZBdfe7UqeAqdUHo1RwsN+HABJRDoY+wBy2VOgO2 w725OZVcCS5zPfozyc6qzwDCxsDRF1629pvLVr77FKoJgCaToMp1AKx2MJnhSi5a0EoIL6WVhvY0 gK13r3ULewpiSgDcDo8iSy67xRMp24bmJtfIsWa06FFXpGML8xP++YuhbVHJkWijzxCjAEUc5g5L rbpH9GMdF18xeuQtULE0figWuthEWOd2/IpkimW2VgKaPn0IejRwJdq1wiuiY/K4Ey5i71Dg3OL1 JJHYxCvaHkG/Wxf9B6yvsJqyPlgN/WJD9Ex/+BysjpcLZ8YP85JJRoq8wjbJfQZqxgsgpT/4k1xN Lp8PI8ZFAOOTJVBcn1HZVmjFTCz9pXB/NEJUH3Cr2vwIuOSCA4YLdXIlzyQAIS3ONLJQ3Bc9XX58 dskV9f7GsoGZ3wWKbfj7Fe/ToWfggpbjR346lMmaQ9JbZgnF89X6J27lp2jxQpUWdXadwHjHrfPd YCQ4TSITYGmAb9yX8IVIAjUSTrlHiaWWomsm82tYQld4dXWo02vrwSJt0ejQaR/y7wcwR2JxtzUe y6hAVrXlOC6BHlvqLbCHiOgkh2uAe8odeOF3mIkMwbkxsJk57pPgCPSSovI7BTDhdDkSXNMEfHs6 K4AdQYZ6LLHGMTc9XCjk4FoYCQI86BaLPS3K75zc49UJ2vrWSB6PxpQ60KmlwNkwEDw47CDRlYVw TBsLU/i4qXVyOG5+ISfV9M/DBUy1zxWrZyiPt6y8xRx/HWAGQKe1kvo1itMCfLkQo7Za7UhYXEQC EMcj0H9VHzAPFtdnC18t6vC5MnKnVXvP0eIi+8EzPTGW0KiTICbCwyh/U2BYFPRcDHinVVUsnPvS C8kDMB5tBwCUA41RB91VFPsqh/vmgX+etdfvWHr1gwhQb9AGAG/c3R0KXO75WnYwK3cHO6sPXNCn YU34TtaB51kJBfkC8DqcOPRo32nvsHrOtCnfg1V2Ix108dJ2gVVyAt07WDF1XSjL05nMvGUrll9V rKkFc+fu4QSD3xenYSsAj9rsvRCf7yuhW3LLzEPnVMdUNHLN0zPWQxMRiNYlElEVdTclLWFPLjv0 pmHxDYnWG5ZcUnhyRakNfKL3AZ4p6oELyQJ8Cv2y2jpGHzKeDM5FrA0BWlFBxToV8pExDfB3OhKg eIBKf/yMKMrps9X8xJnwPTsHi/52EffcTBJc1D9EdxQeM1k4PjcNA4Ck3cEt4HLItfjiY3otlP0A PHItFKtoXCDXEh3/H8LByFmVovgvwUtGZqLMl4JCXV/q/cfEvSKyyzRxGWl67EjtpNuhMOV2jYq/ gvYxBlpd7bzTxGkEIRAxlRCLHYMvHQwKfvEtkwS75HLoxPIspVo0p29ek86Ae/jfIZKe1WZoAAg7 re8L2IZGHIu+ThduV3SbArye4y0A0vcAKDq1PLE738WlP6bgVgtmCIEaC9vA5MJUQ8XUWd4eT0fd jKta4/EfgbCb2hMXoVJXI6D8+uF1dcj8kYWYq6IQK9NBx1n9UXPzW5dcckmnp1FkEFUQYlwpQqsC 1MekHYq5JYOZykT3TWStBjwzXfSqmQ1J1VTnuLGocGbJhPVzFauZgz9f7Y9JUfY2fHEDOtAuS37I kZdskAs7vfohcYjlobXV+8+Hc+c3tBsGdUdRGH9hldQrG+RCjG7ynV+LVY+cWfWBC1T89f/Soiv6 QeV4bM+fiV6N7gbJ5be3ZbgAcDI1DsGMvmQaSB8S0CweaE0lA3OZ0SnUD6nqaACgOGlHI5L8kCBB 3Vlsj1lyBmbRIim3N3spt+nkWtd2W8bBISUnS5+zG19GfrIva+5LQgnhqgJjB9NlB+EEK8C/5pF2 TejMGDwCjxwagbWNe+M4MN/AGbKftHzSWTjO09CZtghzm/540XEXQV1wEzYK6hG9QjGbtMjpAPO5 4bLPqKIVbrVgBqCBWg52xbwYufZe+gJjPsurnWybE4lEByDzKQPAIufTqYjcxStJ07Kq25cF27NM Fxnebx09c8KcEa4by85+flZmwuIr3c817JCeue+cka6KHY5pAhmlksXfCMqtrPX8mMCF2FEo2iHG WBDZOxSIolYYin7qvxjW42cypfMl3h1TytB3jOJq7RF/E+9yipSiwAenxUInWlobnfh78Dznobq3 iUNpaMSTovgWY4N4smPdg0tsxj3UWfnpeAQ4wUXROMBkhiypFXd0AAPfcknxdtCxEMNyC9qLAHjy JA0svquJLHQAFPrXCh+5moN/J1wP9WHJd1G/DwDyzfcAwGHKbRxRR6/8moP/z2uBYVBhyTUmfaOf GiIabDmNXCggAM3DS+hMS242vZpuFJ4FVpTzXv1MlQ3gpnge9YwSEjQIhT2NMEwnFJv0YzEm8PwC 8TPDNTops9C6K5yXJ8aGdzwD4Hcornjvln6jTAWEw1S2igiADhOyP38IBGCGcQ+CE6xehWn4S9ju NbAWHuMnTXSzztWOk4GMEMKekm52Q6FwXU3d3rBw7oNpsT0eZTD3csiSTyIeVOIo2xeIs6PABR4B j5PxYLwoa2zETrwYmvwnIK5C2dKxAGg3MxOIk0qdjre9B3Oe4b+3VTL5UMOMGR2C8BEtEM9msoOC saoDofSHEQK5kybNyh5n3QyzWPQz4O5HpuGGWxHyAmREoKMYRe4CQEJRRsCkXD5CMrFfVwE4XGY2 grls72RKRTraJNfk0MrYPgbRSxrY/NSpAIGpwjlJOJO9u4QDiRgHi56cA0l/KHBU/G3zv44TN4QQ XDsojrEQBNNr/iK+WPRYL8j6yvHiRG66JNCxlcYIOucW5Cajchtt8rxIKQXhTP4bwoaAMRKMyAXR vUGAAhwWdUuJf88R37nw2AaIn3+CI+5q0Qu6Cbpq+PwFAA0glf7gfnCWV8K6ea74kwUG7yF+epmN L2HMD+hIgXy9GAA0+S5CrwDGFGvtqHZFceDXp8+3bNtIdAbcH4vPH8Od+O55nTRkWFVm82squsv5 eG8HiEVZ9JrgkOlCottG2BMsskILD7DbdGvMaVjujbHrFbDVcmae3qsgqB2WxxxQkIxZS73ZMG36 iyRB49zGPWHP/KkKuCfA70unK8Lvwt0pKwHftVuDkdClyDmWU2Qg59rlsHJeCkfcocyGIYyzhF7B xcJ1V86fN2/2FJ01NyffklMM2NYxSBl0DnzhPi0XmL+RUkAk+gHA8XT0vaDfWHrBrGstRJYNapMZ d6PXCTZfSGaHgTV5KRPTURFlKx6AyFFomPjicOoVB75ZmfXoIh1C+3iiEKskMDLhn10LD3W4YKSw oKVuLwCa7glyehHeRHq972uWP1Lm2GKoTVqOa2PIkijjkfVE/NVoEeTBGgw0l2PXKEoNATf2ARIo fkcl3vxJTkzMDzTvmL4aj2OB06pJY4B2WqXbRR4AgGOiZZMe/QVK8YLu6hA88bQXfziIw56yn+AW f2M2xnGd0MUKw/AAvZS057lc5FclFsi3fymWSr0JBNVm6tvEWZd+lvnxkLw8CAaDpySKQIvdUeGy 4j6t83V/YqzgaU7fyIUytfVziLirNNOvLww/M5ziRBo7PIaOXLRESFjyPiQsq6j7Bmi3NUUAlG1x laEiiCOF4OxIQDdT/BwNa+TDwK8w94tMNvMaUOmvWMEjsHtAA6qiAJ4LAUCUQcBNwSVj3rxr4b92 qWTzwDuBJRMgY2ELcvcA9zcEz+0cCQTnou4N0KsthxuGjMDzJWOuNrSTJbgOF8dasHboww5uNvsL /MYY1VyJZ1QV+vIM2jk44FhYmbpkHTUYYV6749Gnghk9lvIU6nVgEYNvEMUKxicSwGRxYFdm3B0V wwxZkTMUy3AuIjYELI5HRHSx4Z9FTo2cgrRXs4ukWKbVMGcJ7DBQggqscdQfSfygd7YjOR5JJui7 5Pn7CgEQ7h/8UHT13RTIeRRNkJjXoHCocHTNOyREplZOH4Q50SG0qN3z/Kfc44Ohz6VoJ1/JoMHr fvYNZvigpbYDN8z7MT7JiIHrkt2DqgxPR9UBRAgg2PfYd6YFlagIzmG/rXauF2LhxD3iSuHr/fRY NEfKYHQIC9DhEbx4NB0i7toGK2Fp7cOseFn4/YKNoDxzt/NatlrOrBTCIBY0LX5kY8beAroi4aM4 8D6JPGfggHQBGP0J3Nc9ADjYIQOnwYH3qLBtv4vFJ0Cmg8Xdf0RSya98RfuSjYHR8gGInMjMgYAt ZV2IZI3/7dfnAdcq28l8GWLtG8iaOwmpwv+E34d60QHjUUctuLM2hyXE7yLj/3KIvZNgmx2cG5vr DoZ4CiWTWsE9tpQxl3IP/YrCnjUsueJOEVtyR5dBhKLDpQREQ9GcBJciucP6KHJSjKRSmbt7Glkr bAZPMyUzOIz06och4SxHE1jkpbQjWRi4YMkBcaHiI891ItaI20Sp5CMLrRd+EFyriHEM+YeOLYvc 9joCQFtZuy2dttl+kXdXX7v7e9q20MZzaSna6a7a9651JjF2W3e3VCrbDSW8kbK11e8VQZ/WipTZ uyGifVcCic7W4Q6/fd5tf8YMldkNcRMZdwBKhCVKBI51UiLrLEVuMnBGEA+AWlnXuYZAxvsBQisA RodbweB2VjzuZDKhtBVx9vAHx4B5ZAi585zp05/xfnsKsZ6voJ2jvZAbPJYoIjI6Lji+v4IbG5oj lGV9CI7uGYRXQcbSokufC3Zs6kiYgSG1AifqkKPJBxDRmWjls+hSEHQsDqNF4ibbQJeAAqdJsUb6 nBGzJmB6ceEBHKg4DiOOMIkwIloHJfBbp3ESMC2ex6vYaPmS0BbdKXgALlNXAyiZjobtd+b6UTLd JHh9sKQNokglJ3ZDHGOKHFpNyV36B/CWXGdFb/Q4oIq20b7yT6LN7gc4oMEMIAZswHF3XvEOWtkF qwE5S3QBWDA6fI24y+q0QSFwSNAW60XJZ8KO48k0+hlPX5ezikJ3NgGZQ9qobal2bhwI52wr2Vgs VsxHIWbbzmO48CX/VkZ9QlP2ZDqjTs+PCOz+tXZ+B0WbIHRX2ea3RYzqLO88D6nIQlnPuMg2vUy7 7Zkg4gUhM6ZP8mSRuxKPfMQeJhDlhRhHeoZH4fPlwBmTFjytpC+VU8ofi064SH1NeMQpkqBR/k3A 5Cay4WV8mI+L0QW9UT5rkZBARgU7rXGkj+TOw7/D239BLHbpj57oGtw9Z1+Jxywoun5xGhbdHicY gJlOu13el1PJ6keoL/OU9bIRCedMEZB09S2i7ejmJVqUAHERHzHjwYUXTfjIRxHG1HZSOblVvGvx 8CdpfdGVagmMxXMl0dl/uyjYELvcFPsysdnlPj6/pT+OI2vi7zhhDQVMvggO7U5k5rigvq4uCuWU i4NKUpl4ZiysnSEEYdrxdPLjWDh8Qr5LB/zIjsbjL/uDpT4NXNRnAHS0BazBdMpzuOFsay8SehaA rqkVrTl+9b83PrDDqCsmIKV47fjgxoyqu+H5Gctn7ntzubDMm4u1UI7Dy74rcYVcrARHA/CYRFAs YR5AiPtEQhIChhA0HoSOjZye5vI4pSjPw0qKrK5Mk0PgFM9+cIJaT1aCA2oxWtG9A35UdAjNblyk kow/9Cx0EkfJJIzwH0shBrFni8bbuJiJAqIlXT4EyGTRe7AIQKM7Aq2QovyGuNyZSKwD6pEzbedz NC084CbAs9906hUve4k73VFFJv2kDST4BEAmu+kV4YjdDLLiYmOReqgrxDVaNEMA1gDaIBdNi2Ia JzvR4ZdttDdsEISoMgjCTYW6SjrTMnQqOukqPcYOYUe26EvT4EJpeKGjMYPNIzt9WZIEWKCx9BEb RwqcNq2+McSEWp7bi+6rB8A5rh/B+mselLEzMUwlyoAGM+ynVXCFWAcx7w9Q5p+WYaiHZX1p3Jj6 R1tS8YfqYrGwk0xNtQPWDMcNxgLI5FEbi5300YYNd+MQk6sBWMPFzUNZs+HOAVq5r2E5HwtR8lJO cbhUqGQ6cysSaa+ClbRv7wchCrNnz3Iv3u83rRuC2+8cUk3YxqyNXqVdKTx60S7FuxI4I18PlfPl 4w6tFcWSYWLkceKJT5GPbg4Oub0M08DwSLMhAizBEUfB2RWJDZNIt8xMFL0Wl7UBgO1ykTG7rCxE MU7AwowFlYCVM1p/vgCnHIrrW/okJ5oGg8KFRnDW+iix5mK8FIclEaHPOfnUxTWCFMGCfl3ab62T 10LQra4XN5JihWJ2ywtTJHNFILKPRAUUvw9+ZjjDkpuBZAbJNolPWHTC5R3E8vCYcwBUr6qWl2fK UXI6G603J6EjpQNsZCzahMuKhDnBQsmsIcU5czwJ8ZqB6aLrhHogttd1MNQgvCm/II9cdPyl8AFE Nl+6y3i+eZ1NSBpt0nBFMWBWwpLFhK3iISUsPPIObJhwNAgIvwBhScNhTaQVkTblO5FHLQUhFFl/ 2hJUZbLOje+sWPakpAWa23iGG3B/h+s846AaYuTP/OwIftbYdDr9zIbNmy5G1ACcdDDZdVYMxkAV cFKYUtX8ndfRj9p4nMcEFC+wKbwVCLkTnYxdhSWKNARSeiMzddICDBoAFXIyktKmM0slgZ8Oksw3 hvslKJoiHUQZLlJ6l/MaD5LNrHsaUs+78NFq1nor7vQAEgIdw5O4kOgwG0UQNPV0DEfqKXfmghMK Dt1Pp8mmKFlw8rduzwKIMFogCA5NOCuxcuJ37+g0co7sv047BG6Hf/OMSYpUcg/PiRwGD/j/Be2K 6Si1MlyskF2+Es+IwFoA8i3Pny3B3HZ0NDz/maZnD8lasfnx47SIyDkKWtLB1EGWWDoBxybodD4x cE/NyMRBLjcC3zdag1nozJv64A/C4RE4o+NmigNs7SH3ImHkcXgfSO6Y03PSmVdHwmnRl9MJs5Ji Jt5RK87/zBS8E8wR0RXCCALfwJqD7xb6MuKAmWx5yK/O2nGWTreETYLpxLl5SfZbvO/o7pdLiqOW RZd4Lj4h8UfreGJ7CQu7xFsGGGdmvQROqpapg/i64Fe2knTwUhQdWT9m7FQo4s/EiqPCnor2BMBl DVL3PA/gaMQJUg/7dOPRdkj6uL8VjX4DGHQi6h1L/2vyAFisS5Ac8h4EBd+MqIE0jphrRRjTk+Kx Jn5FLrTbbQU2hGfwPNx6eQiK2gCdWRcOsPaLsJ2dBGwM4kATzKLyghnBi46jdDwVSx2zQHQANJ0b PjT8cIQk7qpscDn0ACe3FcVuThEqC+6FrhQZ+IVxUGLl4+G2EhuvuSByL1lMYAaQM0019U2R+unk o8QdpEtAE3cCiLNi+sc3srYyVRC5lA5ck09qLjikFgqBq2I2WfHLojuFuDSQS6H4S5cIuDkAmMVH DSIYU2pzEYrox0x10CkqLNyC2EKCETYAuoAwR1pJ1kz2C23Rx46uHgR9ujnUHvYXEdeYzlr6omFG G0biK5Ra95yAXM0hCKJnrCpBF+DhZ99ILPmJaoXvGEFYaAFHVnJRtYc9KPdHJ/xQgr4LcpUVBQS9 R7JdpgLKP2RFW7ijCP2CCEw/QbzD5qdP03o2qhPgjkEOme+EoEX9K0OkXGxoPoiSS5dURKIKoAsI dJl+NEKJANWT2wYUmJ079bwfdjZ4L0XRLbh+C2Iwq3CyFDk0HLeJw347OZwXIur7uId1/hCHDTNm JIwDh1uQOaNAY9swfTpWtMq5e7TvA1Ic/Uc3L4WzSgDuhpemv3rxvr/5LrRxif9ZOAMJpeiTYYPl YLahMhSKSxCVKIYxBEUCibHraw6NIV/kFFwdBgSPfAIe9SEppJlhKFAQuz93/cTb2KGR8tkKUZ/T vmvkYPgBV0TlMLgpZoKNACyYKyyCnPoEEIpz0m4OuNC2BClD7KOyGAr+AMJuyCFy1w8M+pTk+6LP WudFAzG5Pxf9lMSInvKb3I+kpiFnxZOe/NTdeSFx/J0puKkb42LVKX50GBTFLebp0iBX6rvw/MTk AdA35+9GvzXSvI0DpA7TAji5Fn3OvAbYf9CPsabkLMkVJd5GrjXQJbcJAexYb2Lp/8jhJqQxuTWX OflL8REkPcTLRQMrwZO04aZFzozzIb7kv3XGE6QDz4mvFN6ZYJLWaIWxiFDEjc3zQ5PwKOrkKML7 UFM5S+iAArNSp5cXNN5p4HixeuCaQYVPZQqNUcqaMPPAm/aW6ZCxR2OaNF124Ny9sK3ZiTTO6Ayp 9hHDve4LrVRM/EcuUsfdLZNEgZI+Br5f1H1wAcXfvFqyM1DJz3Q0TOXjwNuegKI5Ne4HJegKOdkB ksmV/yf1U+xkBld6j+vFUyvAxYVCqyiBy4JYSmulKLMp/gnQgvOlBRNJFHOxmwVUYEwjrWsw56yE CCYWPwKErxvzfdHy9GQdUAlx/gxqx3kDTDhI0VlzFeBOAGTa18zP6lHCK5CcZ3Q6ZT0hiZdkccBB knMNRj7tVYIRgjYWODe2HdvjR/I74y/dlM7Qy5IBxyhH5eUHn/MdIPqBHCDFcYrOAYBZmllKugAz ORgIdTLtkYCl5xScXAlVAGI6baTllr5i4yE33/F9U7wvb2BKCRTt9JZtEsz6QrBKPBuLq8XxmLs3 HN6OgC8Jg03/SBYFJwEfSSEJXnCLaqLxAtG1r/3ggszAsua0rBDrmChvPSU39SfM1cWJnlw2Vyxw EbhWEEhSq/+KiU1LX4lA5ndUQCWLxXmvZI2gU24UyRhFfwXOSxYyxSnqpCSffCuAc6PEajI/mSjc Gb+JPGN0v+gQ3ymbAIAAwKt4Nib90KgX63HRC1T0etApivsH3SfIgRBMewJkBGqAcs1Bv9W+dlCg +3nUEm9BBYtTkHxDDEWw2qOf0NwR3UHARTJ9UeKtnwNEIML73I5wih03EFFvCNeJD0V+iXzobqPR 12nIyS/p9ciflsVReL7OjW0W9fLvMXEr+oABs4qSt8TKYwkEi1bxXbSQU4fODNFRSCWUQTh70GZC 2+gbG6KhOXMa966rUc3Q50Fx1PfCyUruhUp8XQhfdC7mYRX01eI/taVSFhgskuIn1tujCSByEpSo LwuN+qw45Op8+NBXQUyi24Acy0YRFAAmB85CpyeioYRvMCZwMLjEsyTjgz4cBc9LvFlSRy0g+6wc 6EHRqStH327IJ+MnJ0pFuO/xL5JfdwBRWDFpTPFUnqTeDHGTjC1Nrbq/QEdFcKabA0+Iot4r27QE KXou1Y7HNC4xBQ97Qr2dHwKVx1XSKKE5WQ3gYjkuiIv0+90mHzODMgtTAVEnpo9pBQfMAPww5oZY n6ktGKENQHgfJVnBu6FtpS4bMKsUZXtQb9yOTrQc9yiEIyxgKDEnr8SE6igUF5bUyR8sD8AlX02C VWMdQrTe9U+w6kEzxW/1Yxs7qwiiJ/3I6I5AvydmIhXFc28LgJIcYWgkjlODDo0HyhLgxHEUyngc Nejp23x3CerPvPYAaAxSp/MqU2yTQ3SQaYIioF3NDBH64BK6HDAwWx9AQgfV3nq2aOtlXwr1gnIo MA0OzJpLUPKiDHIpt9lrAHYrLH+8Z/BxCyFW7gPl+1VI0ggvIOEUcS4ATp2iCMrUQ9nNbxbEmFL0 DCPXGMcqoVe87ivb87OUiL5QR174hVx4Bsp7Br0LeNEyjHecRdYMP9KCVkvR1RFMvSIWUrFwww0k B7B9oVbfnu3bm+pb2+ZpjwKxlsTr8VjVU1hyO7Q3c6bBKIVs67FEJPMy0gOtU4FQa5+BTKyDXhC0 nr3CjRVd9LzmTWBmiu29n5geLDkp8Unj8W8AGtHXkRMgYFG31pW1S0LOwpLuh1ZWujgE60aLWOoC NJLMxoH6I0itI0aLVfcB/B4QZqrNm72fpx2tfMigq3jKkYyPwe/FcgaAT4JDcGYTkibCVYLuEDxJ KSNHu/0N338XPzK6X1TtcyMSN07TOca890edF9MWsZDzEy6KnJlkPgnLwb0sdKHJD6CXH8W6C4Cj IzCK6N0QUJ5t+jf8wv4gOc1iOPmJIWjMpKHj/nBsHQ6oCY04RlQREh1Qiu9iBclvwKyCxC216muW XAKFjLq6u/u/8y31UXf3dH6dE1BnaqBjaIDxmUyZw8nL/Fw8SIRcV0GwNxTEEn4DEUPCbjb2gcvx e4Z+0KpI/yj4OFm0yjEzR8ncE62DsOqhv0xMqEVjbSET0RB1k4MIjUAuM+j5AoN2l/xe5Ih66tvW e1oLwujHST8CNBSiXXJ5Mn6mLkLOM+Zm49F3O58t+f03P3aUiOFM1VN76B8k7xuTQkokAUCLejge XszCVEL0BWPKnui4S7TBBVENItKjpAHwORWCx53REZeuOr4yn+Inrdd09+D5BdRTMi619vCHJfMu aU+XDH1GAmKXAXI8Cb7Nh8wfe2854t5R3oBZ7+i2lT2lnSaZpYInDnEyi06KPkPkdgAoIXA5DhTn tOTpw1z9PFnkhjw/Le+cyj4N3tvVtTd+F5kuumuEMYbFznuR32HNBDfDiITIrufDMjhbEgpmcKCK LOQ+io7dda3wencLug30NPgRlHEGwGKAyNBDxGhAR9nWly8SC3TTEyfAj+wHkr6J0RB+oTibfHeu 5D4TYwA2JfoEymZBmMSGQWDSsas6nEhyvuA7NPLzHYZE6zZDmjhPmp46GZzZLLR3qpwzmmsT15jL jABXkMAyd0d3Y+8ZJbu724BZdxTa6q8zODsOY9hO4mZB/zIGkNPNQoMJC7ODRCWjaARxj6n3/yhZ KLiwHCjgqdsKSIAynSX7mL2DinyvLnEYpUjTITawr0TXQdcUi+Ovz5ZYzuj4i+VgFHIQYjgomiG2 r+3q59k2gbPpieM9Ec7LK9auehoHKGbLfXQypugtrg7Qe2GjYXJHG+9N1ABecDidkOkQmwCnxEyy EjeLgP5s0xvQPa7WRgWJgnFV83NnSeYTbmTUH1KX5oc58bcWnh/QCbCLDyCjLKB+cFB/y8LpsKxe IxyatAnrboapy3P36bmkx/583th1OqX+KAbM+oPKn2QbPKU6NFR2VOqPnNZV2h2iA1dD/6rHRZxh /vjUe7/VISu1iAJAMDT1Kjp/fs+seR2GzhREIVjHYFCQzBrMEluhyS6uBfRvg5hJhTjDsKg8T+Ds TgnJqdQBtXIO50YJERIgEgNGES9bjJtRCHIf+SkxrGixWSzNBAy6pOTqIKm0jxv93RjErxWCWpQt 9D1DElIe+uLXTV+9XAgYVQ5ZOUW+s/cporEX96qTXCK6ots2Bc1KG3sF1oQBswoQ9ROvEg78Kmyp KD5IuAZwOhrnvD+vwhmcoF3Vme8VJjisWW5iiQrGmVHhcoAOdvkYUiYzA0YaymF44LuRWnBp1P/0 ToTIpgGKQ3ZXoSgSM25cioMb4ACKsyKLLvayEJLhVVhgTYgIWLoCVtBpKrL3j+RkoeSaR3GYUxgf Lx1PWdrzK+HS0jrJrgu5ls7uo6hfLGEKAY+gVsyQkN9aV9kp+L5L8cPzQbjUNtl+12MPY162JNyy ZoLxW+2O2ub6VkcBa52bdNckkoiBiuyImVUdSn74CoMLoa3tTkwEd7B2oVs19MQaO1Sdza5dGKdY Ghp57GC7enzQGbxfc+rDR1vA4vQCAZiat9qJDTtiaMaxgsl1izelEykcdx4iq1BhKmPhNq2FpfBq N7LTV63wmPPrQlW7RxCwvTbduhku9tVRHjxT4U6Y6rlt6Y0QLGd5i+HMykvPLaK2j1dHf+TENlxV l9jgZI5+BqfI2lXJpXOeUnV1JSzWOpxivcwN7XTG8Uh+tCp+x+mL1TLwAL/4+XHwMZpSO+KYtxPP XHR1/IObW1Ffj9izj67bkBx3/6pTYQk7y8kklgdX3ffTdHpzXNUESuhXOUiLsS1bptY8faOq//Hl 9cGRn58Wm/D9WGb9s7/6x4jPvnYQToDr6ZjK0attrQ6yZK2wQc1+aVZ3O2uPSGPArEfk2jpuvnNN Q0Kt0Wd3XnFmPSPHl9+wZBaCA0svV5w5egWQKn1DEs9BVXZF1U5MRLUX9DN7Rj/zmy9eM3s03Ox7 Vq546IoJeILu8Ak7GLvjmgdHw9VkVs8qKcfdVE1ddcsrV1xxxXfhcj8tOPy4S4933Ttmz57913JU b+r4ZChgwOyToXt/tqqVRj0vfC7HeWGhO1j88/HbD/D5HP7mBjsfv7cdzNJFG7ifjlBT8GHqpXvw HHLsfLIFfWCSrxvRN+aNm4LvffH9a/y+8ZPtmWm9NxTozSTvTTvmmU+OAoxMJoD0tAzBA/RKzRUs 8vew4K/HDxfhczQ+O+HfcLFXL3jA0KENXN8FP9KR6Qh8qOl/APfiyKctp6A/f0c/aRqcic+1+PtG /LZoy+mh6UkpFDBgVgqVtu57lntgUvIosJhpYqO3JWJXCgsW+RJcvwq/ksti/hoCwHL89ia+qdQl eJKjY+KrcfgwjwzBlFEOd+L5v5TckX68Ef1agTF8H02ei88P8Pcf8H0Xfq+0ZaIfRzmwmzJgNrDf r8Ji/BgLM4HPJPy9uMThIo+OWt0Zt+VxaD/GPeTOjsKnHh+kZ/XSbuhvfqivI4iRe3sIzzHZ5RZb 0D96Et8KWr2O72/gM9Hj0lZvsZ02HctRwIDZtjEZeCTO17Aw12HBIp9P5wX3kJtCcjN1e1f3UYeG 64/gfnJvfIanXTBtBZ2feJTeRnxW4PNv3Iuo562noL/PYlwUsS/E5xr8fTN+Q7IxU7ZkChgw25Lf Tpn6hoW42dNtnYrvhfg3shsWFvxO0fBQfGhx/D3u8ZPTd9kLD9Sob5IU3wOlYFwM6v8R6HImvmeS s8X3PPyuU0uYssVRwIDZFvdKKtMhinhYkHeh9uPwPRHf5NA2eq1Rp0Wuitn4GksFssr0dMuqFbS4 B/RaQkDDh1zaL/FbgWEkv8e4Tnd+Gj3g1CaiNq29K/AMUoOYUkkKGDCrJHW3sLqxoLiw7seCG4Lv sfj4ua+ZTvUpXO+RL9oWNryKdYe6RtAMWRLVBfhchb9vx29IntZW8BtpiYhxhfgv5J1TiqI1xe2d 8TkA18nR/YP6xop1dBuv2IDZNjgBsKA2YtiLtsGh93rIHtBfB1AiYDXgm8cV/ga/b8Lf4/H3Kfgw cvt+z5BQ0Bbu2Rs/nInv53H9yV53xDzYKQUMmJnJYSjQAwoAiB723FDoa/cT/E0OjWC2ANc6tXri 2iLvua/jO0MjQw+aNbeWQAEDZiUQydxiKJBPAQAR/eq+h9/oa/cVfC7Db3RB6bLgHrrIzMVN38T3 slKe6a5Oc72NAgbMzGwwFOgFBWgkASDRKkx/vG6BzG8C98bx3L/wb/ro3d2Lps0jnVDAgJmZGoYC vacADmlWD/Xiccal7gdQqwK49egw6l60tc08YsBsm3nVZqDlpACAiJkP6ZvXpRNysTYBYBk8vwnX RuGDBEumlIMCBszKQUVTx7ZIAYJZGsDU29hNusl0lyp2W6Rrr8dswKzXpDMPbuMUoA9Zj5JTtqMX 115ZkxNu4++jV3mutnWamfEbCpACFBNDEBdjVOr3giRD8AxOczGlXBQwnFm5KGnq2aYo4Om9NmPQ THG0qCeDBwAOw/1Mbrm2J8+Ze7umgAEzM0MMBXpPAZ4Rx2O9ewRmuJ+pwxf3Qd/W+x4P4CcNmA3g l2uGVlkKAIyY0HE1Pqfi7z+W0hru3Q/3MQjd+JiVQrAe3GPArAfEMrcaChShwP34bSpA6ov4Zlxm p9ZN3HM47jkAn7mGKyv/XDJgVn6amhq3IQp4oMTstKdj2N/CN0VOpgyigYDWSp60y8SV++PDHHEM TmdqcVPKTAEDZmUmqKlu26QAAIqplXAon3Bep+Hjc2h036BP2eO4h6dAmVIhChgwqxBhTbXbHgUA VjzjQM45ALBF8WX10m1j2yNeGUZswKwMRDRVGAq0pwAzZBiq9C8FDJj1L71Na4YChgIVooABswoR 1lRrKGAo0L8UMGDWv/Q2rRkKGApUiAIGzCpEWFOtoYChQP9SwIBZ/9LbtGYoYChQIQoYMKsQYU21 hgKGAv1LAQNm/Utv05qhgKFAhShgwKxChDXVGgoYCvQvBQyY9S+9TWuGAoYCFaKAAbMKEdZUayhg KNC/FDBg1r/0Nq0ZChgKVIgC/w9nI1c5zlUuDwAAAABJRU5ErkJggg== --_004_BN7PR07MB4689176073D144672B922BA8A1419BN7PR07MB4689namp_-- ========================================================================= Date: Tue, 27 Apr 2021 21:40:32 +0100 Reply-To: Mark Leiser <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: Mark Leiser <[log in to unmask]> Subject: Re: EPDP policy issues - [adding Kathy] X-To: "Mueller, Milton L" <[log in to unmask]> In-Reply-To: <[log in to unmask]> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0000000000009e1fce05c0fa4666" Message-ID: <[log in to unmask]> --0000000000009e1fce05c0fa4666 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Milton, First let me say I completely agree with you on your statements about European data privacy. I feel like I've dedicated most of my professional life arguing about the dangers of privacy and data protection maximalism - yet almost always feel like my arguments on deaf ears. While people are arguing that 'everything is personal data', I've been arguing that this makes the regime unmanageable. So let me try to explain 'relating to' with reference to 'Milton Mueller's Porkbelly Diner'. Because of Recital 14, this would amount to a legal person. It's pretty clear that the intention of the GDPR's drafters was to exclude legal persons. However, let's say you have registered 'MM Porkbelly Diner' in the register of companies. I think you would agree that this would amount to information about a legal person. But say someone searched the company register and discovered Milton Mueller was the principal shareholder of MM Porkbelly Diner. This is an identifier which would *tie nformation about Milton Mueller to* 'MM PorkBelly Diner'. Therefore, this is 'any information' 'relating to' an identified or identifiable living person. It would be reasonable to infer that MM registered in the registrar database under MM PorkBelly Diner is the same as the Milton Mueller that is in the register of companies. The fact that someone can combine the knowledge from the company register with the knowledge from the registrar database could make 'MM Porkbelly Diner' personal data under Article 4(1) of the GDPR. Someone who did not disclose their identity at all could still be identifiable; hence, the perceived need for protection in the EU data protection regime. "I am saying that the user, the registrant, gets to decide what is personal data or not, because THERE IS NO OBJECTIVE, CLEAR LEGAL DEFINITION" is, on the surface, problematic. It doesn't matter whether the user says NO or YES or the registrar says no or yes, or whether it is objective or clear, the test is whether any information can be combined with other information to reveal an identifiable living person. I would argue, absent a wholesale change in the reasoning used by the CJEU, this would remain the case for the foreseeable future. This is not intended as a Mark Leiser argument or an attempt to discredit what you are saying, but an honest account of how I think the Courts and the EU data protection Board would react to what you are proposing. You asked about IP addresses <https://iapp.org/news/a/are-ip-addresses-generated-when-users-visit-websit= es-personal-information/#:~:text=3DUnder%20the%20EU%20General%20Data,header= %20information%20that%20website%20hosts>, 'port numbers', 'browser config', etc could be used to identify you personally. Yes, absolutely. This is personal data in the EU - if it can relate to a living person. What your writing here reveals, is that you are a little confused about how the GDPR works - the GDPR does not rely on 'consent' or 'explicit permission' as the only basis for processing personal data. Remember the GDPR has six grounds of processing <https://gdpr-info.eu/art-6-gdpr/>. It is a prohibitive regulation. You cannot process personal data in the EU unless you satisfy one of those six grounds. Most companies will NOT be processing on the basis of 'consent' but on 'legitimate interests' (Article 6(1)(f)) or performance of a contract (Article 6(1)(b)). Don't worry, this is an extremely common mistake among American attorneys! As most of these items are "technical', I would also imagine that there is a 'legal requirement' (another ground) or a lawful basis. All ISPs will be processing personal data through 'IP addresses', 'port browsers', and 'browser config' because of the legal basis found in Article 15 of the e-Privacy Directive <https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=3DCELEX:32002L005= 8&from=3DEN> which provides Member States with a specific exemption for the purposes of national security. If not covered by this, I would imagine they would rely on 'legitimate interests' as their ground instead. Finally, even if a registrar has a legitimate interest in processing someone's personal data, this does not address the *privacy *requirements that i indicated in my previous email. Unless there is a specific provision put into law, I do not know how the registrar can remain compliant with the GDPR and the EU's privacy requirements. In fact, I don't know how the EU can even comment on this, because, of course, the EU Charter is a legal framework completely distinct from the European Convention of Human Rights. One more thing to consider - if you choose to disclose your name, address, and designate as the contact person of a legal person, what happens when that person exercises their 'right to be forgotten' right under Article 17 GDPR. Maybe Milton Mueller the person chooses to leave the legal entity MM Porkbelly Diner, adopts a vegan lifestyle, and wants no affiliation with the business? If it's published, he can demand a correction of the database thereof. So what then? Regards, Mark *Dr Mark Leiser | Law and Digital Technologies | FRSA FHEA |* On Tue, 27 Apr 2021 at 20:35, Mueller, Milton L <[log in to unmask]> wrote: > Mark, > > Thanks for your intervention. Here is the complete definition of personal > data in GDPR: > > =E2=80=98personal data=E2=80=99 means any information relating to an iden= tified or > identifiable natural person (=E2=80=98data subject=E2=80=99); an identifi= able natural > person is one who can be identified, directly or indirectly, in particula= r > by reference to an identifier such as a name, an identification number, > location data, an online identifier or to one or more factors specific to > the physical, physiological, genetic, mental, economic, cultural or socia= l > identity of that natural person; > > Alas, this raises more questions than it answers. It is not entirely clea= r > what =E2=80=9Crelating to=E2=80=9D means in this construct. E.g., if the = name of my company > is Milton Mueller=E2=80=99s Porkbelly Diner, is the name relating to me a= s a > person, or to my business? Strictly speaking it=E2=80=99s a business name= . But it > could be used to identify me. An overly broad interpretation of this > definition would classify ANY data about ANYTHING as =E2=80=9Cpersonal da= ta=E2=80=9D > because at some point it could be =E2=80=9Crelated to=E2=80=9D an =E2=80= =9Cidentifiable natural > person.=E2=80=9D So suddenly the business name becomes personal data. Or = a bunch of > obscure technical indicators inherent in your use of the internet, such a= s > port numbers, browser config, etc., could be =E2=80=9Crelated=E2=80=9D to= your ISP account > number, and then used to identify you, personally. But does that mean tha= t > every website and hosting service in the world that uses that technical > data in the course of their operations cannot process that info without > your explicit permission, because it=E2=80=99s =E2=80=9Cpersonal data?=E2= =80=9D I hope not, because > the internet would cease to function if so. > > > > >Therefore, [log in to unmask] is personal data if someone behind it is > identifiable. > > > > My point is that whether the user of [log in to unmask] is identifiable does > not depend on that chunk of data, but on a bunch of activities that relat= e > that data to other things. And in a digital world with powerful processin= g > capabilities, no one can fully control those correlations and searches. A= ny > attempt to do so simply cripples the entire information economy. So the > idea of looking at a registration record and saying =E2=80=9Cis there per= sonal data > in here or not=E2=80=9D is a completely invalid test. > > > > There is an eerie similarity between these exaggerated applications of > privacy law and the copyright maximalists of the 1990s. The IP interests > thought you needed permission to transmit a copyrighted work over the > internet, a claim that would have crippled ISPs who had no idea what > packets were parts of copyrighted material or not. Privacy maximalists ha= ve > reached the same point of absurdity, but they don=E2=80=99t seem to reali= ze it. > They are no longer protecting a tangible privacy interest of internet > users, they are trying to give individuals rigid control over information > exchanges and imposing largely meaningless consent requirements that do n= o > one any good. > > > > >The confusion comes from Recital 14 of the GDPR which states that it > only applies to natural persons and does not cover the processing of > personal data concerning legal persons, in particular undertakings > established as legal persons or legal entities. This also includes the na= me > of the legal person, the form, and the contact details of the legal perso= n. But > the second you start adding identifiers to these details, it stops becomi= ng > the data of a 'legal person' and starts becoming personal data. > > > > Yes, indeed, the GDPR is confused on this score. Unfortunately, you don= =E2=80=99t > escape that confusion by saying =E2=80=9Cadding identifiers=E2=80=9D is t= he problem. Your > argument fails because names of legal persons and contact details ARE > =E2=80=9Cidentifiers,=E2=80=9D they are just identifiers of legal persons= . As I pointed out > they can easily overlap with, or be used to identify, natural persons. > > > > So my basic point is that we do not solve this problem by reference to > GDPR definitions. In fact if GDPR is taken literally no one can ever > publish and share any kind of information without absurd overhead and leg= al > bureaucracy, because ALL of it can be used to identify you in some way. > These kinds of interpretations actually discredit privacy laws and > protections, by taking them to counterproductive lengths. We have to make > common sense-based, practical distinctions between what data needs > protection, what data can be easily shared at the registrants=E2=80=99 ch= oice. > > > > Secondly, I find this statement, "I think it is simplest to just say to > the registrant, if you=E2=80=99re a company and don=E2=80=99t mind (or ev= en want) your data > to be published, check this box. If you=E2=80=99re not, or you do mind, d= on=E2=80=99t check > it." to be BOTH perplexing and inaccurate. Whether someone checks the > box, or does not check the box is completely irrelevant for determining > whether it is personal data. Whether someone checks the box is a question > of CONSENT to processing AND publication, not whether this amounts to > personal data. > > > > We actually seem to agree here, more than you think. I am saying that the > user, the registrant, gets to decide what is personal data or not, becaus= e > THERE IS NO OBJECTIVE, CLEAR LEGAL DEFINITION. So the user can decide > whether they want to be classified as a legal person and =E2=80=9Cconsent= =E2=80=9D to > publishing their data or not. As an example, that if I decide that > publishing the name of =E2=80=9CMilton Mueller=E2=80=99s Porkbelly Diner= =E2=80=9D is not a > violation of my privacy, it isn=E2=80=99t. It doesn=E2=80=99t matter what= the European > Union says, it=E2=80=99s my choice. > > > > And let=E2=80=99s not overlook the embarrassing fact that the European Un= ion is > now one of the key players pushing hard for publication of legal person > data. But I=E2=80=99ll leave that one to later. > --0000000000009e1fce05c0fa4666 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><font face=3D"arial, sans-serif">Hi Milton,</font><div><fo= nt face=3D"arial, sans-serif"><br></font></div><div><font face=3D"arial, sa= ns-serif">First let me say I completely agree=C2=A0with you on=C2=A0your st= atements about European data privacy. I feel like I've dedicated most o= f my professional life arguing about the dangers of privacy=C2=A0and data p= rotection maximalism - yet almost always feel=C2=A0like my arguments on dea= f ears. While people are arguing that 'everything is personal data'= , I've been arguing that this makes the regime unmanageable.=C2=A0</fon= t></div><div><font face=3D"arial, sans-serif"><br></font></div><div><font f= ace=3D"arial, sans-serif">So let me try to explain 'relating to' wi= th=C2=A0reference to 'Milton Mueller's Porkbelly=C2=A0Diner'. B= ecause of Recital 14, this would amount to a legal person. It's pretty = clear that the intention of the GDPR's drafters was to exclude legal pe= rsons. However, let's say you have registered 'MM Porkbelly Diner&#= 39; in the=C2=A0register of companies. I think you would agree that this wo= uld amount to information about a legal person. But say someone=C2=A0search= ed the company register and discovered Milton Mueller was the principal sha= reholder of MM Porkbelly Diner. This is an identifier which would <i>tie nf= ormation about Milton Mueller to</i> 'MM PorkBelly Diner'. Therefor= e, this is 'any information' 'relating to' an identified=C2= =A0or identifiable living person. It would be reasonable to infer that MM r= egistered in the registrar database under MM PorkBelly Diner is the same as= the Milton=C2=A0Mueller that is in the register of companies. The fact tha= t someone can combine=C2=A0the knowledge from the company register with the= knowledge from the registrar database could make 'MM Porkbelly Diner&#= 39; personal data under Article 4(1) of the GDPR. Someone who did not discl= ose their identity at all could still be identifiable; hence, the perceived= need for protection in the EU data protection regime.</font></div><div><fo= nt face=3D"arial, sans-serif"><br></font></div><div><font face=3D"arial, sa= ns-serif">=C2=A0"I<span style=3D"color:rgb(31,73,125)">=C2=A0</span><s= pan style=3D"color:rgb(31,73,125)">am saying that the user, the registrant,= gets to decide what is personal data or not, because THERE IS NO OBJECTIVE= , CLEAR LEGAL DEFINITION" is, on the surface, problematic. </span><fon= t color=3D"#000000">It doesn't matter whether the user says NO or YES o= r the registrar says no or yes, or whether it is objective or clear, the te= st is whether any information can be combined with other information to rev= eal an identifiable living person. I would argue, absent a wholesale change= in the reasoning used by the CJEU, this would remain the case for the fore= seeable future. This is not intended as a Mark Leiser argument or an attemp= t to discredit what you are saying, but an honest account of how I think th= e Courts and the EU data protection Board would react to what you are propo= sing.=C2=A0</font><br></font></div><div><font face=3D"arial, sans-serif"><b= r></font></div><div><font face=3D"arial, sans-serif">You asked about <a hre= f=3D"https://iapp.org/news/a/are-ip-addresses-generated-when-users-visit-we= bsites-personal-information/#:~:text=3DUnder%20the%20EU%20General%20Data,he= ader%20information%20that%20website%20hosts">IP addresses</a>, 'port nu= mbers', 'browser config', etc could be used to identify you per= sonally. Yes, absolutely. This is personal data in the EU - if it can relat= e to a living person. What your=C2=A0writing=C2=A0here reveals, is that you= are a little confused about how the=C2=A0GDPR works - the GDPR does not re= ly on 'consent' or 'explicit permission' as the only basis = for processing personal data. Remember the GDPR has six<a href=3D"https://g= dpr-info.eu/art-6-gdpr/">=C2=A0grounds of processing</a>. It is a prohibiti= ve regulation. You cannot process personal data in the EU unless you satisf= y one of those six grounds. Most companies will NOT be processing on the ba= sis of 'consent' but on 'legitimate interests' (Article 6(1= )(f)) or performance of a contract (Article 6(1)(b)). Don't worry, this= is an extremely=C2=A0common mistake among American attorneys! As most of t= hese items are "technical', I would also imagine that there is a &= #39;legal requirement' (another ground) or a lawful basis. All ISPs wil= l be processing personal data through 'IP addresses', 'port bro= wsers', and 'browser config' because of the legal basis found i= n=C2=A0<a href=3D"https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri= =3DCELEX:32002L0058&from=3DEN">Article 15 of the e-Privacy Directive</a= >=C2=A0which provides Member=C2=A0States with a specific exemption for the = purposes of national security. If not covered by this, I would imagine they= would rely on 'legitimate interests' as their ground instead.=C2= =A0</font></div><div><font face=3D"arial, sans-serif"><br></font></div><div= ><font face=3D"arial, sans-serif">Finally, even if a registrar has a legiti= mate interest in processing someone's personal data, this does not addr= ess the <i>privacy </i>requirements that i indicated in my previous email. = Unless there is a specific provision put into law, I do not know how the re= gistrar=C2=A0can remain compliant with the GDPR and the EU's privacy re= quirements. In fact, I don't know how the EU can even comment on this, = because, of course, the EU Charter is a legal framework completely distinct= from the European Convention of Human Rights.=C2=A0</font></div><div><font= face=3D"arial, sans-serif"><br></font></div><div><font face=3D"arial, sans= -serif">One more thing to consider - if you choose to disclose your name, a= ddress, and designate as the contact person of a legal person, what happens= when that person exercises their 'right to be forgotten' right und= er Article 17 GDPR. Maybe Milton Mueller the person chooses to leave the le= gal entity MM Porkbelly Diner, adopts a vegan lifestyle, and wants no affil= iation=C2=A0with the business? If it's=C2=A0published, he=C2=A0can dema= nd a correction of the database thereof. So what then?=C2=A0</font></div><d= iv><font face=3D"arial, sans-serif"><br></font></div><div><font face=3D"ari= al, sans-serif">Regards,</font></div><div><font face=3D"arial, sans-serif">= <br></font></div><div><font face=3D"arial, sans-serif">Mark=C2=A0</font></d= iv><div><div><div dir=3D"ltr" class=3D"gmail_signature" data-smartmail=3D"g= mail_signature"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir= =3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr= "><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div = dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div><div style=3D"font-size:= 12.8px"><br></div><div style=3D"font-size:12.8px"><b><font color=3D"#674ea7= "><span style=3D"font-size:small;font-family:Tahoma">Dr Mark Leiser | </spa= n><span style=3D"font-size:small">Law and Digital Technologies=C2=A0</span>= <span style=3D"font-size:small;font-family:Tahoma">| FRSA FHEA=C2=A0</span>= <span style=3D"font-family:Tahoma;font-size:small">|</span></font></b></div= ></div></div></div></div></div></div></div></div></div></div></div></div></= div></div></div></div></div></div><br></div></div><br><div class=3D"gmail_q= uote"><div dir=3D"ltr" class=3D"gmail_attr">On Tue, 27 Apr 2021 at 20:35, M= ueller, Milton L <<a href=3D"mailto:[log in to unmask]">[log in to unmask] </a>> wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:= 0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> <div lang=3D"EN-US"> <div class=3D"gmail-m_-8393403031987678044WordSection1"> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">Mark, <u></u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">Thanks for your intervention. Here is the co= mplete definition of personal data in GDPR:<u></u><u></u></span></p> <p class=3D"MsoNormal" style=3D"margin-right:0in;margin-bottom:12pt;margin-= left:30pt;background:white;vertical-align:baseline"> <span style=3D"color:rgb(51,51,51)">=E2=80=98personal data=E2=80=99 means a= ny information relating to an identified or identifiable natural person (= =E2=80=98data subject=E2=80=99); an identifiable natural person is one who = can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification= number, location data, an online identifier or to one or more factors spec= ific to the physical, physiological, genetic, mental, economic, cultural or= social identity of that natural person;<u></u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">Alas, this raises more questions than it ans= wers. It is not entirely clear what =E2=80=9Crelating to=E2=80=9D means in = this construct. E.g., if the name of my company is Milton Mueller=E2=80=99s Porkbelly Diner, is the name relating to me as a person,= or to my business? Strictly speaking it=E2=80=99s a business name. But it = could be used to identify me. An overly broad interpretation of this defini= tion would classify ANY data about ANYTHING as =E2=80=9Cpersonal data=E2=80=9D because at some point it could be =E2=80=9Crelated to=E2=80= =9D an =E2=80=9Cidentifiable natural person.=E2=80=9D So suddenly the busin= ess name becomes personal data. Or a bunch of obscure technical indicators = inherent in your use of the internet, such as port numbers, browser config, etc., could be =E2=80=9Crelated=E2=80=9D to your ISP account number, and t= hen used to identify you, personally. But does that mean that every website= and hosting service in the world that uses that technical data in the cour= se of their operations cannot process that info without your explicit permission, because it=E2=80=99s =E2=80=9Cpersonal d= ata?=E2=80=9D I hope not, because the internet would cease to function if s= o. <u></u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <div> <div> <p class=3D"MsoNormal"><span style=3D"font-family:Arial,sans-serif;color:rg= b(31,73,125)">></span><span style=3D"font-family:Arial,sans-serif">There= fore, <a href=3D"mailto:[log in to unmask]" target=3D"_blank">[log in to unmask]</a> is p= ersonal data if someone behind it is identifiable.<span style=3D"color:rgb(= 31,73,125)"><u></u><u></u></span></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">My point is that whether the user of <a href=3D"mailto:[log in to unmask]" target=3D"_blank">[log in to unmask]</a> is i= dentifiable does not depend on that chunk of data, but on a bunch of activi= ties that relate that data to other things. And in a digital world with pow= erful processing capabilities, no one can fully control those correlations and searches. Any attempt to do so simply cripples the = entire information economy. So the idea of looking at a registration record= and saying =E2=80=9Cis there personal data in here or not=E2=80=9D is a co= mpletely invalid test.<u></u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">There is an eerie similarity between these e= xaggerated applications of privacy law and the copyright maximalists of the= 1990s. The IP interests thought you needed permission to transmit a copyrighted work over the internet, a claim that = would have crippled ISPs who had no idea what packets were parts of copyrig= hted material or not. Privacy maximalists have reached the same point of ab= surdity, but they don=E2=80=99t seem to realize it. They are no longer protecting a tangible privacy interest of i= nternet users, they are trying to give individuals rigid control over infor= mation exchanges and imposing largely meaningless consent requirements that= do no one any good.<u></u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> </div> <div> <p class=3D"MsoNormal"><span style=3D"color:rgb(31,73,125)">></span>The = confusion comes from=C2=A0Recital 14 of the GDPR which states that it only = applies to natural persons and does not cover the processing of personal da= ta concerning legal persons, in particular undertakings established as legal persons or legal entities. This also includes the nam= e of the legal person, the form, and the contact details of the legal perso= n.<span style=3D"color:rgb(31,73,125)"> </span>But the second you start adding identifiers to these details, it sto= ps becoming the data of a 'legal person' and starts becoming person= al data.=C2=A0<u></u><u></u></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">Yes, indeed, the GDPR is confused on this sc= ore. Unfortunately, you don=E2=80=99t escape that confusion by saying =E2= =80=9Cadding identifiers=E2=80=9D is the problem. Your argument fails because names of legal persons and contact details ARE =E2=80=9Cidentifier= s,=E2=80=9D they are just identifiers of legal persons. As I pointed out th= ey can easily overlap with, or be used to identify, natural persons. =C2=A0= <u></u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">So my basic point is that we do not solve th= is problem by reference to GDPR definitions. In fact if GDPR is taken liter= ally no one can ever publish and share any kind of information without absurd overhead and legal bureaucracy, bec= ause ALL of it can be used to identify you in some way. These kinds of inte= rpretations actually discredit privacy laws and protections, by taking them= to counterproductive lengths. We have to make common sense-based, practical distinctions between what data = needs protection, what data can be easily shared at the registrants=E2=80= =99 choice.<u></u><u></u></span></p> </div> <div> <p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p> </div> <div> <p class=3D"MsoNormal">Secondly, I find this statement, "I think it is= simplest to just say to the registrant, if you=E2=80=99re a company and do= n=E2=80=99t mind (or even want) your data to be published, check this box. = If you=E2=80=99re not, or you do mind, don=E2=80=99t check it."=C2=A0 = to be BOTH perplexing and inaccurate.=C2=A0=C2=A0Whether someone checks the box,= or does not check the box is completely irrelevant for determining whether= it is personal data. Whether someone checks the box is a question of CONSE= NT to processing AND publication, not whether this amounts to personal data. <span style=3D"color:rgb(31,73,125)"><u></u= ><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">We actually seem to agree here, more than yo= u think. I am saying that the user, the registrant, gets to decide what is = personal data or not, because THERE IS NO OBJECTIVE, CLEAR LEGAL DEFINITION. So the user can decide whether they = want to be classified as a legal person and =E2=80=9Cconsent=E2=80=9D to pu= blishing their data or not. As an example, that if I decide that publishing= the name of =E2=80=9CMilton Mueller=E2=80=99s Porkbelly Diner=E2=80=9D is not a violation of my privacy, it isn=E2=80=99t. It doesn=E2=80=99t mat= ter what the European Union says, it=E2=80=99s my choice. =C2=A0=C2=A0<u></= u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">And let=E2=80=99s not overlook the embarrass= ing fact that the European Union is now one of the key players pushing hard= for publication of legal person data. But I=E2=80=99ll leave that one to later. <u></u><u></u></span></p> </div> </div> </div> </div> </blockquote></div> --0000000000009e1fce05c0fa4666-- ========================================================================= Date: Tue, 27 Apr 2021 14:05:20 -0700 Reply-To: [log in to unmask] Sender: NCSG-Discuss <[log in to unmask]> From: [log in to unmask] Subject: Re: EDPD policy options X-To: "Mueller, Milton L" <[log in to unmask]> In-Reply-To: <[log in to unmask]> Content-Type: multipart/alternative; boundary="=_qiT_8BfREmMJMVAoJivHXJI" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Message-ID: <[log in to unmask]> This message is in MIME format. --=_qiT_8BfREmMJMVAoJivHXJI Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Description: Plaintext Message Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Tx to Mark Leiser for fascinating input! Milton, Tx for laying this out. I agree we have to be strategic - and I would =20 add consistent with NCSG's history and advocacy on this topic too.=C2=A0 = We =20 have a long history on WHOIS and privacy. /So let me ask the strategic questions: WHERE ARE THE OTHER =20 STAKEHOLDER GROUPS (AND RELEVANT OTHER GROUPS) ON THESE 4 options? =20 Could you tell us who is backing each of the options below?/ In particular, where are other SGs with whom NCSG EPDP has been =20 working most closely over the years?=C2=A0 Judging from a meeting I dropp= ed =20 into in Marrakech 2019, that would be Registrars and Registries.=C2=A0 =20 /WHERE ARE THE RYS AND RRS ON THESE FOUR OPTIONS? / It would also be useful to know: /Is there a split between those in =20 EU/comprehensive data protection countries including Brazil, Canada =20 and Japan and the sectoral privacy countries like the US?=C2=A0 Is there = a =20 legal split or are the EPDP participants of the SGs pretty aligned? / /TX MILTON, AND TO ALL NCSG EPDP MEMBERS WHO WOULD LIKE TO RESPOND! BEST, KATHY/ =C2=A0 Quoting "Mueller, Milton L" <[log in to unmask]>: > So I think we have exchanged views and have a pretty good idea of > where people stand and what the issues are. > The next step is to define a position in the EPDP that all of our > members can adhere to. > Let me emphasize that defining a viable position is strategic and not > simply a matter of standing up for some abstract principle. > > I will try to identify the set of real options below > > Option 1 > ------------ > Under the phase 1 agreement there is no requirement to differentiate > between legal and natural persons, but Contracted Parties (CPs) can > do so if they want to.=C2=A0 We are working on possible "guidance" for = CPs > who do try to differentiate. > One possibility is to leave things as they are. > No guidance. No requirement to differentiate. Let the status quo > stand. CPs can do whatever they want. > Benefits: most data will probably remain redacted > Risks/problems: > =C2=A0 - we are already working on guidance, this may no longer be an o= ption > - some registrars could impose differentiation on their customers > - GAC, including European Commission, IPC, BC, ALAC, SSAC will be > unhappy and apparent lack of consensus could lead to board or > legislative override > > Option 2: > ------------ > (Stephanie's approach) > Develop Guidance, but make it non-binding > No legal or natural differentiation, focus on presence or absence of > personal data > Registrant must make attestations re personal data; more difficult > and costly process > CP involvement in and liability for decisions > > Option 3: > ----------- > (Milton's approach) > Develop Guidance, but make it non-binding > Ask for self-designation as legal at point of registration; > registrant is informed of consequences > CP can alter record only at request of Registrant > CP liability and responsibility for contents of reg records is minimize= d > > Option 4: > ------------ > Develop guidance for differentiation and make it a requirement > Many different options under here. > > This is not an exhaustive list, but it will get us started. > We need to move beyond posturing and offer specific proposals that > can gain traction in the actual EPDP group. > > Dr. Milton L Mueller > Georgia Institute of Technology > School of Public Policy > [IGP_logo_gold block] --=_qiT_8BfREmMJMVAoJivHXJI Content-Type: text/html; charset=utf-8 Content-Description: HTML Message Content-Disposition: inline <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title></title> </head> <body style="font-family:Arial;font-size:14px"> <p>Tx to Mark Leiser for fascinating input!<br> <br> Milton,<br> Tx for laying this out. I agree we have to be strategic - and I would add consistent with NCSG's history and advocacy on this topic too. We have a long history on WHOIS and privacy.<br> <br> <em>So let me ask the strategic questions: <strong>where are the other stakeholder groups (and relevant other groups) on these 4</strong> options? Could you tell us who is backing each of the options below?</em><br> <br> In particular, where are other SGs with whom NCSG EPDP has been working most closely over the years? Judging from a meeting I dropped into in Marrakech 2019, that would be Registrars and Registries. <em><strong>Where are the Rys and Rrs on these four options?</strong></em><br> <br> It would also be useful to know: <em>Is there a split between those in EU/comprehensive data protection countries including Brazil, Canada and Japan and the sectoral privacy countries like the US? Is there a legal split or are the EPDP participants of the SGs pretty aligned?</em><br> <br> <strong><em>Tx Milton, and to all NCSG EPDP members who would like to respond!<br> Best, Kathy</em></strong><br> <br> <br> Quoting "Mueller, Milton L" <<a href="mailto:[log in to unmask]">[log in to unmask]</a>>:<br> <br> > So I think we have exchanged views and have a pretty good idea of<br> > where people stand and what the issues are.<br> > The next step is to define a position in the EPDP that all of our<br> > members can adhere to.<br> > Let me emphasize that defining a viable position is strategic and not<br> > simply a matter of standing up for some abstract principle.<br> ><br> > I will try to identify the set of real options below<br> ><br> > Option 1<br> > ------------<br> > Under the phase 1 agreement there is no requirement to differentiate<br> > between legal and natural persons, but Contracted Parties (CPs) can<br> > do so if they want to. We are working on possible "guidance" for CPs<br> > who do try to differentiate.<br> > One possibility is to leave things as they are.<br> > No guidance. No requirement to differentiate. Let the status quo<br> > stand. CPs can do whatever they want.<br> > Benefits: most data will probably remain redacted<br> > Risks/problems:<br> > - we are already working on guidance, this may no longer be an option<br> > - some registrars could impose differentiation on their customers<br> > - GAC, including European Commission, IPC, BC, ALAC, SSAC will be<br> > unhappy and apparent lack of consensus could lead to board or<br> > legislative override<br> ><br> > Option 2:<br> > ------------<br> > (Stephanie's approach)<br> > Develop Guidance, but make it non-binding<br> > No legal or natural differentiation, focus on presence or absence of<br> > personal data<br> > Registrant must make attestations re personal data; more difficult<br> > and costly process<br> > CP involvement in and liability for decisions<br> ><br> > Option 3:<br> > -----------<br> > (Milton's approach)<br> > Develop Guidance, but make it non-binding<br> > Ask for self-designation as legal at point of registration;<br> > registrant is informed of consequences<br> > CP can alter record only at request of Registrant<br> > CP liability and responsibility for contents of reg records is minimized<br> ><br> > Option 4:<br> > ------------<br> > Develop guidance for differentiation and make it a requirement<br> > Many different options under here.<br> ><br> > This is not an exhaustive list, but it will get us started.<br> > We need to move beyond posturing and offer specific proposals that<br> > can gain traction in the actual EPDP group.<br> ><br> > Dr. Milton L Mueller<br> > Georgia Institute of Technology<br> > School of Public Policy<br> > [IGP_logo_gold block]<br> <br></p> </body> </html> --=_qiT_8BfREmMJMVAoJivHXJI-- ========================================================================= Date: Wed, 28 Apr 2021 11:56:53 +0800 Reply-To: =?UTF-8?B?6Zmz5pu86Iy5IE1hbmp1IENoZW4=?= <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: =?UTF-8?B?6Zmz5pu86Iy5IE1hbmp1IENoZW4=?= <[log in to unmask]> Subject: Re: EPDP policy issues - [adding Kathy] In-Reply-To: <[log in to unmask]> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="000000000000385b1305c1005f7c" Message-ID: <[log in to unmask]> --000000000000385b1305c1005f7c Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi all, This has been a very helpful discussion. Our ultimate goal is to finalize an NCSG position, and I'd like to provide some context in the interest of reaching that goal. Some have pointed out that the question of 'do you agree to publish your data' is a much better one than 'are you a legal or natural person'. I totally agree. But we already have that in the policy. In the EPDP phase 1 final report, recommendation #6 reads: > The EPDP Team recommends that, as soon as commercially reasonable, > Registrar must provide the opportunity for the Registered Name Holder to > provide its Consent to publish redacted contact information, as well as > the email address, in the RDS for the sponsoring registrar. In the EPDP phase2A, the WG is tasked to address the following questions: 1. Whether any updates are required to the EPDP Phase 1 recommendation on this topic (=E2=80=9CRegistrars and Registry Operators are permitted = to differentiate between registrations of legal and natural persons, but ar= e not obligated to do so=E2=80=9C); 2. What guidance, if any, can be provided to Registrars and/or Registries who differentiate between registrations of legal and natural persons. So it's not that we 'want' the distinction of natural vs. legal. It's the task we're given, and per the WG chair's last email to the EPDP team, it's not something we can avoid. We have to stick to the 'natural vs. legal persons' rhetoric to answer the questions. Of course, we can simply assert that 'there's no update needed' and let the contracted parties do whatever they want when they feel like making the distinction. I was personally very tempted by this option every now and then. However, as Milton pointed out in another email, we are already developing guidance in the EPDP, so that option seems far-fetched. I hope this explains some of the confusion and helps us to consider Milton's 4 options in the other email. Thanks! Best, Manju On Wed, Apr 28, 2021 at 4:40 AM Mark Leiser <[log in to unmask]> wrote: > Hi Milton, > > First let me say I completely agree with you on your statements about > European data privacy. I feel like I've dedicated most of my professional > life arguing about the dangers of privacy and data protection maximalism = - > yet almost always feel like my arguments on deaf ears. While people are > arguing that 'everything is personal data', I've been arguing that this > makes the regime unmanageable. > > So let me try to explain 'relating to' with reference to 'Milton Mueller'= s > Porkbelly Diner'. Because of Recital 14, this would amount to a legal > person. It's pretty clear that the intention of the GDPR's drafters was t= o > exclude legal persons. However, let's say you have registered 'MM Porkbel= ly > Diner' in the register of companies. I think you would agree that this > would amount to information about a legal person. But say someone searche= d > the company register and discovered Milton Mueller was the principal > shareholder of MM Porkbelly Diner. This is an identifier which would *tie > nformation about Milton Mueller to* 'MM PorkBelly Diner'. Therefore, this > is 'any information' 'relating to' an identified or identifiable living > person. It would be reasonable to infer that MM registered in the registr= ar > database under MM PorkBelly Diner is the same as the Milton Mueller that = is > in the register of companies. The fact that someone can combine the > knowledge from the company register with the knowledge from the registrar > database could make 'MM Porkbelly Diner' personal data under Article 4(1) > of the GDPR. Someone who did not disclose their identity at all could sti= ll > be identifiable; hence, the perceived need for protection in the EU data > protection regime. > > "I am saying that the user, the registrant, gets to decide what is > personal data or not, because THERE IS NO OBJECTIVE, CLEAR LEGAL > DEFINITION" is, on the surface, problematic. It doesn't matter whether > the user says NO or YES or the registrar says no or yes, or whether it is > objective or clear, the test is whether any information can be combined > with other information to reveal an identifiable living person. I would > argue, absent a wholesale change in the reasoning used by the CJEU, this > would remain the case for the foreseeable future. This is not intended as= a > Mark Leiser argument or an attempt to discredit what you are saying, but = an > honest account of how I think the Courts and the EU data protection Board > would react to what you are proposing. > > You asked about IP addresses > <https://iapp.org/news/a/are-ip-addresses-generated-when-users-visit-webs= ites-personal-information/#:~:text=3DUnder%20the%20EU%20General%20Data,head= er%20information%20that%20website%20hosts>, > 'port numbers', 'browser config', etc could be used to identify you > personally. Yes, absolutely. This is personal data in the EU - if it can > relate to a living person. What your writing here reveals, is that you ar= e > a little confused about how the GDPR works - the GDPR does not rely on > 'consent' or 'explicit permission' as the only basis for processing > personal data. Remember the GDPR has six grounds of processing > <https://gdpr-info.eu/art-6-gdpr/>. It is a prohibitive regulation. You > cannot process personal data in the EU unless you satisfy one of those si= x > grounds. Most companies will NOT be processing on the basis of 'consent' > but on 'legitimate interests' (Article 6(1)(f)) or performance of a > contract (Article 6(1)(b)). Don't worry, this is an extremely common > mistake among American attorneys! As most of these items are "technical',= I > would also imagine that there is a 'legal requirement' (another ground) o= r > a lawful basis. All ISPs will be processing personal data through 'IP > addresses', 'port browsers', and 'browser config' because of the legal > basis found in Article 15 of the e-Privacy Directive > <https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=3DCELEX:32002L0= 058&from=3DEN> which > provides Member States with a specific exemption for the purposes of > national security. If not covered by this, I would imagine they would rel= y > on 'legitimate interests' as their ground instead. > > Finally, even if a registrar has a legitimate interest in processing > someone's personal data, this does not address the *privacy *requirements > that i indicated in my previous email. Unless there is a specific provisi= on > put into law, I do not know how the registrar can remain compliant with t= he > GDPR and the EU's privacy requirements. In fact, I don't know how the EU > can even comment on this, because, of course, the EU Charter is a legal > framework completely distinct from the European Convention of Human Right= s. > > One more thing to consider - if you choose to disclose your name, address= , > and designate as the contact person of a legal person, what happens when > that person exercises their 'right to be forgotten' right under Article 1= 7 > GDPR. Maybe Milton Mueller the person chooses to leave the legal entity M= M > Porkbelly Diner, adopts a vegan lifestyle, and wants no affiliation with > the business? If it's published, he can demand a correction of the databa= se > thereof. So what then? > > Regards, > > Mark > > *Dr Mark Leiser | Law and Digital Technologies | FRSA FHEA |* > > > On Tue, 27 Apr 2021 at 20:35, Mueller, Milton L <[log in to unmask]> wrote= : > >> Mark, >> >> Thanks for your intervention. Here is the complete definition of persona= l >> data in GDPR: >> >> =E2=80=98personal data=E2=80=99 means any information relating to an ide= ntified or >> identifiable natural person (=E2=80=98data subject=E2=80=99); an identif= iable natural >> person is one who can be identified, directly or indirectly, in particul= ar >> by reference to an identifier such as a name, an identification number, >> location data, an online identifier or to one or more factors specific t= o >> the physical, physiological, genetic, mental, economic, cultural or soci= al >> identity of that natural person; >> >> Alas, this raises more questions than it answers. It is not entirely >> clear what =E2=80=9Crelating to=E2=80=9D means in this construct. E.g., = if the name of my >> company is Milton Mueller=E2=80=99s Porkbelly Diner, is the name relatin= g to me as >> a person, or to my business? Strictly speaking it=E2=80=99s a business n= ame. But it >> could be used to identify me. An overly broad interpretation of this >> definition would classify ANY data about ANYTHING as =E2=80=9Cpersonal d= ata=E2=80=9D >> because at some point it could be =E2=80=9Crelated to=E2=80=9D an =E2=80= =9Cidentifiable natural >> person.=E2=80=9D So suddenly the business name becomes personal data. Or= a bunch of >> obscure technical indicators inherent in your use of the internet, such = as >> port numbers, browser config, etc., could be =E2=80=9Crelated=E2=80=9D t= o your ISP account >> number, and then used to identify you, personally. But does that mean th= at >> every website and hosting service in the world that uses that technical >> data in the course of their operations cannot process that info without >> your explicit permission, because it=E2=80=99s =E2=80=9Cpersonal data?= =E2=80=9D I hope not, because >> the internet would cease to function if so. >> >> >> >> >Therefore, [log in to unmask] is personal data if someone behind it is >> identifiable. >> >> >> >> My point is that whether the user of [log in to unmask] is identifiable does >> not depend on that chunk of data, but on a bunch of activities that rela= te >> that data to other things. And in a digital world with powerful processi= ng >> capabilities, no one can fully control those correlations and searches. = Any >> attempt to do so simply cripples the entire information economy. So the >> idea of looking at a registration record and saying =E2=80=9Cis there pe= rsonal data >> in here or not=E2=80=9D is a completely invalid test. >> >> >> >> There is an eerie similarity between these exaggerated applications of >> privacy law and the copyright maximalists of the 1990s. The IP interests >> thought you needed permission to transmit a copyrighted work over the >> internet, a claim that would have crippled ISPs who had no idea what >> packets were parts of copyrighted material or not. Privacy maximalists h= ave >> reached the same point of absurdity, but they don=E2=80=99t seem to real= ize it. >> They are no longer protecting a tangible privacy interest of internet >> users, they are trying to give individuals rigid control over informatio= n >> exchanges and imposing largely meaningless consent requirements that do = no >> one any good. >> >> >> >> >The confusion comes from Recital 14 of the GDPR which states that it >> only applies to natural persons and does not cover the processing of >> personal data concerning legal persons, in particular undertakings >> established as legal persons or legal entities. This also includes the n= ame >> of the legal person, the form, and the contact details of the legal pers= on. But >> the second you start adding identifiers to these details, it stops becom= ing >> the data of a 'legal person' and starts becoming personal data. >> >> >> >> Yes, indeed, the GDPR is confused on this score. Unfortunately, you don= =E2=80=99t >> escape that confusion by saying =E2=80=9Cadding identifiers=E2=80=9D is = the problem. Your >> argument fails because names of legal persons and contact details ARE >> =E2=80=9Cidentifiers,=E2=80=9D they are just identifiers of legal person= s. As I pointed out >> they can easily overlap with, or be used to identify, natural persons. >> >> >> >> So my basic point is that we do not solve this problem by reference to >> GDPR definitions. In fact if GDPR is taken literally no one can ever >> publish and share any kind of information without absurd overhead and le= gal >> bureaucracy, because ALL of it can be used to identify you in some way. >> These kinds of interpretations actually discredit privacy laws and >> protections, by taking them to counterproductive lengths. We have to mak= e >> common sense-based, practical distinctions between what data needs >> protection, what data can be easily shared at the registrants=E2=80=99 c= hoice. >> >> >> >> Secondly, I find this statement, "I think it is simplest to just say to >> the registrant, if you=E2=80=99re a company and don=E2=80=99t mind (or e= ven want) your data >> to be published, check this box. If you=E2=80=99re not, or you do mind, = don=E2=80=99t check >> it." to be BOTH perplexing and inaccurate. Whether someone checks the >> box, or does not check the box is completely irrelevant for determining >> whether it is personal data. Whether someone checks the box is a questio= n >> of CONSENT to processing AND publication, not whether this amounts to >> personal data. >> >> >> >> We actually seem to agree here, more than you think. I am saying that th= e >> user, the registrant, gets to decide what is personal data or not, becau= se >> THERE IS NO OBJECTIVE, CLEAR LEGAL DEFINITION. So the user can decide >> whether they want to be classified as a legal person and =E2=80=9Cconsen= t=E2=80=9D to >> publishing their data or not. As an example, that if I decide that >> publishing the name of =E2=80=9CMilton Mueller=E2=80=99s Porkbelly Diner= =E2=80=9D is not a >> violation of my privacy, it isn=E2=80=99t. It doesn=E2=80=99t matter wha= t the European >> Union says, it=E2=80=99s my choice. >> >> >> >> And let=E2=80=99s not overlook the embarrassing fact that the European U= nion is >> now one of the key players pushing hard for publication of legal person >> data. But I=E2=80=99ll leave that one to later. >> > --000000000000385b1305c1005f7c Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div class=3D"gmail_default" style=3D"font-family:arial,sa= ns-serif;font-size:small">Hi all,</div><div class=3D"gmail_default" style= =3D"font-family:arial,sans-serif;font-size:small"><br></div><div class=3D"g= mail_default" style=3D"font-family:arial,sans-serif;font-size:small">This h= as been a very helpful discussion. Our ultimate goal is to finalize an NCSG= position, and I'd like to provide some context in the interest of reac= hing that goal.</div><div class=3D"gmail_default" style=3D"font-family:aria= l,sans-serif;font-size:small"><br></div><div class=3D"gmail_default" style= =3D"font-family:arial,sans-serif;font-size:small">Some have pointed out tha= t the question of 'do you agree to publish your data' is a much bet= ter one than 'are you a legal or natural person'. I totally agree. = But we already have that in the policy. In the EPDP phase 1 final report, r= ecommendation #6 reads:=C2=A0</div><blockquote style=3D"margin:0px 0px 0px = 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class=3D"gma= il_quote"><span style=3D"font-family:Arial,Helvetica,sans-serif">The EPDP T= eam recommends that, as soon as commercially reasonable, Registrar must=C2= =A0</span><span style=3D"font-family:Arial,Helvetica,sans-serif">provide th= e opportunity for the Registered Name Holder to provide its Consent to=C2= =A0</span><span style=3D"font-family:Arial,Helvetica,sans-serif">publish re= dacted contact information, as well as the email address, in the RDS for th= e=C2=A0</span><span style=3D"font-family:Arial,Helvetica,sans-serif">sponso= ring registrar.</span></blockquote><div><br></div><div class=3D"gmail_defau= lt" style=3D"font-family:arial,sans-serif;font-size:small">In the EPDP phas= e2A, the WG is tasked to address the following questions:</div><div class= =3D"gmail_default" style=3D"font-family:arial,sans-serif;font-size:small"><= ol><li>Whether any updates are required to the EPDP Phase 1 recommendation = on this topic (=E2=80=9CRegistrars and Registry Operators are permitted to = differentiate between registrations of legal and natural persons, but are n= ot obligated to do so=E2=80=9C); </li><li>What guidance, if any, can be pro= vided to Registrars and/or Registries who differentiate between registratio= ns of legal and natural persons.=C2=A0</li></ol><div>So it's not that w= e 'want' the distinction of natural=C2=A0vs. legal. It's the ta= sk we're given, and per the WG chair's last email to the EPDP team,= it's not something we can avoid. We have to stick to the 'natural = vs. legal persons' rhetoric to answer the questions.=C2=A0</div><div><b= r></div><div>Of course, we can simply assert that 'there's no updat= e needed' and let the contracted parties do whatever they want when the= y feel like making the distinction. I was personally very tempted by this o= ption every now and then. However, as Milton pointed out in another email, = we are already developing guidance in the EPDP, so that option seems far-fe= tched.=C2=A0</div><div><br></div><div>I hope this explains some of the conf= usion and helps us to consider Milton's 4 options in the other email.= =C2=A0</div><div><br></div><div>Thanks!</div><div><br></div><div><br></div>= <div>Best,=C2=A0</div><div>Manju</div></div></div><br><div class=3D"gmail_q= uote"><div dir=3D"ltr" class=3D"gmail_attr">On Wed, Apr 28, 2021 at 4:40 AM= Mark Leiser <<a href=3D"mailto:[log in to unmask]" target=3D"_blank">= [log in to unmask]</a>> wrote:<br></div><blockquote class=3D"gmail_quo= te" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204= );padding-left:1ex"><div dir=3D"ltr"><font face=3D"arial, sans-serif">Hi Mi= lton,</font><div><font face=3D"arial, sans-serif"><br></font></div><div><fo= nt face=3D"arial, sans-serif">First let me say I completely agree=C2=A0with= you on=C2=A0your statements about European data privacy. I feel like I'= ;ve dedicated most of my professional life arguing about the dangers of pri= vacy=C2=A0and data protection maximalism - yet almost always feel=C2=A0like= my arguments on deaf ears. While people are arguing that 'everything i= s personal data', I've been arguing that this makes the regime unma= nageable.=C2=A0</font></div><div><font face=3D"arial, sans-serif"><br></fon= t></div><div><font face=3D"arial, sans-serif">So let me try to explain '= ;relating to' with=C2=A0reference to 'Milton Mueller's Porkbell= y=C2=A0Diner'. Because of Recital 14, this would amount to a legal pers= on. It's pretty clear that the intention of the GDPR's drafters was= to exclude legal persons. However, let's say you have registered '= MM Porkbelly Diner' in the=C2=A0register of companies. I think you woul= d agree that this would amount to information about a legal person. But say= someone=C2=A0searched the company register and discovered Milton Mueller w= as the principal shareholder of MM Porkbelly Diner. This is an identifier w= hich would <i>tie nformation about Milton Mueller to</i> 'MM PorkBelly = Diner'. Therefore, this is 'any information' 'relating to&#= 39; an identified=C2=A0or identifiable living person. It would be reasonabl= e to infer that MM registered in the registrar database under MM PorkBelly = Diner is the same as the Milton=C2=A0Mueller that is in the register of com= panies. The fact that someone can combine=C2=A0the knowledge from the compa= ny register with the knowledge from the registrar database could make '= MM Porkbelly Diner' personal data under Article 4(1) of the GDPR. Someo= ne who did not disclose their identity at all could still be identifiable; = hence, the perceived need for protection in the EU data protection regime.<= /font></div><div><font face=3D"arial, sans-serif"><br></font></div><div><fo= nt face=3D"arial, sans-serif">=C2=A0"I<span style=3D"color:rgb(31,73,1= 25)">=C2=A0</span><span style=3D"color:rgb(31,73,125)">am saying that the u= ser, the registrant, gets to decide what is personal data or not, because T= HERE IS NO OBJECTIVE, CLEAR LEGAL DEFINITION" is, on the surface, prob= lematic. </span><font color=3D"#000000">It doesn't matter whether the u= ser says NO or YES or the registrar says no or yes, or whether it is object= ive or clear, the test is whether any information can be combined with othe= r information to reveal an identifiable living person. I would argue, absen= t a wholesale change in the reasoning used by the CJEU, this would remain t= he case for the foreseeable future. This is not intended as a Mark Leiser a= rgument or an attempt to discredit what you are saying, but an honest accou= nt of how I think the Courts and the EU data protection Board would react t= o what you are proposing.=C2=A0</font><br></font></div><div><font face=3D"a= rial, sans-serif"><br></font></div><div><font face=3D"arial, sans-serif">Yo= u asked about <a href=3D"https://iapp.org/news/a/are-ip-addresses-generated= -when-users-visit-websites-personal-information/#:~:text=3DUnder%20the%20EU= %20General%20Data,header%20information%20that%20website%20hosts" target=3D"= _blank">IP addresses</a>, 'port numbers', 'browser config',= etc could be used to identify you personally. Yes, absolutely. This is per= sonal data in the EU - if it can relate to a living person. What your=C2=A0= writing=C2=A0here reveals, is that you are a little confused about how the= =C2=A0GDPR works - the GDPR does not rely on 'consent' or 'expl= icit permission' as the only basis for processing personal data. Rememb= er the GDPR has six<a href=3D"https://gdpr-info.eu/art-6-gdpr/" target=3D"_= blank">=C2=A0grounds of processing</a>. It is a prohibitive regulation. You= cannot process personal data in the EU unless you satisfy one of those six= grounds. Most companies will NOT be processing on the basis of 'consen= t' but on 'legitimate interests' (Article 6(1)(f)) or performan= ce of a contract (Article 6(1)(b)). Don't worry, this is an extremely= =C2=A0common mistake among American attorneys! As most of these items are &= quot;technical', I would also imagine that there is a 'legal requir= ement' (another ground) or a lawful basis. All ISPs will be processing = personal data through 'IP addresses', 'port browsers', and = 'browser config' because of the legal basis found in=C2=A0<a href= =3D"https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=3DCELEX:32002L= 0058&from=3DEN" target=3D"_blank">Article 15 of the e-Privacy Directive= </a>=C2=A0which provides Member=C2=A0States with a specific exemption for t= he purposes of national security. If not covered by this, I would imagine t= hey would rely on 'legitimate interests' as their ground instead.= =C2=A0</font></div><div><font face=3D"arial, sans-serif"><br></font></div><= div><font face=3D"arial, sans-serif">Finally, even if a registrar has a leg= itimate interest in processing someone's personal data, this does not a= ddress the <i>privacy </i>requirements that i indicated in my previous emai= l. Unless there is a specific provision put into law, I do not know how the= registrar=C2=A0can remain compliant with the GDPR and the EU's privacy= requirements. In fact, I don't know how the EU can even comment on thi= s, because, of course, the EU Charter is a legal framework completely disti= nct from the European Convention of Human Rights.=C2=A0</font></div><div><f= ont face=3D"arial, sans-serif"><br></font></div><div><font face=3D"arial, s= ans-serif">One more thing to consider - if you choose to disclose your name= , address, and designate as the contact person of a legal person, what happ= ens when that person exercises their 'right to be forgotten' right = under Article 17 GDPR. Maybe Milton Mueller the person chooses to leave the= legal entity MM Porkbelly Diner, adopts a vegan lifestyle, and wants no af= filiation=C2=A0with the business? If it's=C2=A0published, he=C2=A0can d= emand a correction of the database thereof. So what then?=C2=A0</font></div= ><div><font face=3D"arial, sans-serif"><br></font></div><div><font face=3D"= arial, sans-serif">Regards,</font></div><div><font face=3D"arial, sans-seri= f"><br></font></div><div><font face=3D"arial, sans-serif">Mark=C2=A0</font>= </div><div><div><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir= =3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr= "><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div = dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div><div st= yle=3D"font-size:12.8px"><br></div><div style=3D"font-size:12.8px"><b><font= color=3D"#674ea7"><span style=3D"font-size:small;font-family:Tahoma">Dr Ma= rk Leiser | </span><span style=3D"font-size:small">Law and Digital Technolo= gies=C2=A0</span><span style=3D"font-size:small;font-family:Tahoma">| FRSA = FHEA=C2=A0</span><span style=3D"font-family:Tahoma;font-size:small">|</span= ></font></b></div></div></div></div></div></div></div></div></div></div></d= iv></div></div></div></div></div></div></div></div><br></div></div><br><div= class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Tue, 27 Apr= 2021 at 20:35, Mueller, Milton L <<a href=3D"mailto:[log in to unmask]" = target=3D"_blank">[log in to unmask]</a>> wrote:<br></div><blockquote cla= ss=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid = rgb(204,204,204);padding-left:1ex"> <div lang=3D"EN-US"> <div> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">Mark, <u></u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">Thanks for your intervention. Here is the co= mplete definition of personal data in GDPR:<u></u><u></u></span></p> <p class=3D"MsoNormal" style=3D"margin-right:0in;margin-bottom:12pt;margin-= left:30pt;background:white;vertical-align:baseline"> <span style=3D"color:rgb(51,51,51)">=E2=80=98personal data=E2=80=99 means a= ny information relating to an identified or identifiable natural person (= =E2=80=98data subject=E2=80=99); an identifiable natural person is one who = can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification= number, location data, an online identifier or to one or more factors spec= ific to the physical, physiological, genetic, mental, economic, cultural or= social identity of that natural person;<u></u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">Alas, this raises more questions than it ans= wers. It is not entirely clear what =E2=80=9Crelating to=E2=80=9D means in = this construct. E.g., if the name of my company is Milton Mueller=E2=80=99s Porkbelly Diner, is the name relating to me as a person,= or to my business? Strictly speaking it=E2=80=99s a business name. But it = could be used to identify me. An overly broad interpretation of this defini= tion would classify ANY data about ANYTHING as =E2=80=9Cpersonal data=E2=80=9D because at some point it could be =E2=80=9Crelated to=E2=80= =9D an =E2=80=9Cidentifiable natural person.=E2=80=9D So suddenly the busin= ess name becomes personal data. Or a bunch of obscure technical indicators = inherent in your use of the internet, such as port numbers, browser config, etc., could be =E2=80=9Crelated=E2=80=9D to your ISP account number, and t= hen used to identify you, personally. But does that mean that every website= and hosting service in the world that uses that technical data in the cour= se of their operations cannot process that info without your explicit permission, because it=E2=80=99s =E2=80=9Cpersonal d= ata?=E2=80=9D I hope not, because the internet would cease to function if s= o. <u></u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <div> <div> <p class=3D"MsoNormal"><span style=3D"font-family:Arial,sans-serif;color:rg= b(31,73,125)">></span><span style=3D"font-family:Arial,sans-serif">There= fore, <a href=3D"mailto:[log in to unmask]" target=3D"_blank">[log in to unmask]</a> is p= ersonal data if someone behind it is identifiable.<span style=3D"color:rgb(= 31,73,125)"><u></u><u></u></span></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">My point is that whether the user of <a href=3D"mailto:[log in to unmask]" target=3D"_blank">[log in to unmask]</a> is i= dentifiable does not depend on that chunk of data, but on a bunch of activi= ties that relate that data to other things. And in a digital world with pow= erful processing capabilities, no one can fully control those correlations and searches. Any attempt to do so simply cripples the = entire information economy. So the idea of looking at a registration record= and saying =E2=80=9Cis there personal data in here or not=E2=80=9D is a co= mpletely invalid test.<u></u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">There is an eerie similarity between these e= xaggerated applications of privacy law and the copyright maximalists of the= 1990s. The IP interests thought you needed permission to transmit a copyrighted work over the internet, a claim that = would have crippled ISPs who had no idea what packets were parts of copyrig= hted material or not. Privacy maximalists have reached the same point of ab= surdity, but they don=E2=80=99t seem to realize it. They are no longer protecting a tangible privacy interest of i= nternet users, they are trying to give individuals rigid control over infor= mation exchanges and imposing largely meaningless consent requirements that= do no one any good.<u></u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> </div> <div> <p class=3D"MsoNormal"><span style=3D"color:rgb(31,73,125)">></span>The = confusion comes from=C2=A0Recital 14 of the GDPR which states that it only = applies to natural persons and does not cover the processing of personal da= ta concerning legal persons, in particular undertakings established as legal persons or legal entities. This also includes the nam= e of the legal person, the form, and the contact details of the legal perso= n.<span style=3D"color:rgb(31,73,125)"> </span>But the second you start adding identifiers to these details, it sto= ps becoming the data of a 'legal person' and starts becoming person= al data.=C2=A0<u></u><u></u></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">Yes, indeed, the GDPR is confused on this sc= ore. Unfortunately, you don=E2=80=99t escape that confusion by saying =E2= =80=9Cadding identifiers=E2=80=9D is the problem. Your argument fails because names of legal persons and contact details ARE =E2=80=9Cidentifier= s,=E2=80=9D they are just identifiers of legal persons. As I pointed out th= ey can easily overlap with, or be used to identify, natural persons. =C2=A0= <u></u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">So my basic point is that we do not solve th= is problem by reference to GDPR definitions. In fact if GDPR is taken liter= ally no one can ever publish and share any kind of information without absurd overhead and legal bureaucracy, bec= ause ALL of it can be used to identify you in some way. These kinds of inte= rpretations actually discredit privacy laws and protections, by taking them= to counterproductive lengths. We have to make common sense-based, practical distinctions between what data = needs protection, what data can be easily shared at the registrants=E2=80= =99 choice.<u></u><u></u></span></p> </div> <div> <p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p> </div> <div> <p class=3D"MsoNormal">Secondly, I find this statement, "I think it is= simplest to just say to the registrant, if you=E2=80=99re a company and do= n=E2=80=99t mind (or even want) your data to be published, check this box. = If you=E2=80=99re not, or you do mind, don=E2=80=99t check it."=C2=A0 = to be BOTH perplexing and inaccurate.=C2=A0=C2=A0Whether someone checks the box,= or does not check the box is completely irrelevant for determining whether= it is personal data. Whether someone checks the box is a question of CONSE= NT to processing AND publication, not whether this amounts to personal data. <span style=3D"color:rgb(31,73,125)"><u></u= ><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">We actually seem to agree here, more than yo= u think. I am saying that the user, the registrant, gets to decide what is = personal data or not, because THERE IS NO OBJECTIVE, CLEAR LEGAL DEFINITION. So the user can decide whether they = want to be classified as a legal person and =E2=80=9Cconsent=E2=80=9D to pu= blishing their data or not. As an example, that if I decide that publishing= the name of =E2=80=9CMilton Mueller=E2=80=99s Porkbelly Diner=E2=80=9D is not a violation of my privacy, it isn=E2=80=99t. It doesn=E2=80=99t mat= ter what the European Union says, it=E2=80=99s my choice. =C2=A0=C2=A0<u></= u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)"><u></u>=C2=A0<u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;font-family:Calibri,sa= ns-serif;color:rgb(31,73,125)">And let=E2=80=99s not overlook the embarrass= ing fact that the European Union is now one of the key players pushing hard= for publication of legal person data. But I=E2=80=99ll leave that one to later. <u></u><u></u></span></p> </div> </div> </div> </div> </blockquote></div> </blockquote></div> --000000000000385b1305c1005f7c-- ========================================================================= Date: Wed, 28 Apr 2021 10:53:27 -0400 Reply-To: Stephanie E Perrin <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: Stephanie E Perrin <[log in to unmask]> Subject: Re: EPDP policy issues - [adding Kathy] X-To: =?UTF-8?B?6Zmz5pu86Iy5IE1hbmp1IENoZW4=?= <[log in to unmask]> In-Reply-To: <[log in to unmask]> Content-Type: multipart/alternative; boundary="------------7173DD34AA119951C91A2414" MIME-Version: 1.0 Message-ID: <[log in to unmask]> --------------7173DD34AA119951C91A2414 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Thanks again Manju, for your untiring efforts to get us to solve this=20 disagreement about next steps.=C2=A0 I am going to try to summarize my=20 thinking on this, without diving into the complexity of the law and the=20 difficulties inherent in implementing it. 1.=C2=A0 The push to distinguish between legal and natural is not new.=C2= =A0 We=20 fought it in the PPSAI, and won.=C2=A0 In phase 1 EPDP, we managed to get= =20 recommendation #6 through, but with the concession that ICANN would do a=20 study on legal natural, and that we would reexamine.=C2=A0 My position is= =20 basically HOLD THAT LINE!=C2=A0 We do not need to change our position, we= can=20 examine the matter, take a look at what guidance would do, and maintain=20 the status quo. 2.=C2=A0 We have sought advice from Bird and Bird on mitigating the risk = to=20 contracted parties in terms of how they provide information to their=20 registrants, in order to be in full compliance with data protection law=20 (viewed through the GDPR lens).=C2=A0 For the contracted parties, nothing= in=20 there eliminates the risk that the data controller has, but certainly=20 guidance mitigates it.=C2=A0 However, remember that civil society can tak= e a=20 case under GDPR, and if I were advising civil society as to how to take=20 a case, I would point out the history of WHOIS, the dogged determination=20 of ICANN and the IP and business community to get back to the good old=20 WHOIS, the lack of evidence that forcing this determination on smaller=20 actors will indeed result in greater security and stability=C2=A0 of the = DNS,=20 and the unequal power relationship between ICANN the regulator and the=20 contracted parties who must be accredited to do business.=C2=A0 Third par= ty=20 data accessors are driving this process, and registrants are basicly=20 being represented by ourselves, and the Registrars who have them as=20 customers.=C2=A0 I think we have a responsibility not to cave in. 3.=C2=A0 A word on small business, sole proprietors, and home based=20 entrepreneurs or gig workers.=C2=A0 We are the Non-commercial stakeholder= s,=20 so we do not claim to represent them.=C2=A0 Frankly, I don't know who doe= s=20 here at ICANN, in my 8 years of volunteering at ICANN I have never heard=20 the ALAC folks advance a cohesive argument on behalf of these folks (or=20 even an argument, but I hesitate to say that because someone will trawl=20 through the archives and come up with someone defending the little guy=20 against giant corporations).=C2=A0 Certainly they are not speaking for th= em=20 at the EPDP, they are speaking for government, law enforcement, and=20 cybersecurity operatives.=C2=A0 As folks who care about human rights and=20 fairness to developing economies, I think we should care about how much=20 this differentiation between legal persons and natural persons does not=20 work in countries other than the EU states and the US.=C2=A0 Countries ar= ound=20 the world have different ways to describe small business, different ways=20 to regulate it, and this differentiation may not match tax schemes,=20 municipal registration patterns, etc.=C2=A0 There is of course an additio= nal=20 barrier in the matter of languages. 4.=C2=A0 Remember that what we are arguing about is not providing access = to=20 data about suspected legal persons through the SSAD.=C2=A0 We are arguing= =20 about Automatic disclosure based on the choice the individual makes,=20 legal or natural person.=C2=A0 As I have said before, the skies are not g= oing=20 to fall if the legitimate requestors have to request the data and get it=20 in one or two business days, as opposed to having it pre-emptively=20 disclosed. =C2=A0 Remember that the registrar or his reseller has a wealt= h of=20 other day about their customer that is "below the surface", most=20 importantly credit card info, billing address for the credit card,=20 emails, IP address etc.=C2=A0 They can look at that data if necessary, to= =20 figure out whether they are dealing with a company or a person.=C2=A0=20 However, the SSAD does not have access to that data.=C2=A0 If we encourag= e=20 this differentiation by putting guidance into the policy, then we are=20 heading for the slippery slope of automated disclosure. Remember that=20 there is already a section in there that once the data has been verified=20 as pertaining to a legal person and not containing personal data, it=20 MUST be disclosed.=C2=A0 What happens when that legal entity moves to a=20 jurisdiction where employees have privacy rights, either under data=20 protection law or other laws such as labour laws or contracts?=C2=A0 Ther= e is=20 a good chance that some of their data becomes personal. 5.=C2=A0 Registrars already have excellent advice for their members avail= able=20 through their own websites.=C2=A0 Remember that at ICANN we are only deal= ing=20 with the big ones, and the responsible ones.=C2=A0 We have to consider=20 whether any activity we sanction in this policy induces the lazy ones to=20 cut corners.=C2=A0 They are used to disclosing everything in the WHOIS, i= f=20 given an opportunity to revert to that by creating this distinction,=20 they will most likely do what is easiest.=C2=A0 At the moment, under the = temp=20 spec and article 6, the easiest thing to do is to consider these grey=20 area folks as natural persons unless proven otherwise, and protect the=20 data. Why on earth would we not choose this option?=C2=A0 There is no law= =20 telling us to do otherwise, and there is certainly a great deal of law=20 out there that makes differentiation a legal risk that carries liability=20 and cost.=C2=A0 We want domain names to remain affordable, and we want ou= r=20 people protected. 6.=C2=A0 One more thing:=C2=A0 remember that not all domain names are use= d for=20 websites engaged in commerce.=C2=A0 Some are being held by individuals fo= r=20 future use.=C2=A0 Disclosure provides market information to big players w= ho=20 may want to prevent the name from being used, or to purchase them, but=20 there is no harm emanating from them in dormancy, and small players need=20 not have their competitive positions compromised in this way.=C2=A0 Most = of=20 the online crime that we hear adduced to justify disclosure of data is=20 coming from websites.=C2=A0 Websites can be regulated to protect consumer= s,=20 but that is not within ICANN's bailiwick.=C2=A0 Folks come to ICANN to de= mand=20 this activity because other multilateral instruments have failed, but=20 given the lack of oversight over ICANN, the responsibility to ensure=20 fairness and human rights are respected falls on the shoulders of the=20 stakeholders engaged here. 7.=C2=A0 Finally:=C2=A0 Several folks are worried that governments will r= egulate=20 if we do not concede here.=C2=A0 I say let them, the Courts and the=20 Constitution and the much more rigorous defences against incursions into=20 human rights available within countries will prevail.=C2=A0 It certainly = will=20 in the EU, where the draft NIS is progressing.....I keep pointing out=20 the Opinion of the European Data Protection Supervisor on this matter,=20 so one more time here it is=20 https://www.google.com/search?client=3Dfirefox-b-d&q=3Dedps+on+the+nis+di= rective.=20 As for the increasing number of autocratic countries interested in=20 curtailing the free speech and internet rights of their citizens, they=20 are regulating anyway and nothing that ICANN does is going to persuade=20 them otherwise.=C2=A0 A good example of us falling on the side of custome= r=20 protection might at least give those individuals in these countries=20 something to point to, as opposed to caving in to threats. cheers Stephanie Perrin On 2021-04-27 11:56 p.m., =E9=99=B3=E6=9B=BC=E8=8C=B9 Manju Chen wrote: > *EXTERNAL EMAIL:* > Hi all, > > This has been a very helpful discussion. Our ultimate goal is to=20 > finalize an NCSG position, and I'd like to provide some context in the=20 > interest of reaching that goal. > > Some have pointed out that the question of 'do you agree to publish=20 > your data' is a much better one than 'are you a legal or natural=20 > person'. I totally agree. But we already have that in the policy. In=20 > the EPDP phase 1 final report, recommendation #6 reads: > > The EPDP Team recommends that, as soon as commercially reasonable, > Registrar must provide the opportunity for the Registered Name > Holder to provide its Consent to publish redacted contact > information, as well as the email address, in the RDS for the > sponsoring registrar. > > > In the EPDP phase2A, the WG is tasked to address the following question= s: > > 1. Whether any updates are required to the EPDP Phase 1 > recommendation on this topic (=E2=80=9CRegistrars and Registry Oper= ators > are permitted to differentiate between registrations of legal and > natural persons, but are not obligated to do so=E2=80=9C); > 2. What guidance, if any, can be provided to Registrars and/or > Registries who differentiate between registrations of legal and > natural persons. > > So it's not that we 'want' the distinction of natural=C2=A0vs. legal. I= t's=20 > the task we're given, and per the WG chair's last email to the EPDP=20 > team, it's not something we can avoid. We have to stick to the=20 > 'natural vs. legal persons' rhetoric to answer the questions. > > Of course, we can simply assert that 'there's no update needed' and=20 > let the contracted parties do whatever they want when they feel like=20 > making the distinction. I was personally very tempted by this option=20 > every now and then. However, as Milton pointed out in another email,=20 > we are already developing guidance in the EPDP, so that option seems=20 > far-fetched. > > I hope this explains some of the confusion and helps us to consider=20 > Milton's 4 options in the other email. > > Thanks! > > > Best, > Manju > > On Wed, Apr 28, 2021 at 4:40 AM Mark Leiser <[log in to unmask] > <mailto:[log in to unmask]>> wrote: > > Hi Milton, > > First let me say I completely agree=C2=A0with you on=C2=A0your stat= ements > about European data privacy. I feel like I've dedicated most of my > professional life arguing about the dangers of privacy=C2=A0and dat= a > protection maximalism - yet almost always feel=C2=A0like my argumen= ts > on deaf ears. While people are arguing that 'everything is > personal data', I've been arguing that this makes the regime > unmanageable. > > So let me try to explain 'relating to' with=C2=A0reference to 'Milt= on > Mueller's Porkbelly=C2=A0Diner'. Because of Recital 14, this would > amount to a legal person. It's pretty clear that the intention of > the GDPR's drafters was to exclude legal persons. However, let's > say you have registered 'MM Porkbelly Diner' in the=C2=A0register o= f > companies. I think you would agree that this would amount to > information about a legal person. But say someone=C2=A0searched the > company register and discovered Milton Mueller was the principal > shareholder of MM Porkbelly Diner. This is an identifier which > would /tie nformation about Milton Mueller to/ 'MM PorkBelly > Diner'. Therefore, this is 'any information' 'relating to' an > identified=C2=A0or identifiable living person. It would be reasonab= le > to infer that MM registered in the registrar database under MM > PorkBelly Diner is the same as the Milton=C2=A0Mueller that is in t= he > register of companies. The fact that someone can combine=C2=A0the > knowledge from the company register with the knowledge from the > registrar database could make 'MM Porkbelly Diner' personal data > under Article 4(1) of the GDPR. Someone who did not disclose their > identity at all could still be identifiable; hence, the perceived > need for protection in the EU data protection regime. > > =C2=A0"Iam saying that the user, the registrant, gets to decide wha= t is > personal data or not, because THERE IS NO OBJECTIVE, CLEAR LEGAL > DEFINITION" is, on the surface, problematic. It doesn't matter > whether the user says NO or YES or the registrar says no or yes, > or whether it is objective or clear, the test is whether any > information can be combined with other information to reveal an > identifiable living person. I would argue, absent a wholesale > change in the reasoning used by the CJEU, this would remain the > case for the foreseeable future. This is not intended as a Mark > Leiser argument or an attempt to discredit what you are saying, > but an honest account of how I think the Courts and the EU data > protection Board would react to what you are proposing. > > You asked about IP addresses > <https://iapp.org/news/a/are-ip-addresses-generated-when-users-visi= t-websites-personal-information/#:~:text=3DUnder%20the%20EU%20General%20D= ata,header%20information%20that%20website%20hosts>, > 'port numbers', 'browser config', etc could be used to identify > you personally. Yes, absolutely. This is personal data in the EU - > if it can relate to a living person. What your=C2=A0writing=C2=A0he= re > reveals, is that you are a little confused about how the=C2=A0GDPR > works - the GDPR does not rely on 'consent' or 'explicit > permission' as the only basis for processing personal data. > Remember the GDPR has six=C2=A0grounds of processing > <https://gdpr-info.eu/art-6-gdpr/>. It is a prohibitive > regulation. You cannot process personal data in the EU unless you > satisfy one of those six grounds. Most companies will NOT be > processing on the basis of 'consent' but on 'legitimate interests' > (Article 6(1)(f)) or performance of a contract (Article 6(1)(b)). > Don't worry, this is an extremely=C2=A0common mistake among America= n > attorneys! As most of these items are "technical', I would also > imagine that there is a 'legal requirement' (another ground) or a > lawful basis. All ISPs will be processing personal data through > 'IP addresses', 'port browsers', and 'browser config' because of > the legal basis found in Article 15 of the e-Privacy Directive > <https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=3DCELEX:3= 2002L0058&from=3DEN>=C2=A0which > provides Member=C2=A0States with a specific exemption for the purpo= ses > of national security. If not covered by this, I would imagine they > would rely on 'legitimate interests' as their ground instead. > > Finally, even if a registrar has a legitimate interest in > processing someone's personal data, this does not address the > /privacy /requirements that i indicated in my previous email. > Unless there is a specific provision put into law, I do not know > how the registrar=C2=A0can remain compliant with the GDPR and the E= U's > privacy requirements. In fact, I don't know how the EU can even > comment on this, because, of course, the EU Charter is a legal > framework completely distinct from the European Convention of > Human Rights. > > One more thing to consider - if you choose to disclose your name, > address, and designate as the contact person of a legal person, > what happens when that person exercises their 'right to be > forgotten' right under Article 17 GDPR. Maybe Milton Mueller the > person chooses to leave the legal entity MM Porkbelly Diner, > adopts a vegan lifestyle, and wants no affiliation=C2=A0with the > business? If it's=C2=A0published, he=C2=A0can demand a correction o= f the > database thereof. So what then? > > Regards, > > Mark > > *Dr Mark Leiser | Law and Digital Technologies | FRSA FHEA |* > > > On Tue, 27 Apr 2021 at 20:35, Mueller, Milton L <[log in to unmask] > <mailto:[log in to unmask]>> wrote: > > Mark, > > Thanks for your intervention. Here is the complete definition > of personal data in GDPR: > > =E2=80=98personal data=E2=80=99 means any information relating = to an > identified or identifiable natural person (=E2=80=98data subjec= t=E2=80=99); an > identifiable natural person is one who can be identified, > directly or indirectly, in particular by reference to an > identifier such as a name, an identification number, location > data, an online identifier or to one or more factors specific > to the physical, physiological, genetic, mental, economic, > cultural or social identity of that natural person; > > Alas, this raises more questions than it answers. It is not > entirely clear what =E2=80=9Crelating to=E2=80=9D means in this= construct. > E.g., if the name of my company is Milton Mueller=E2=80=99s Por= kbelly > Diner, is the name relating to me as a person, or to my > business? Strictly speaking it=E2=80=99s a business name. But i= t could > be used to identify me. An overly broad interpretation of this > definition would classify ANY data about ANYTHING as =E2=80=9Cp= ersonal > data=E2=80=9D because at some point it could be =E2=80=9Crelate= d to=E2=80=9D an > =E2=80=9Cidentifiable natural person.=E2=80=9D So suddenly the = business name > becomes personal data. Or a bunch of obscure technical > indicators inherent in your use of the internet, such as port > numbers, browser config, etc., could be =E2=80=9Crelated=E2=80=9D= to your ISP > account number, and then used to identify you, personally. But > does that mean that every website and hosting service in the > world that uses that technical data in the course of their > operations cannot process that info without your explicit > permission, because it=E2=80=99s =E2=80=9Cpersonal data?=E2=80=9D= I hope not, because > the internet would cease to function if so. > > >Therefore, [log in to unmask] <mailto:[log in to unmask]> is personal > data if someone behind it is identifiable. > > My point is that whether the user of [log in to unmask] > <mailto:[log in to unmask]> is identifiable does not depend on > that chunk of data, but on a bunch of activities that relate > that data to other things. And in a digital world with > powerful processing capabilities, no one can fully control > those correlations and searches. Any attempt to do so simply > cripples the entire information economy. So the idea of > looking at a registration record and saying =E2=80=9Cis there p= ersonal > data in here or not=E2=80=9D is a completely invalid test. > > There is an eerie similarity between these exaggerated > applications of privacy law and the copyright maximalists of > the 1990s. The IP interests thought you needed permission to > transmit a copyrighted work over the internet, a claim that > would have crippled ISPs who had no idea what packets were > parts of copyrighted material or not. Privacy maximalists have > reached the same point of absurdity, but they don=E2=80=99t see= m to > realize it. They are no longer protecting a tangible privacy > interest of internet users, they are trying to give > individuals rigid control over information exchanges and > imposing largely meaningless consent requirements that do no > one any good. > > >The confusion comes from=C2=A0Recital 14 of the GDPR which sta= tes > that it only applies to natural persons and does not cover the > processing of personal data concerning legal persons, in > particular undertakings established as legal persons or legal > entities. This also includes the name of the legal person, the > form, and the contact details of the legal person.But the > second you start adding identifiers to these details, it stops > becoming the data of a 'legal person' and starts becoming > personal data. > > Yes, indeed, the GDPR is confused on this score. > Unfortunately, you don=E2=80=99t escape that confusion by sayin= g > =E2=80=9Cadding identifiers=E2=80=9D is the problem. Your argum= ent fails > because names of legal persons and contact details ARE > =E2=80=9Cidentifiers,=E2=80=9D they are just identifiers of leg= al persons. As > I pointed out they can easily overlap with, or be used to > identify, natural persons. > > So my basic point is that we do not solve this problem by > reference to GDPR definitions. In fact if GDPR is taken > literally no one can ever publish and share any kind of > information without absurd overhead and legal bureaucracy, > because ALL of it can be used to identify you in some way. > These kinds of interpretations actually discredit privacy laws > and protections, by taking them to counterproductive lengths. > We have to make common sense-based, practical distinctions > between what data needs protection, what data can be easily > shared at the registrants=E2=80=99 choice. > > Secondly, I find this statement, "I think it is simplest to > just say to the registrant, if you=E2=80=99re a company and don= =E2=80=99t mind > (or even want) your data to be published, check this box. If > you=E2=80=99re not, or you do mind, don=E2=80=99t check it."=C2= =A0 to be BOTH > perplexing and inaccurate.=C2=A0=C2=A0Whether someone checks th= e box, or > does not check the box is completely irrelevant for > determining whether it is personal data. Whether someone > checks the box is a question of CONSENT to processing AND > publication, not whether this amounts to personal data. > > We actually seem to agree here, more than you think. I am > saying that the user, the registrant, gets to decide what is > personal data or not, because THERE IS NO OBJECTIVE, CLEAR > LEGAL DEFINITION. So the user can decide whether they want to > be classified as a legal person and =E2=80=9Cconsent=E2=80=9D t= o publishing > their data or not. As an example, that if I decide that > publishing the name of =E2=80=9CMilton Mueller=E2=80=99s Porkbe= lly Diner=E2=80=9D is > not a violation of my privacy, it isn=E2=80=99t. It doesn=E2=80= =99t matter > what the European Union says, it=E2=80=99s my choice. > > And let=E2=80=99s not overlook the embarrassing fact that the E= uropean > Union is now one of the key players pushing hard for > publication of legal person data. But I=E2=80=99ll leave that o= ne to > later. > --------------7173DD34AA119951C91A2414 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable <html><head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8"> </head> <body> <p>Thanks again Manju, for your untiring efforts to get us to solve this disagreement about next steps. I am going to try to summarize my thinking on this, without diving into the complexity of the law and the difficulties inherent in implementing it.</p> <p>1. The push to distinguish between legal and natural is not new. We fought it in the PPSAI, and won. In phase 1 EPD= P, we managed to get recommendation #6 through, but with the concession that ICANN would do a study on legal natural, and that we would reexamine. My position is basically HOLD THAT LINE! We = do not need to change our position, we can examine the matter, take a look at what guidance would do, and maintain the status quo.</p> <p>2. We have sought advice from Bird and Bird on mitigating th= e risk to contracted parties in terms of how they provide information to their registrants, in order to be in full compliance with data protection law (viewed through the GDPR lens). For the contracted parties, nothing in there eliminate= s the risk that the data controller has, but certainly guidance mitigates it. However, remember that civil society can take a case under GDPR, and if I were advising civil society as to how to take a case, I would point out the history of WHOIS, the dogged determination of ICANN and the IP and business community to get back to the good old WHOIS, the lack of evidence that forcing this determination on smaller actors will indeed result in greater security and stability of the DNS, and the unequal power relationship between ICANN the regulator and the contracted parties who must be accredited to do business. Third party da= ta accessors are driving this process, and registrants are basicly being represented by ourselves, and the Registrars who have them as customers. I think we have a responsibility not to cave in= .</p> <p>3. A word on small business, sole proprietors, and home base= d entrepreneurs or gig workers. We are the Non-commercial stakeholders, so we do not claim to represent them. Frankly, = I don't know who does here at ICANN, in my 8 years of volunteering at ICANN I have never heard the ALAC folks advance a cohesive argument on behalf of these folks (or even an argument, but I hesitate to say that because someone will trawl through the archives and come up with someone defending the little guy against giant corporations). Certainly they are not speaking for them= at the EPDP, they are speaking for government, law enforcement, and cybersecurity operatives. As folks who care about human right= s and fairness to developing economies, I think we should care about how much this differentiation between legal persons and natural persons does not work in countries other than the EU states and the US. Countries around the world have different ways to describe small business, different ways to regulate it, and this differentiation may not match tax schemes, municipal registration patterns, etc. There is of course an additional barrier in th= e matter of languages.<br> </p> <p>4. Remember that what we are arguing about is not providing access to data about suspected legal persons through the SSAD. = ; We are arguing about Automatic disclosure based on the choice the individual makes, legal or natural person. As I have said bef= ore, the skies are not going to fall if the legitimate requestors have to request the data and get it in one or two business days, as opposed to having it pre-emptively disclosed. Remember that = the registrar or his reseller has a wealth of other day about their customer that is "below the surface", most importantly cr= edit card info, billing address for the credit card, emails, IP address etc. They can look at that data if necessary, to figure out whether they are dealing with a company or a person. However,= the SSAD does not have access to that data. If we encourage this differentiation by putting guidance into the policy, then we are heading for the slippery slope of automated disclosure. Remember that there is already a section in there that once the data has been verified as pertaining to a legal person and not containing personal data, it MUST be disclosed. What happens when that l= egal entity moves to a jurisdiction where employees have privacy rights, either under data protection law or other laws such as labour laws or contracts? There is a good chance that some of their data becomes personal.<br> </p> <p>5. Registrars already have excellent advice for their member= s available through their own websites. Remember that at ICANN = we are only dealing with the big ones, and the responsible ones. = We have to consider whether any activity we sanction in this policy induces the lazy ones to cut corners. They are used to disclo= sing everything in the WHOIS, if given an opportunity to revert to that by creating this distinction, they will most likely do what is easiest. At the moment, under the temp spec and article 6, th= e easiest thing to do is to consider these grey area folks as natural persons unless proven otherwise, and protect the data. = ; Why on earth would we not choose this option? There is no law telling us to do otherwise, and there is certainly a great deal of law out there that makes differentiation a legal risk that carries liability and cost. We want domain names to remain affordable= , and we want our people protected.</p> <p>6. One more thing: remember that not all domain names = are used for websites engaged in commerce. Some are being held by individuals for future use. Disclosure provides market information to big players who may want to prevent the name from being used, or to purchase them, but there is no harm emanating from them in dormancy, and small players need not have their competitive positions compromised in this way. Most of the on= line crime that we hear adduced to justify disclosure of data is coming from websites. Websites can be regulated to protect consumers= , but that is not within ICANN's bailiwick. Folks come to ICANN= to demand this activity because other multilateral instruments have failed, but given the lack of oversight over ICANN, the responsibility to ensure fairness and human rights are respected falls on the shoulders of the stakeholders engaged here. <br> </p> <p>7. Finally: Several folks are worried that governments= will regulate if we do not concede here. I say let them, the Court= s and the Constitution and the much more rigorous defences against incursions into human rights available within countries will prevail. It certainly will in the EU, where the draft NIS is progressing.....I keep pointing out the Opinion of the European Data Protection Supervisor on this matter, so one more time here it is <a class=3D"moz-txt-link-freetext" href=3D"https://www.google.com/search?= client=3Dfirefox-b-d&q=3Dedps+on+the+nis+directive">https://www.googl= e.com/search?client=3Dfirefox-b-d&q=3Dedps+on+the+nis+directive</a>.&= nbsp; As for the increasing number of autocratic countries interested in curtailing the free speech and internet rights of their citizens, they are regulating anyway and nothing that ICANN does is going to persuade them otherwise. A good example of us falling on the = side of customer protection might at least give those individuals in these countries something to point to, as opposed to caving in to threats.<br> </p> <p>cheers Stephanie Perrin<br> </p> <div class=3D"moz-cite-prefix">On 2021-04-27 11:56 p.m., =E9=99=B3=E6= =9B=BC=E8=8C=B9 Manju Chen wrote:<br> </div> <blockquote type=3D"cite" cite=3D"mid:CAMeQZi0H1LMBLMz5xkFikR4QG0DQO3= [log in to unmask]"> =20 <div style=3D"font-size: 10pt; font-family: sans-serif; color: white; font-style: normal; font-weight: bold; padding: .2em;"> <strong><span style=3D"color: #c75000;">EXTERNAL EMAIL:</span></s= trong></div> <div> <div dir=3D"ltr"> <div class=3D"gmail_default" style=3D"font-family:arial,sans-se= rif;font-size:small">Hi all,</div> <div class=3D"gmail_default" style=3D"font-family:arial,sans-se= rif;font-size:small"><br> </div> <div class=3D"gmail_default" style=3D"font-family:arial,sans-se= rif;font-size:small">This has been a very helpful discussion. Our ultimate goal is to finalize an NCSG position, and I'd like to provide some context in the interest of reaching that goal.</div> <div class=3D"gmail_default" style=3D"font-family:arial,sans-se= rif;font-size:small"><br> </div> <div class=3D"gmail_default" style=3D"font-family:arial,sans-se= rif;font-size:small">Some have pointed out that the question of 'do you agree to publish your data' is a much better one than 'are you a legal or natural person'. I totally agree. But we already have that in the policy. In the EPDP phase 1 final report, recommendation #6 reads: </div> <blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex" class=3D"gmail_quote= "> <span style=3D"font-family:Arial,Helvetica,sans-serif">The EPDP Team recommends that, as soon as commercially reasonable, Registrar must </span><span style=3D"font-= family:Arial,Helvetica,sans-serif">provide the opportunity for the Registered Name Holder to provide its Consent to </span><span style=3D"font-family:Arial,Hel= vetica,sans-serif">publish redacted contact information, as well as the email address, in the RDS for the </span><span style=3D"font= -family:Arial,Helvetica,sans-serif">sponsoring registrar.</span></blockquote> <div><br> </div> <div class=3D"gmail_default" style=3D"font-family:arial,sans-se= rif;font-size:small">In the EPDP phase2A, the WG is tasked to address the following questions:</div> <div class=3D"gmail_default" style=3D"font-family:arial,sans-se= rif;font-size:small"> <ol> <li>Whether any updates are required to the EPDP Phase 1 recommendation on this topic (=E2=80=9CRegistrars and Reg= istry Operators are permitted to differentiate between registrations of legal and natural persons, but are not obligated to do so=E2=80=9C); </li> <li>What guidance, if any, can be provided to Registrars and/or Registries who differentiate between registrations of legal and natural persons. </li> </ol> <div>So it's not that we 'want' the distinction of natural vs. legal. It's the task we're given, and per = the WG chair's last email to the EPDP team, it's not something we can avoid. We have to stick to the 'natural vs. legal persons' rhetoric to answer the questions. </div> <div><br> </div> <div>Of course, we can simply assert that 'there's no update needed' and let the contracted parties do whatever they want when they feel like making the distinction. I was personally very tempted by this option every now and then. However, as Milton pointed out in another email, we are already developing guidance in the EPDP, so that option seems far-fetched. </div> <div><br> </div> <div>I hope this explains some of the confusion and helps us to consider Milton's 4 options in the other email. </d= iv> <div><br> </div> <div>Thanks!</div> <div><br> </div> <div><br> </div> <div>Best, </div> <div>Manju</div> </div> </div> <br> <div class=3D"gmail_quote"> <div dir=3D"ltr" class=3D"gmail_attr">On Wed, Apr 28, 2021 at 4= :40 AM Mark Leiser <<a href=3D"mailto:[log in to unmask]" ta= rget=3D"_blank" moz-do-not-send=3D"true">[log in to unmask]</a>> wrote:<br> </div> <blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> <div dir=3D"ltr"><font face=3D"arial, sans-serif">Hi Milton,<= /font> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">First let me say I completely agree with you on your statements = about European data privacy. I feel like I've dedicated most of my professional life arguing about the dangers of privacy and data protection maximalism - yet almos= t always feel like my arguments on deaf ears. While people are arguing that 'everything is personal data', I've been arguing that this makes the regime unmanageable. </font></div> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">So let me try to explain 'relating to' with reference to 'Milton Mueller's Porkbelly Diner'. Because of Recital 14, this would amount to a legal person. It's pretty clear that the intention of the GDPR's drafters was to exclude legal persons. However, let's say you have registered 'MM Porkbelly Diner' in the register of companies. I think you would agree that this would amount to information about a legal person. But say someone searched the company register and discover= ed Milton Mueller was the principal shareholder of MM Porkbelly Diner. This is an identifier which would <i>tie nformation about Milton Mueller to</i> 'MM PorkBelly Diner'. Therefore, this is 'any information' 'relating to' an identified or identifiable living person. It would be reasonable to infer that MM registered in the registrar database under MM PorkBelly Diner is the same as the Milton Mueller = that is in the register of companies. The fact that someone can combine the knowledge from the company registe= r with the knowledge from the registrar database could make 'MM Porkbelly Diner' personal data under Article 4(1) of the GDPR. Someone who did not disclose their identity at all could still be identifiable; hence, the perceived need for protection in the EU data protection regime.</font></div> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif"> "I<span st= yle=3D"color:rgb(31,73,125)"> </span><span style=3D"color:rgb(31,73,= 125)">am saying that the user, the registrant, gets to decide what is personal data or not, because THERE IS NO OBJECTIVE, CLEAR LEGAL DEFINITION" is, on the surface, problematic. </span><font color=3D"#000000">It doesn't matter whether the user says NO or YES or the registrar says no or yes, or whether it is objective or clear, the test is whether any information can be combined with other information to reveal an identifiable living person. I would argue, absent a wholesale change in the reasoning used by the CJEU, this would remain the case for the foreseeable future. This is not intended as a Mark Leiser argument or an attempt to discredit what you are saying, but an honest account of how I think the Courts and the EU data protection Board would react to what you are proposing. </font><br> </font></div> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">You asked about <a hr= ef=3D"https://iapp.org/news/a/are-ip-addresses-generated-when-users-visit= -websites-personal-information/#:~:text=3DUnder%20the%20EU%20General%20Da= ta,header%20information%20that%20website%20hosts" target=3D"_blank" moz-d= o-not-send=3D"true"> IP addresses</a>, 'port numbers', 'browser config', etc could be used to identify you personally. Yes, absolutely. This is personal data in the EU - if it can relate to a living person. What your writing&n= bsp;here reveals, is that you are a little confused about how the GDPR works - the GDPR does not rely on 'consen= t' or 'explicit permission' as the only basis for processing personal data. Remember the GDPR has six<a h= ref=3D"https://gdpr-info.eu/art-6-gdpr/" target=3D"_blank" moz-do-not-sen= d=3D"true"> grounds of processing</a>. It is a prohibitive regulation. You cannot process personal data in the EU unless you satisfy one of those six grounds. Most companies will NOT be processing on the basis of 'consent' but on 'legitimate interests' (Article 6(1)(f)) or performance of a contract (Article 6(1)(b)). Don't worry, this is an extremely common mistake among American attorneys! As most of these items are "technical', I would also imagine that there is a 'legal requirement' (another ground) or a lawful basis. All ISPs will be processing personal data through 'IP addresses', 'port browsers', and 'browser config' because of the legal basis found in <a hre= f=3D"https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=3DCELEX:320= 02L0058&from=3DEN" target=3D"_blank" moz-do-not-send=3D"true">Article= 15 of the e-Privacy Directive</a> which provides Member States with a specific exemption for the purposes of national security. If not covered by this, I would imagine they would rely on 'legitimate interests' as their ground instead. </font></div> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">Finally, even if a registrar has a legitimate interest in processing someone's personal data, this does not address the <i>privacy </i>requirements that i indicated in my previous email. Unless there is a specific provision put into law, I do not know how the registrar can remain compliant with the GDPR and the EU's privacy requirements. In fact, I don't know how the EU can even comment on this, because, of course, the EU Charter is a legal framework completely distinct from the European Convention of Human Rights. </font></= div> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">One more thing to consider - if you choose to disclose your name, address, and designate as the contact person of a legal person, what happens when that person exercises their 'right to be forgotten' right under Article 17 GDPR. Maybe Milton Mueller the person chooses to leave the legal entity MM Porkbelly Diner, adopts a vegan lifestyle, and wants no affiliation with the busin= ess? If it's published, he can demand a correction= of the database thereof. So what then? </font></div> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">Regards,</font></div> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">Mark </font></di= v> <div> <div> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div> <div style=3D"font-si= ze:12.8px"><br> </div> <div style=3D"font-si= ze:12.8px"><b><font color=3D"#674ea7"><span style=3D"font-size:small;font= -family:Tahoma">Dr Mark Leiser | </span><span st= yle=3D"font-size:small">Law and Digital Technologies&nb= sp;</span><span style=3D"font-size:small;font-family:Tahoma">| FRSA FHEA&= nbsp;</span><span style=3D"font-family:Tahoma;font-size:small">|</span></= font></b></div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> <br> </div> </div> <br> <div class=3D"gmail_quote"> <div dir=3D"ltr" class=3D"gmail_attr">On Tue, 27 Apr 2021 a= t 20:35, Mueller, Milton L <<a href=3D"mailto:milton@gat= ech.edu" target=3D"_blank" moz-do-not-send=3D"true">[log in to unmask]</a>= > wrote:<br> </div> <blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0= px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> <div lang=3D"EN-US"> <div> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;= font-family:Calibri,sans-serif;color:rgb(31,73,125)">Mark, </span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;= font-family:Calibri,sans-serif;color:rgb(31,73,125)">Thanks for your intervention. Here is the complete definition of personal data in GDPR:</span></p> <p class=3D"MsoNormal" style=3D"margin-right:0in;marg= in-bottom:12pt;margin-left:30pt;background:white;vertical-align:baseline"= ><span style=3D"color:rgb(51,51,51)">=E2=80=98personal data=E2=80=99 means any information relating to an identified or identifiable natural person (=E2=80=98data sub= ject=E2=80=99); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;= font-family:Calibri,sans-serif;color:rgb(31,73,125)">Alas, this raises more questions than it answers. It is not entirely clear what =E2=80=9Crelating to=E2= =80=9D means in this construct. E.g., if the name of my company is Milton Mueller=E2=80=99s Porkbelly Din= er, is the name relating to me as a person, or to my business? Strictly speaking it=E2=80=99s a busine= ss name. But it could be used to identify me. An overly broad interpretation of this definition would classify ANY data about ANYTHING as =E2=80=9Cpersonal data=E2=80=9D because at some p= oint it could be =E2=80=9Crelated to=E2=80=9D an =E2=80=9Cident= ifiable natural person.=E2=80=9D So suddenly the business name be= comes personal data. Or a bunch of obscure technical indicators inherent in your use of the internet, such as port numbers, browser config, etc., could be =E2=80=9Crelated=E2=80=9D to your ISP ac= count number, and then used to identify you, personally. But does that mean that every website and hosting service in the world that uses that technical data in the course of their operations cannot process that info without your explicit permission, because it=E2=80=99s =E2=80=9Cpersona= l data?=E2=80=9D I hope not, because the internet would cease to function if so. </span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;= font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p> <div> <div> <p class=3D"MsoNormal"><span style=3D"font-family= :Arial,sans-serif;color:rgb(31,73,125)">></span><span style=3D"font-fa= mily:Arial,sans-serif">Therefore, <a href=3D"mailto:[log in to unmask]" target=3D"_= blank" moz-do-not-send=3D"true">[log in to unmask]</a> is personal data if someone behind it is identifiable.<span style=3D"color:rgb(31,73,1= 25)"></span></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:1= 1pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p= > <p class=3D"MsoNormal"><span style=3D"font-size:1= 1pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">My point is that whether the user of <a href=3D"mailto:[log in to unmask]" target=3D"_= blank" moz-do-not-send=3D"true">[log in to unmask]</a> is identifiable does not depend on that chunk of data, but on a bunch of activities that relate that data to other things. And in a digital world with powerful processing capabilities, no one can fully control those correlations and searches. Any attempt to do so simply cripples the entire information economy. So the idea of looking at a registration record and saying =E2=80=9Cis th= ere personal data in here or not=E2=80=9D is a completely invalid test.</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:1= 1pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p= > <p class=3D"MsoNormal"><span style=3D"font-size:1= 1pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">There is an eerie similarity between these exaggerated applications of privacy law and the copyright maximalists of the 1990s. The IP interests thought you needed permission to transmit a copyrighted work over the internet, a claim that would have crippled ISPs who had no idea what packets were parts of copyrighted material or not. Privacy maximalists have reached the same point of absurdity, but they don=E2=80=99t seem to rea= lize it. They are no longer protecting a tangible privacy interest of internet users, they are trying to give individuals rigid control over information exchanges and imposing largely meaningless consent requirements that do no one any good.</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:1= 1pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p= > </div> <div> <p class=3D"MsoNormal"><span style=3D"color:rgb(3= 1,73,125)">></span>The confusion comes from Recital 14 of the GDP= R which states that it only applies to natural persons and does not cover the processing of personal data concerning legal persons, in particular undertakings established as legal persons or legal entities. This also includes the name of the legal person, the form, and the contact details of the legal person.<span s= tyle=3D"color:rgb(31,73,125)"> </span>But the second you start adding identifiers to these details, it stops becoming the data of a 'legal person' and starts becoming personal data. </p> <p class=3D"MsoNormal"><span style=3D"font-size:1= 1pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p= > <p class=3D"MsoNormal"><span style=3D"font-size:1= 1pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Yes, indeed, the GDPR is confused on this score. Unfortunately, you don=E2=80=99t escape that confusion by saying =E2=80=9Cadding identifie= rs=E2=80=9D is the problem. Your argument fails because names of legal persons and contact details ARE =E2=80=9Cidentifiers,=E2=80=9D they are j= ust identifiers of legal persons. As I pointed out they can easily overlap with, or be used to identify, natural persons. </span></p> <p class=3D"MsoNormal"><span style=3D"font-size:1= 1pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p= > <p class=3D"MsoNormal"><span style=3D"font-size:1= 1pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">So my basic point is that we do not solve this problem by reference to GDPR definitions. In fact if GDPR is taken literally no one can ever publish and share any kind of information without absurd overhead and legal bureaucracy, because ALL of it can be used to identify you in some way. These kinds of interpretations actually discredit privacy laws and protections, by taking them to counterproductive lengths. We have to make common sense-based, practical distinctions between what data needs protection, what data can be easily shared at the registrants=E2=80=99 choice.</span></p= > </div> <div> <p class=3D"MsoNormal"> </p> </div> <div> <p class=3D"MsoNormal">Secondly, I find this statement, "I think it is simplest to just= say to the registrant, if you=E2=80=99re a company = and don=E2=80=99t mind (or even want) your data to = be published, check this box. If you=E2=80=99re no= t, or you do mind, don=E2=80=99t check it." = ; to be BOTH perplexing and inaccurate. Whether s= omeone checks the box, or does not check the box is completely irrelevant for determining whether it is personal data. Whether someone checks the box is a question of CONSENT to processing AND publication, not whether this amounts to personal data. <span style=3D"color:rgb(31,73,1= 25)"></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:1= 1pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p= > <p class=3D"MsoNormal"><span style=3D"font-size:1= 1pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">We actually seem to agree here, more than you think. I am saying that the user, the registrant, gets to decide what is personal data or not, because THERE IS NO OBJECTIVE, CLEAR LEGAL DEFINITION. So the user can decide whether they want to be classified as a legal person and =E2=80=9Cconsent=E2=80=9D = to publishing their data or not. As an example, that if I decide that publishing the name of =E2=80=9CM= ilton Mueller=E2=80=99s Porkbelly Diner=E2=80=9D is= not a violation of my privacy, it isn=E2=80=99t. It doesn=E2=80=99t matter what the European Unio= n says, it=E2=80=99s my choice. </span></= p> <p class=3D"MsoNormal"><span style=3D"font-size:1= 1pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p= > <p class=3D"MsoNormal"><span style=3D"font-size:1= 1pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">And let=E2=80=99s not overlook the embarrassing f= act that the European Union is now one of the key players pushing hard for publication of legal person data. But I=E2=80=99ll leave tha= t one to later. </span></p> </div> </div> </div> </div> </blockquote> </div> </blockquote> </div> </div> </blockquote> </body> </html> --------------7173DD34AA119951C91A2414-- ========================================================================= Date: Wed, 28 Apr 2021 20:04:02 -0400 Reply-To: Raphael Beauregard-Lacroix <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: Raphael Beauregard-Lacroix <[log in to unmask]> Subject: Re: EPDP policy issues - [adding Kathy] X-To: Stephanie E Perrin <[log in to unmask]> In-Reply-To: <[log in to unmask]> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="000000000000529e6605c1113cce" Message-ID: <[log in to unmask]> --000000000000529e6605c1113cce Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I've always found the natural/legal distinction to be doubtful in this context, but still I prefer Milton's position, maybe with a slight modification. The determination of what is and isnt personal data will be in the hands of DPAs or judges, at the end of the day. As it has been noted several times, the definition we're looking at is a relative one: one piece of data may be personal data in some context, and not in others; and may even be personal data in the hands of some persons, and not others... the key being whether it allows the identification of a natural person. Hence for the purpose of the scope of the law and its operation, it does not matter whether one says "there is no personal data in these form fields" or "I am not a natural person but a legal person." Not that people are idiots and cannot understand the law, but their determination is not binding on anyone and does not have legal effect. For example, if I claim to be a legal person (hence out of scope of the law) and proceed to give someone else's full address+name+phone number, the fact that this data may genuinely relate to a legal person, and that I made that claim by ticking a box, does not change the fact that the disclosure, in this case, amounts to processing of personal data, which puts me "back" into the scope of the law= . It does matter, however, whether someone says "I consent to this processing of data *about me*" (here would be the modification) That makes the processing legal, provided that the general rules on consent and the provision of information about the processing are followed. Consent as a basis is fraught with issues, but even for those like me who are generally skeptical of it, I think that the processing and the data concerned are narrow/limited enough to make consent an otherwise "acceptable" legal basis for processing. Now if in consenting, people end up disclosing personal data pertaining to someone else, willingly or unwillingly, with or without "bad" intent, well yes we do have a problem... and ticking an additional box will not absolve them of liability under their local law (or any other), as the case may be. If that is such a potential issue, however, then the only solution that I see is not to have any disclosures possible outside of mandatory ones. But that would be out of scope, as I understand it, and as pointed out by Manju, and would raise the potentially valid point of what if someone wants to disclose. Additionally, I do not think that forcing mandatory rules or refraining from saying anything would be a good idea at this point. Have a nice day, On Wed, Apr 28, 2021 at 10:53 AM Stephanie E Perrin < [log in to unmask]> wrote: > Thanks again Manju, for your untiring efforts to get us to solve this > disagreement about next steps. I am going to try to summarize my thinkin= g > on this, without diving into the complexity of the law and the difficulti= es > inherent in implementing it. > > 1. The push to distinguish between legal and natural is not new. We > fought it in the PPSAI, and won. In phase 1 EPDP, we managed to get > recommendation #6 through, but with the concession that ICANN would do a > study on legal natural, and that we would reexamine. My position is > basically HOLD THAT LINE! We do not need to change our position, we can > examine the matter, take a look at what guidance would do, and maintain t= he > status quo. > > 2. We have sought advice from Bird and Bird on mitigating the risk to > contracted parties in terms of how they provide information to their > registrants, in order to be in full compliance with data protection law > (viewed through the GDPR lens). For the contracted parties, nothing in > there eliminates the risk that the data controller has, but certainly > guidance mitigates it. However, remember that civil society can take a > case under GDPR, and if I were advising civil society as to how to take a > case, I would point out the history of WHOIS, the dogged determination of > ICANN and the IP and business community to get back to the good old WHOIS= , > the lack of evidence that forcing this determination on smaller actors wi= ll > indeed result in greater security and stability of the DNS, and the > unequal power relationship between ICANN the regulator and the contracted > parties who must be accredited to do business. Third party data accessor= s > are driving this process, and registrants are basicly being represented b= y > ourselves, and the Registrars who have them as customers. I think we hav= e > a responsibility not to cave in. > > 3. A word on small business, sole proprietors, and home based > entrepreneurs or gig workers. We are the Non-commercial stakeholders, so > we do not claim to represent them. Frankly, I don't know who does here a= t > ICANN, in my 8 years of volunteering at ICANN I have never heard the ALAC > folks advance a cohesive argument on behalf of these folks (or even an > argument, but I hesitate to say that because someone will trawl through t= he > archives and come up with someone defending the little guy against giant > corporations). Certainly they are not speaking for them at the EPDP, the= y > are speaking for government, law enforcement, and cybersecurity > operatives. As folks who care about human rights and fairness to > developing economies, I think we should care about how much this > differentiation between legal persons and natural persons does not work i= n > countries other than the EU states and the US. Countries around the worl= d > have different ways to describe small business, different ways to regulat= e > it, and this differentiation may not match tax schemes, municipal > registration patterns, etc. There is of course an additional barrier in > the matter of languages. > > 4. Remember that what we are arguing about is not providing access to > data about suspected legal persons through the SSAD. We are arguing abou= t > Automatic disclosure based on the choice the individual makes, legal or > natural person. As I have said before, the skies are not going to fall i= f > the legitimate requestors have to request the data and get it in one or t= wo > business days, as opposed to having it pre-emptively disclosed. Remembe= r > that the registrar or his reseller has a wealth of other day about their > customer that is "below the surface", most importantly credit card info, > billing address for the credit card, emails, IP address etc. They can lo= ok > at that data if necessary, to figure out whether they are dealing with a > company or a person. However, the SSAD does not have access to that data= . > If we encourage this differentiation by putting guidance into the policy, > then we are heading for the slippery slope of automated disclosure. > Remember that there is already a section in there that once the data has > been verified as pertaining to a legal person and not containing personal > data, it MUST be disclosed. What happens when that legal entity moves to= a > jurisdiction where employees have privacy rights, either under data > protection law or other laws such as labour laws or contracts? There is = a > good chance that some of their data becomes personal. > > 5. Registrars already have excellent advice for their members available > through their own websites. Remember that at ICANN we are only dealing > with the big ones, and the responsible ones. We have to consider whether > any activity we sanction in this policy induces the lazy ones to cut > corners. They are used to disclosing everything in the WHOIS, if given a= n > opportunity to revert to that by creating this distinction, they will mos= t > likely do what is easiest. At the moment, under the temp spec and articl= e > 6, the easiest thing to do is to consider these grey area folks as natura= l > persons unless proven otherwise, and protect the data. Why on earth woul= d > we not choose this option? There is no law telling us to do otherwise, a= nd > there is certainly a great deal of law out there that makes differentiati= on > a legal risk that carries liability and cost. We want domain names to > remain affordable, and we want our people protected. > > 6. One more thing: remember that not all domain names are used for > websites engaged in commerce. Some are being held by individuals for > future use. Disclosure provides market information to big players who ma= y > want to prevent the name from being used, or to purchase them, but there = is > no harm emanating from them in dormancy, and small players need not have > their competitive positions compromised in this way. Most of the online > crime that we hear adduced to justify disclosure of data is coming from > websites. Websites can be regulated to protect consumers, but that is no= t > within ICANN's bailiwick. Folks come to ICANN to demand this activity > because other multilateral instruments have failed, but given the lack of > oversight over ICANN, the responsibility to ensure fairness and human > rights are respected falls on the shoulders of the stakeholders engaged > here. > > 7. Finally: Several folks are worried that governments will regulate if > we do not concede here. I say let them, the Courts and the Constitution > and the much more rigorous defences against incursions into human rights > available within countries will prevail. It certainly will in the EU, > where the draft NIS is progressing.....I keep pointing out the Opinion of > the European Data Protection Supervisor on this matter, so one more time > here it is > https://www.google.com/search?client=3Dfirefox-b-d&q=3Dedps+on+the+nis+di= rective. > As for the increasing number of autocratic countries interested in > curtailing the free speech and internet rights of their citizens, they ar= e > regulating anyway and nothing that ICANN does is going to persuade them > otherwise. A good example of us falling on the side of customer protecti= on > might at least give those individuals in these countries something to poi= nt > to, as opposed to caving in to threats. > > cheers Stephanie Perrin > On 2021-04-27 11:56 p.m., =E9=99=B3=E6=9B=BC=E8=8C=B9 Manju Chen wrote: > > *EXTERNAL EMAIL:* > Hi all, > > This has been a very helpful discussion. Our ultimate goal is to finalize > an NCSG position, and I'd like to provide some context in the interest of > reaching that goal. > > Some have pointed out that the question of 'do you agree to publish your > data' is a much better one than 'are you a legal or natural person'. I > totally agree. But we already have that in the policy. In the EPDP phase = 1 > final report, recommendation #6 reads: > >> The EPDP Team recommends that, as soon as commercially reasonable, >> Registrar must provide the opportunity for the Registered Name Holder to >> provide its Consent to publish redacted contact information, as well as >> the email address, in the RDS for the sponsoring registrar. > > > In the EPDP phase2A, the WG is tasked to address the following questions: > > 1. Whether any updates are required to the EPDP Phase 1 recommendation > on this topic (=E2=80=9CRegistrars and Registry Operators are permitte= d to > differentiate between registrations of legal and natural persons, but = are > not obligated to do so=E2=80=9C); > 2. What guidance, if any, can be provided to Registrars and/or > Registries who differentiate between registrations of legal and natura= l > persons. > > So it's not that we 'want' the distinction of natural vs. legal. It's the > task we're given, and per the WG chair's last email to the EPDP team, it'= s > not something we can avoid. We have to stick to the 'natural vs. legal > persons' rhetoric to answer the questions. > > Of course, we can simply assert that 'there's no update needed' and let > the contracted parties do whatever they want when they feel like making t= he > distinction. I was personally very tempted by this option every now and > then. However, as Milton pointed out in another email, we are already > developing guidance in the EPDP, so that option seems far-fetched. > > I hope this explains some of the confusion and helps us to consider > Milton's 4 options in the other email. > > Thanks! > > > Best, > Manju > > On Wed, Apr 28, 2021 at 4:40 AM Mark Leiser <[log in to unmask]> wrote: > >> Hi Milton, >> >> First let me say I completely agree with you on your statements about >> European data privacy. I feel like I've dedicated most of my professiona= l >> life arguing about the dangers of privacy and data protection maximalism= - >> yet almost always feel like my arguments on deaf ears. While people are >> arguing that 'everything is personal data', I've been arguing that this >> makes the regime unmanageable. >> >> So let me try to explain 'relating to' with reference to 'Milton >> Mueller's Porkbelly Diner'. Because of Recital 14, this would amount to = a >> legal person. It's pretty clear that the intention of the GDPR's drafter= s >> was to exclude legal persons. However, let's say you have registered 'MM >> Porkbelly Diner' in the register of companies. I think you would agree t= hat >> this would amount to information about a legal person. But say >> someone searched the company register and discovered Milton Mueller was = the >> principal shareholder of MM Porkbelly Diner. This is an identifier which >> would *tie nformation about Milton Mueller to* 'MM PorkBelly Diner'. >> Therefore, this is 'any information' 'relating to' an identified or >> identifiable living person. It would be reasonable to infer that MM >> registered in the registrar database under MM PorkBelly Diner is the sam= e >> as the Milton Mueller that is in the register of companies. The fact tha= t >> someone can combine the knowledge from the company register with the >> knowledge from the registrar database could make 'MM Porkbelly Diner' >> personal data under Article 4(1) of the GDPR. Someone who did not disclo= se >> their identity at all could still be identifiable; hence, the perceived >> need for protection in the EU data protection regime. >> >> "I am saying that the user, the registrant, gets to decide what is >> personal data or not, because THERE IS NO OBJECTIVE, CLEAR LEGAL >> DEFINITION" is, on the surface, problematic. It doesn't matter whether >> the user says NO or YES or the registrar says no or yes, or whether it i= s >> objective or clear, the test is whether any information can be combined >> with other information to reveal an identifiable living person. I would >> argue, absent a wholesale change in the reasoning used by the CJEU, this >> would remain the case for the foreseeable future. This is not intended a= s a >> Mark Leiser argument or an attempt to discredit what you are saying, but= an >> honest account of how I think the Courts and the EU data protection Boar= d >> would react to what you are proposing. >> >> You asked about IP addresses >> <https://iapp.org/news/a/are-ip-addresses-generated-when-users-visit-web= sites-personal-information/#:~:text=3DUnder%20the%20EU%20General%20Data,hea= der%20information%20that%20website%20hosts>, >> 'port numbers', 'browser config', etc could be used to identify you >> personally. Yes, absolutely. This is personal data in the EU - if it can >> relate to a living person. What your writing here reveals, is that you a= re >> a little confused about how the GDPR works - the GDPR does not rely on >> 'consent' or 'explicit permission' as the only basis for processing >> personal data. Remember the GDPR has six grounds of processing >> <https://gdpr-info.eu/art-6-gdpr/>. It is a prohibitive regulation. You >> cannot process personal data in the EU unless you satisfy one of those s= ix >> grounds. Most companies will NOT be processing on the basis of 'consent' >> but on 'legitimate interests' (Article 6(1)(f)) or performance of a >> contract (Article 6(1)(b)). Don't worry, this is an extremely common >> mistake among American attorneys! As most of these items are "technical'= , I >> would also imagine that there is a 'legal requirement' (another ground) = or >> a lawful basis. All ISPs will be processing personal data through 'IP >> addresses', 'port browsers', and 'browser config' because of the legal >> basis found in Article 15 of the e-Privacy Directive >> <https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=3DCELEX:32002L= 0058&from=3DEN> which >> provides Member States with a specific exemption for the purposes of >> national security. If not covered by this, I would imagine they would re= ly >> on 'legitimate interests' as their ground instead. >> >> Finally, even if a registrar has a legitimate interest in processing >> someone's personal data, this does not address the *privacy *requirement= s >> that i indicated in my previous email. Unless there is a specific provis= ion >> put into law, I do not know how the registrar can remain compliant with = the >> GDPR and the EU's privacy requirements. In fact, I don't know how the EU >> can even comment on this, because, of course, the EU Charter is a legal >> framework completely distinct from the European Convention of Human Righ= ts. >> >> One more thing to consider - if you choose to disclose your name, >> address, and designate as the contact person of a legal person, what >> happens when that person exercises their 'right to be forgotten' right >> under Article 17 GDPR. Maybe Milton Mueller the person chooses to leave = the >> legal entity MM Porkbelly Diner, adopts a vegan lifestyle, and wants no >> affiliation with the business? If it's published, he can demand a >> correction of the database thereof. So what then? >> >> Regards, >> >> Mark >> >> *Dr Mark Leiser | Law and Digital Technologies | FRSA FHEA |* >> >> >> On Tue, 27 Apr 2021 at 20:35, Mueller, Milton L <[log in to unmask]> >> wrote: >> >>> Mark, >>> >>> Thanks for your intervention. Here is the complete definition of >>> personal data in GDPR: >>> >>> =E2=80=98personal data=E2=80=99 means any information relating to an id= entified or >>> identifiable natural person (=E2=80=98data subject=E2=80=99); an identi= fiable natural >>> person is one who can be identified, directly or indirectly, in particu= lar >>> by reference to an identifier such as a name, an identification number, >>> location data, an online identifier or to one or more factors specific = to >>> the physical, physiological, genetic, mental, economic, cultural or soc= ial >>> identity of that natural person; >>> >>> Alas, this raises more questions than it answers. It is not entirely >>> clear what =E2=80=9Crelating to=E2=80=9D means in this construct. E.g.,= if the name of my >>> company is Milton Mueller=E2=80=99s Porkbelly Diner, is the name relati= ng to me as >>> a person, or to my business? Strictly speaking it=E2=80=99s a business = name. But it >>> could be used to identify me. An overly broad interpretation of this >>> definition would classify ANY data about ANYTHING as =E2=80=9Cpersonal = data=E2=80=9D >>> because at some point it could be =E2=80=9Crelated to=E2=80=9D an =E2= =80=9Cidentifiable natural >>> person.=E2=80=9D So suddenly the business name becomes personal data. O= r a bunch of >>> obscure technical indicators inherent in your use of the internet, such= as >>> port numbers, browser config, etc., could be =E2=80=9Crelated=E2=80=9D = to your ISP account >>> number, and then used to identify you, personally. But does that mean t= hat >>> every website and hosting service in the world that uses that technical >>> data in the course of their operations cannot process that info without >>> your explicit permission, because it=E2=80=99s =E2=80=9Cpersonal data?= =E2=80=9D I hope not, because >>> the internet would cease to function if so. >>> >>> >>> >>> >Therefore, [log in to unmask] is personal data if someone behind it is >>> identifiable. >>> >>> >>> >>> My point is that whether the user of [log in to unmask] is identifiable >>> does not depend on that chunk of data, but on a bunch of activities tha= t >>> relate that data to other things. And in a digital world with powerful >>> processing capabilities, no one can fully control those correlations an= d >>> searches. Any attempt to do so simply cripples the entire information >>> economy. So the idea of looking at a registration record and saying =E2= =80=9Cis >>> there personal data in here or not=E2=80=9D is a completely invalid tes= t. >>> >>> >>> >>> There is an eerie similarity between these exaggerated applications of >>> privacy law and the copyright maximalists of the 1990s. The IP interest= s >>> thought you needed permission to transmit a copyrighted work over the >>> internet, a claim that would have crippled ISPs who had no idea what >>> packets were parts of copyrighted material or not. Privacy maximalists = have >>> reached the same point of absurdity, but they don=E2=80=99t seem to rea= lize it. >>> They are no longer protecting a tangible privacy interest of internet >>> users, they are trying to give individuals rigid control over informati= on >>> exchanges and imposing largely meaningless consent requirements that do= no >>> one any good. >>> >>> >>> >>> >The confusion comes from Recital 14 of the GDPR which states that it >>> only applies to natural persons and does not cover the processing of >>> personal data concerning legal persons, in particular undertakings >>> established as legal persons or legal entities. This also includes the = name >>> of the legal person, the form, and the contact details of the legal per= son. But >>> the second you start adding identifiers to these details, it stops beco= ming >>> the data of a 'legal person' and starts becoming personal data. >>> >>> >>> >>> Yes, indeed, the GDPR is confused on this score. Unfortunately, you >>> don=E2=80=99t escape that confusion by saying =E2=80=9Cadding identifie= rs=E2=80=9D is the problem. >>> Your argument fails because names of legal persons and contact details = ARE >>> =E2=80=9Cidentifiers,=E2=80=9D they are just identifiers of legal perso= ns. As I pointed out >>> they can easily overlap with, or be used to identify, natural persons. >>> >>> >>> >>> So my basic point is that we do not solve this problem by reference to >>> GDPR definitions. In fact if GDPR is taken literally no one can ever >>> publish and share any kind of information without absurd overhead and l= egal >>> bureaucracy, because ALL of it can be used to identify you in some way. >>> These kinds of interpretations actually discredit privacy laws and >>> protections, by taking them to counterproductive lengths. We have to ma= ke >>> common sense-based, practical distinctions between what data needs >>> protection, what data can be easily shared at the registrants=E2=80=99 = choice. >>> >>> >>> >>> Secondly, I find this statement, "I think it is simplest to just say to >>> the registrant, if you=E2=80=99re a company and don=E2=80=99t mind (or = even want) your data >>> to be published, check this box. If you=E2=80=99re not, or you do mind,= don=E2=80=99t check >>> it." to be BOTH perplexing and inaccurate. Whether someone checks the >>> box, or does not check the box is completely irrelevant for determining >>> whether it is personal data. Whether someone checks the box is a questi= on >>> of CONSENT to processing AND publication, not whether this amounts to >>> personal data. >>> >>> >>> >>> We actually seem to agree here, more than you think. I am saying that >>> the user, the registrant, gets to decide what is personal data or not, >>> because THERE IS NO OBJECTIVE, CLEAR LEGAL DEFINITION. So the user can >>> decide whether they want to be classified as a legal person and =E2=80= =9Cconsent=E2=80=9D >>> to publishing their data or not. As an example, that if I decide that >>> publishing the name of =E2=80=9CMilton Mueller=E2=80=99s Porkbelly Dine= r=E2=80=9D is not a >>> violation of my privacy, it isn=E2=80=99t. It doesn=E2=80=99t matter wh= at the European >>> Union says, it=E2=80=99s my choice. >>> >>> >>> >>> And let=E2=80=99s not overlook the embarrassing fact that the European = Union is >>> now one of the key players pushing hard for publication of legal person >>> data. But I=E2=80=99ll leave that one to later. >>> >> --000000000000529e6605c1113cce Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">I've always found the natural/legal distinction to be = doubtful in=C2=A0this context, but still I prefer Milton's position, ma= ybe with a slight modification.<div><br></div><div>The determination of wha= t is and isnt=C2=A0personal data will be in the hands of DPAs or judges, at= the end of the day. As it has been noted several times, the definition we&= #39;re looking at is a relative one: one piece of data may be personal data= in some context, and not in others; and may even be personal data in the h= ands of some persons, and not others... the key being whether it allows the= identification of a natural person.=C2=A0</div><div><br></div><div>Hence f= or the purpose of the scope of the law and its operation, it does not matte= r whether one says "there is no personal data in these form fields&quo= t; or "I am not a natural person but a legal person." Not that pe= ople are idiots and cannot understand the law, but their determination is n= ot binding on anyone and does not have legal effect. For example, if I clai= m to be a legal person (hence out of scope of the law) and proceed to give = someone else's full address+name+phone number, the fact that this data = may genuinely relate to a legal person, and that I made that claim by ticki= ng a box, does not change the fact that the disclosure, in this case, amoun= ts to processing of personal data, which puts me "back" into the = scope of the law.</div><div><br></div><div>It does matter, however, whether= someone says "I consent to this processing of data <i>about me</i>&qu= ot; (here would be the modification) That makes the processing legal, provi= ded that the general rules on consent and the provision of information abou= t the processing are followed.=C2=A0</div><div><br></div><div>Consent as a = basis is fraught with issues, but even for those like me who are generally = skeptical of it, I think that the processing and the data concerned are nar= row/limited enough to make consent an otherwise "acceptable" lega= l basis for processing.=C2=A0</div><div><br></div><div>Now if in consenting= , people end up disclosing personal data pertaining=C2=A0to someone else, w= illingly or unwillingly, with or without "bad" intent, well yes w= e do have a problem... and ticking an additional box will not absolve them = of liability under their local law (or any other), as the case may be. If t= hat is such a potential issue, however, then the only solution that I see i= s not to have any disclosures possible outside of mandatory ones. But that = would be out of scope, as I understand it, and as pointed out by Manju, and= would raise the potentially valid point of what if someone wants to disclo= se.=C2=A0</div><div><br></div><div>Additionally, I do not think that forcin= g mandatory rules or refraining from saying anything would be a good idea a= t this point.=C2=A0</div><div><br></div><div>Have a nice day,=C2=A0</div><d= iv><br></div><div><br></div><div></div><div></div><div></div></div><br><div= class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Wed, Apr 28= , 2021 at 10:53 AM Stephanie E Perrin <<a href=3D"mailto:stephanie.perri= [log in to unmask]" target=3D"_blank">[log in to unmask]</a>= > wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px = 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> =20 <div> <p>Thanks again Manju, for your untiring efforts to get us to solve this disagreement about next steps.=C2=A0 I am going to try to summarize my thinking on this, without diving into the complexity of the law and the difficulties inherent in implementing it.</p> <p>1.=C2=A0 The push to distinguish between legal and natural is not new.=C2=A0 We fought it in the PPSAI, and won.=C2=A0 In phase 1 EPDP,= we managed to get recommendation #6 through, but with the concession that ICANN would do a study on legal natural, and that we would reexamine.=C2=A0 My position is basically HOLD THAT LINE!=C2=A0 We do= not need to change our position, we can examine the matter, take a look at what guidance would do, and maintain the status quo.</p> <p>2.=C2=A0 We have sought advice from Bird and Bird on mitigating the risk to contracted parties in terms of how they provide information to their registrants, in order to be in full compliance with data protection law (viewed through the GDPR lens).=C2=A0 For the contracted parties, nothing in there eliminates the risk that the data controller has, but certainly guidance mitigates it.=C2=A0 However, remember that civil society can take a case under GDPR, and if I were advising civil society as to how to take a case, I would point out the history of WHOIS, the dogged determination of ICANN and the IP and business community to get back to the good old WHOIS, the lack of evidence that forcing this determination on smaller actors will indeed result in greater security and stability=C2=A0 of the DNS, and the unequal power relationship between ICANN the regulator and the contracted parties who must be accredited to do business.=C2=A0 Third party data accessors are driving this process, and registrants are basicly being represented by ourselves, and the Registrars who have them as customers.=C2=A0 I think we have a responsibility not to cave in.<= /p> <p>3.=C2=A0 A word on small business, sole proprietors, and home based entrepreneurs or gig workers.=C2=A0 We are the Non-commercial stakeholders, so we do not claim to represent them.=C2=A0 Frankly, I don't know who does here at ICANN, in my 8 years of volunteering at ICANN I have never heard the ALAC folks advance a cohesive argument on behalf of these folks (or even an argument, but I hesitate to say that because someone will trawl through the archives and come up with someone defending the little guy against giant corporations).=C2=A0 Certainly they are not speaking for them a= t the EPDP, they are speaking for government, law enforcement, and cybersecurity operatives.=C2=A0 As folks who care about human rights and fairness to developing economies, I think we should care about how much this differentiation between legal persons and natural persons does not work in countries other than the EU states and the US.=C2=A0 Countries around the world have different ways to describe small business, different ways to regulate it, and this differentiation may not match tax schemes, municipal registration patterns, etc.=C2=A0 There is of course an additional barrier in the matter of languages.<br> </p> <p>4.=C2=A0 Remember that what we are arguing about is not providing access to data about suspected legal persons through the SSAD.=C2=A0 = We are arguing about Automatic disclosure based on the choice the individual makes, legal or natural person.=C2=A0 As I have said befor= e, the skies are not going to fall if the legitimate requestors have to request the data and get it in one or two business days, as opposed to having it pre-emptively disclosed. =C2=A0 Remember that th= e registrar or his reseller has a wealth of other day about their customer that is "below the surface", most importantly cred= it card info, billing address for the credit card, emails, IP address etc.=C2=A0 They can look at that data if necessary, to figure out whether they are dealing with a company or a person.=C2=A0 However, t= he SSAD does not have access to that data.=C2=A0 If we encourage this differentiation by putting guidance into the policy, then we are heading for the slippery slope of automated disclosure. Remember that there is already a section in there that once the data has been verified as pertaining to a legal person and not containing personal data, it MUST be disclosed.=C2=A0 What happens when that leg= al entity moves to a jurisdiction where employees have privacy rights, either under data protection law or other laws such as labour laws or contracts?=C2=A0 There is a good chance that some of their data becomes personal.<br> </p> <p>5.=C2=A0 Registrars already have excellent advice for their members available through their own websites.=C2=A0 Remember that at ICANN we are only dealing with the big ones, and the responsible ones.=C2=A0 W= e have to consider whether any activity we sanction in this policy induces the lazy ones to cut corners.=C2=A0 They are used to disclosi= ng everything in the WHOIS, if given an opportunity to revert to that by creating this distinction, they will most likely do what is easiest.=C2=A0 At the moment, under the temp spec and article 6, the easiest thing to do is to consider these grey area folks as natural persons unless proven otherwise, and protect the data.=C2=A0 Why on earth would we not choose this option?=C2=A0 There is no law telling us to do otherwise, and there is certainly a great deal of law out there that makes differentiation a legal risk that carries liability and cost.=C2=A0 We want domain names to remain affordable, and we want our people protected.</p> <p>6.=C2=A0 One more thing:=C2=A0 remember that not all domain names ar= e used for websites engaged in commerce.=C2=A0 Some are being held by individuals for future use.=C2=A0 Disclosure provides market information to big players who may want to prevent the name from being used, or to purchase them, but there is no harm emanating from them in dormancy, and small players need not have their competitive positions compromised in this way.=C2=A0 Most of the onli= ne crime that we hear adduced to justify disclosure of data is coming from websites.=C2=A0 Websites can be regulated to protect consumers, but that is not within ICANN's bailiwick.=C2=A0 Folks come to ICA= NN to demand this activity because other multilateral instruments have failed, but given the lack of oversight over ICANN, the responsibility to ensure fairness and human rights are respected falls on the shoulders of the stakeholders engaged here. <br> </p> <p>7.=C2=A0 Finally:=C2=A0 Several folks are worried that governments w= ill regulate if we do not concede here.=C2=A0 I say let them, the Courts and the Constitution and the much more rigorous defences against incursions into human rights available within countries will prevail.=C2=A0 It certainly will in the EU, where the draft NIS is progressing.....I keep pointing out the Opinion of the European Data Protection Supervisor on this matter, so one more time here it is <a href=3D"https://www.google.com/search?client=3Dfirefox-b-d&q=3Dedps+= on+the+nis+directive" target=3D"_blank">https://www.google.com/search?clien= t=3Dfirefox-b-d&q=3Dedps+on+the+nis+directive</a>.=C2=A0 As for the increasing number of autocratic countries interested in curtailing the free speech and internet rights of their citizens, they are regulating anyway and nothing that ICANN does is going to persuade them otherwise.=C2=A0 A good example of us falling on the si= de of customer protection might at least give those individuals in these countries something to point to, as opposed to caving in to threats.<br> </p> <p>cheers Stephanie Perrin<br> </p> <div>On 2021-04-27 11:56 p.m., =E9=99=B3=E6=9B=BC=E8=8C=B9 Manju Chen wrote:<br> </div> <blockquote type=3D"cite"> =20 <div style=3D"font-size:10pt;font-family:sans-serif;color:white;font-= style:normal;font-weight:bold;padding:0.2em"> <strong><span style=3D"color:rgb(199,80,0)">EXTERNAL EMAIL:</span><= /strong></div> <div> <div dir=3D"ltr"> <div class=3D"gmail_default" style=3D"font-family:arial,sans-seri= f;font-size:small">Hi all,</div> <div class=3D"gmail_default" style=3D"font-family:arial,sans-seri= f;font-size:small"><br> </div> <div class=3D"gmail_default" style=3D"font-family:arial,sans-seri= f;font-size:small">This has been a very helpful discussion. Our ultimate goal is to finalize an NCSG position, and I'd like to provide some context in the interest of reaching that goal.</div> <div class=3D"gmail_default" style=3D"font-family:arial,sans-seri= f;font-size:small"><br> </div> <div class=3D"gmail_default" style=3D"font-family:arial,sans-seri= f;font-size:small">Some have pointed out that the question of 'do you agree to publish your data' is a much better one than 'are you a legal or natural person'. I totally agree. But we already have that in the policy. In the EPDP phase 1 final report, recommendation #6 reads:=C2=A0</div> <blockquote style=3D"margin:0px 0px 0px 0.8ex;border-left:1px sol= id rgb(204,204,204);padding-left:1ex" class=3D"gmail_quote"> <span style=3D"font-family:Arial,Helvetica,sans-serif">The EPDP Team recommends that, as soon as commercially reasonable, Registrar must=C2=A0</span><span style=3D"font-fa= mily:Arial,Helvetica,sans-serif">provide the opportunity for the Registered Name Holder to provide its Consent to=C2=A0</span><span style=3D"font-family:Arial,Helve= tica,sans-serif">publish redacted contact information, as well as the email address, in the RDS for the=C2=A0</span><span style=3D"font-f= amily:Arial,Helvetica,sans-serif">sponsoring registrar.</span></blockquote> <div><br> </div> <div class=3D"gmail_default" style=3D"font-family:arial,sans-seri= f;font-size:small">In the EPDP phase2A, the WG is tasked to address the following questions:</div> <div class=3D"gmail_default" style=3D"font-family:arial,sans-seri= f;font-size:small"> <ol> <li>Whether any updates are required to the EPDP Phase 1 recommendation on this topic (=E2=80=9CRegistrars and Regis= try Operators are permitted to differentiate between registrations of legal and natural persons, but are not obligated to do so=E2=80=9C); </li> <li>What guidance, if any, can be provided to Registrars and/or Registries who differentiate between registrations of legal and natural persons.=C2=A0</li> </ol> <div>So it's not that we 'want' the distinction of natural=C2=A0vs. legal. It's the task we're given, an= d per the WG chair's last email to the EPDP team, it's not some= thing we can avoid. We have to stick to the 'natural vs. legal persons' rhetoric to answer the questions.=C2=A0</div> <div><br> </div> <div>Of course, we can simply assert that 'there's no u= pdate needed' and let the contracted parties do whatever they want when they feel like making the distinction. I was personally very tempted by this option every now and then. However, as Milton pointed out in another email, we are already developing guidance in the EPDP, so that option seems far-fetched.=C2=A0</div> <div><br> </div> <div>I hope this explains some of the confusion and helps us to consider Milton's 4 options in the other email.=C2=A0<= /div> <div><br> </div> <div>Thanks!</div> <div><br> </div> <div><br> </div> <div>Best,=C2=A0</div> <div>Manju</div> </div> </div> <br> <div class=3D"gmail_quote"> <div dir=3D"ltr" class=3D"gmail_attr">On Wed, Apr 28, 2021 at 4:4= 0 AM Mark Leiser <<a href=3D"mailto:[log in to unmask]" targ= et=3D"_blank">[log in to unmask]</a>> wrote:<br> </div> <blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8= ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> <div dir=3D"ltr"><font face=3D"arial, sans-serif">Hi Milton,</f= ont> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">First let me say I completely agree=C2=A0with you on=C2=A0your statements ab= out European data privacy. I feel like I've dedicated mos= t of my professional life arguing about the dangers of privacy=C2=A0and data protection maximalism - yet almost always feel=C2=A0like my arguments on deaf ears. While people are arguing that 'everything is personal data&= #39;, I've been arguing that this makes the regime unmanageable.=C2=A0</font></div> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">So let me try to explain 'relating to' with=C2=A0reference to '= ;Milton Mueller's Porkbelly=C2=A0Diner'. Because of Recit= al 14, this would amount to a legal person. It's pretty clea= r that the intention of the GDPR's drafters was to exclude legal persons. However, let's say you have registered 'MM Porkbelly Diner' in the=C2=A0regis= ter of companies. I think you would agree that this would amount to information about a legal person. But say someone=C2=A0searched the company register and discovered Milton Mueller was the principal shareholder of MM Porkbelly Diner. This is an identifier which would <i>tie nformation about Milton Mueller to</i> 'MM PorkBelly Diner'. Therefore, this is 'any informa= tion' 'relating to' an identified=C2=A0or identifiable = living person. It would be reasonable to infer that MM registered in the registrar database under MM PorkBelly Diner is the same as the Milton=C2=A0Mueller th= at is in the register of companies. The fact that someone can combine=C2=A0the knowledge from the company register with the knowledge from the registrar database could make 'MM Porkbelly Diner' personal data under Art= icle 4(1) of the GDPR. Someone who did not disclose their identity at all could still be identifiable; hence, the perceived need for protection in the EU data protection regime.</font></div> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">=C2=A0"I<span styl= e=3D"color:rgb(31,73,125)">=C2=A0</span><span style=3D"color:rgb(31,73,125)= ">am saying that the user, the registrant, gets to decide what is personal data or not, because THERE IS NO OBJECTIVE, CLEAR LEGAL DEFINITION" is, on the surface, problematic. </span><font color=3D"#000000">It doesn't matter whether the user says NO or YES or the registrar says no or yes, or whether it is objective or clear, the test is whether any information can be combined with other information to reveal an identifiable living person. I would argue, absent a wholesale change in the reasoning used by the CJEU, this would remain the case for the foreseeable future. This is not intended as a Mark Leiser argument or an attempt to discredit what you are saying, but an honest account of how I think the Courts and the EU data protection Board would react to what you are proposing.=C2=A0</font><br> </font></div> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">You asked about <a href= =3D"https://iapp.org/news/a/are-ip-addresses-generated-when-users-visit-web= sites-personal-information/#:~:text=3DUnder%20the%20EU%20General%20Data,hea= der%20information%20that%20website%20hosts" target=3D"_blank"> IP addresses</a>, 'port numbers', 'browser = config', etc could be used to identify you personally. Yes, absolutely. This is personal data in the EU - if it can relate to a living person. What your=C2=A0writing=C2= =A0here reveals, is that you are a little confused about how the=C2=A0GDPR works - the GDPR does not rely on 'cons= ent' or 'explicit permission' as the only basis for processing personal data. Remember the GDPR has six<a hre= f=3D"https://gdpr-info.eu/art-6-gdpr/" target=3D"_blank">=C2=A0grounds of processing</a>. It is a prohibitive regulation. You cannot process personal data in the EU unless you satisfy one of those six grounds. Most companies will NOT be processing on the basis of 'consent' but o= n 'legitimate interests' (Article 6(1)(f)) or performance of a contract (Article 6(1)(b)). Don't worry, this is an extremely=C2=A0common mistake among American attorneys! As most of these items are "technical', I would also imagine that there is = a 'legal requirement' (another ground) or a lawful basis. All ISPs will be processing personal data through 'IP addresses', 'port browsers', = and 'browser config' because of the legal basis found in=C2=A0<a h= ref=3D"https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=3DCELEX:320= 02L0058&from=3DEN" target=3D"_blank">Article 15 of the e-Privacy Directive</a>=C2=A0which provides Member=C2=A0States with a specific exemption for the purposes of national security. If not covered by this, I would imagine they would rely on 'legitimate interests' as their ground instead.=C2=A0</font></div= > <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">Finally, even if a registrar has a legitimate interest in processing someone's personal data, this does not address the <i>privacy </i>requirements that i indicated in my previous email. Unless there is a specific provision put into law, I do not know how the registrar=C2=A0can remain compliant with the GDPR and the EU's privacy requirements. In fact, I don't know how the EU can even comment on this, because, of course, the EU Charter is a legal framework completely distinct from the European Convention of Human Rights.=C2=A0</font></di= v> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">One more thing to consider - if you choose to disclose your name, address, and designate as the contact person of a legal person, what happens when that person exercises their 'right to be forgotten' right under Article= 17 GDPR. Maybe Milton Mueller the person chooses to leave the legal entity MM Porkbelly Diner, adopts a vegan lifestyle, and wants no affiliation=C2=A0with the busines= s? If it's=C2=A0published, he=C2=A0can demand a correcti= on of the database thereof. So what then?=C2=A0</font></div> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">Regards,</font></div> <div><font face=3D"arial, sans-serif"><br> </font></div> <div><font face=3D"arial, sans-serif">Mark=C2=A0</font></div> <div> <div> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div dir=3D"ltr"> <div> <div style=3D"font-size= :12.8px"><br> </div> <div style=3D"font-size= :12.8px"><b><font color=3D"#674ea7"><span style=3D"font-size:small;font-fam= ily:Tahoma">Dr Mark Leiser | </span><span styl= e=3D"font-size:small">Law and Digital Technologies=C2= =A0</span><span style=3D"font-size:small;font-family:Tahoma">| FRSA FHEA=C2= =A0</span><span style=3D"font-family:Tahoma;font-size:small">|</span></font= ></b></div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> <br> </div> </div> <br> <div class=3D"gmail_quote"> <div dir=3D"ltr" class=3D"gmail_attr">On Tue, 27 Apr 2021 at 20:35, Mueller, Milton L <<a href=3D"mailto:milton@gatec= h.edu" target=3D"_blank">[log in to unmask]</a>> wrote:<br> </div> <blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px= 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> <div lang=3D"EN-US"> <div> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;fo= nt-family:Calibri,sans-serif;color:rgb(31,73,125)">Mark, </span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;fo= nt-family:Calibri,sans-serif;color:rgb(31,73,125)">Thanks for your intervention. Here is the complete definition of personal data in GDPR:</span></p> <p class=3D"MsoNormal" style=3D"margin-right:0in;margin= -bottom:12pt;margin-left:30pt;background:white;vertical-align:baseline"><sp= an style=3D"color:rgb(51,51,51)">=E2=80=98personal data=E2=80=99 means any information relating to an identified or identifiable natural person (=E2=80=98data subje= ct=E2=80=99); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;fo= nt-family:Calibri,sans-serif;color:rgb(31,73,125)">Alas, this raises more questions than it answers. It is not entirely clear what =E2=80=9Crelating to=E2= =80=9D means in this construct. E.g., if the name of my company is Milton Mueller=E2=80=99s Porkbelly Diner= , is the name relating to me as a person, or to my business? Strictly speaking it=E2=80=99s a business name. But it could be used to identify me. An overly broad interpretation of this definition would classify ANY data about ANYTHING as =E2=80=9Cpersonal data=E2=80=9D because at some poi= nt it could be =E2=80=9Crelated to=E2=80=9D an =E2=80=9Cidentif= iable natural person.=E2=80=9D So suddenly the business name beco= mes personal data. Or a bunch of obscure technical indicators inherent in your use of the internet, such as port numbers, browser config, etc., could be =E2=80=9Crelated=E2=80=9D to your ISP acco= unt number, and then used to identify you, personally. But does that mean that every website and hosting service in the world that uses that technical data in the course of their operations cannot process that info without your explicit permission, because it=E2=80=99s =E2=80=9Cpersonal = data?=E2=80=9D I hope not, because the internet would cease to function if so. </span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11pt;fo= nt-family:Calibri,sans-serif;color:rgb(31,73,125)">=C2=A0</span></p> <div> <div> <p class=3D"MsoNormal"><span style=3D"font-family:A= rial,sans-serif;color:rgb(31,73,125)">></span><span style=3D"font-family= :Arial,sans-serif">Therefore, <a href=3D"mailto:[log in to unmask]" target=3D"_bl= ank">[log in to unmask]</a> is personal data if someone behind it is identifiable.<span style=3D"color:rgb(31,73,125= )"></span></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11p= t;font-family:Calibri,sans-serif;color:rgb(31,73,125)">=C2=A0</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11p= t;font-family:Calibri,sans-serif;color:rgb(31,73,125)">My point is that whether the user of <a href=3D"mailto:[log in to unmask]" target=3D"_bl= ank">[log in to unmask]</a> is identifiable does not depend on that chunk of data, but on a bunch of activities that relate that data to other things. And in a digital world with powerful processing capabilities, no one can fully control those correlations and searches. Any attempt to do so simply cripples the entire information economy. So the idea of looking at a registration record and saying =E2=80=9Cis ther= e personal data in here or not=E2=80=9D is a completely invalid test.</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11p= t;font-family:Calibri,sans-serif;color:rgb(31,73,125)">=C2=A0</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11p= t;font-family:Calibri,sans-serif;color:rgb(31,73,125)">There is an eerie similarity between these exaggerated applications of privacy law and the copyright maximalists of the 1990s. The IP interests thought you needed permission to transmit a copyrighted work over the internet, a claim that would have crippled ISPs who had no idea what packets were parts of copyrighted material or not. Privacy maximalists have reached the same point of absurdity, but they don=E2=80=99t seem to reali= ze it. They are no longer protecting a tangible privacy interest of internet users, they are trying to give individuals rigid control over information exchanges and imposing largely meaningless consent requirements that do no one any good.</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11p= t;font-family:Calibri,sans-serif;color:rgb(31,73,125)">=C2=A0</span></p> </div> <div> <p class=3D"MsoNormal"><span style=3D"color:rgb(31,= 73,125)">></span>The confusion comes from=C2=A0Recital 14 of the GDPR which states that it only applies to natural persons and does not cover the processing of personal data concerning legal persons, in particular undertakings established as legal persons or legal entities. This also includes the name of the legal person, the form, and the contact details of the legal person.<span sty= le=3D"color:rgb(31,73,125)"> </span>But the second you start adding identifiers to these details, it stops becoming the data of a 'legal person' and starts becoming personal data.=C2=A0</p> <p class=3D"MsoNormal"><span style=3D"font-size:11p= t;font-family:Calibri,sans-serif;color:rgb(31,73,125)">=C2=A0</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11p= t;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Yes, indeed, the GDPR is confused on this score. Unfortunately, you don=E2=80=99t escape that confusion by saying =E2=80=9Cadding identifiers= =E2=80=9D is the problem. Your argument fails because names of legal persons and contact details ARE =E2=80=9Cidentifiers,=E2=80=9D they are jus= t identifiers of legal persons. As I pointed out they can easily overlap with, or be used to identify, natural persons. =C2=A0</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11p= t;font-family:Calibri,sans-serif;color:rgb(31,73,125)">=C2=A0</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11p= t;font-family:Calibri,sans-serif;color:rgb(31,73,125)">So my basic point is that we do not solve this problem by reference to GDPR definitions. In fact if GDPR is taken literally no one can ever publish and share any kind of information without absurd overhead and legal bureaucracy, because ALL of it can be used to identify you in some way. These kinds of interpretations actually discredit privacy laws and protections, by taking them to counterproductive lengths. We have to make common sense-based, practical distinctions between what data needs protection, what data can be easily shared at the registrants=E2=80=99 choice.</span></p> </div> <div> <p class=3D"MsoNormal">=C2=A0</p> </div> <div> <p class=3D"MsoNormal">Secondly, I find this statement, "I think it is simplest to just s= ay to the registrant, if you=E2=80=99re a company an= d don=E2=80=99t mind (or even want) your data to be published, check this box. If you=E2=80=99re not,= or you do mind, don=E2=80=99t check it."=C2=A0 = to be BOTH perplexing and inaccurate.=C2=A0=C2=A0Whether som= eone checks the box, or does not check the box is completely irrelevant for determining whether it is personal data. Whether someone checks the box is a question of CONSENT to processing AND publication, not whether this amounts to personal data. <span style=3D"color:rgb(31,73,125= )"></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11p= t;font-family:Calibri,sans-serif;color:rgb(31,73,125)">=C2=A0</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11p= t;font-family:Calibri,sans-serif;color:rgb(31,73,125)">We actually seem to agree here, more than you think. I am saying that the user, the registrant, gets to decide what is personal data or not, because THERE IS NO OBJECTIVE, CLEAR LEGAL DEFINITION. So the user can decide whether they want to be classified as a legal person and =E2=80=9Cconsent=E2=80=9D to= publishing their data or not. As an example, that if I decide that publishing the name of =E2=80=9CMil= ton Mueller=E2=80=99s Porkbelly Diner=E2=80=9D is n= ot a violation of my privacy, it isn=E2=80=99t. It doesn=E2=80=99t matter what the European Union = says, it=E2=80=99s my choice. =C2=A0=C2=A0</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11p= t;font-family:Calibri,sans-serif;color:rgb(31,73,125)">=C2=A0</span></p> <p class=3D"MsoNormal"><span style=3D"font-size:11p= t;font-family:Calibri,sans-serif;color:rgb(31,73,125)">And let=E2=80=99s not overlook the embarrassing fac= t that the European Union is now one of the key players pushing hard for publication of legal person data. But I=E2=80=99ll leave that = one to later. </span></p> </div> </div> </div> </div> </blockquote> </div> </blockquote> </div> </div> </blockquote> </div> </blockquote></div> --000000000000529e6605c1113cce-- ========================================================================= Date: Wed, 28 Apr 2021 18:44:11 -0700 Reply-To: [log in to unmask] Sender: NCSG-Discuss <[log in to unmask]> From: [log in to unmask] Subject: Re: EPDP policy issues - [adding Kathy] X-To: Stephanie E Perrin <[log in to unmask]> In-Reply-To: <[log in to unmask]> Content-Type: multipart/alternative; boundary="=_G7R-t8JtcKOpo7L83k4emWf" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Message-ID: <[log in to unmask]> This message is in MIME format. --=_G7R-t8JtcKOpo7L83k4emWf Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Description: Plaintext Message Content-Disposition: inline Content-Transfer-Encoding: quoted-printable All, I would like to urge us to step back from the discussion for a few =20 days. I think there is a lot of data that is being created that needs =20 to be shared - data and studies that should inform our decision. Some =20 of the data presented to the EPDP, I am told, includes: 1) 50% of gTLD domain name registrations are for natural persons =20 (which makes sense to me since the number of people on the Internet =20 far exceeds the number of companies).=C2=A0 That's significant. 2) That DNS Abuse has dropped meaningfully since the redaction of the dat= a. I also think we should explore more meaningfully what our members =20 need. We are noncommercial organizations and individuals seeking to =20 protect noncommerical speech online.=C2=A0 Many of our groups are public = =20 interest and human rights -- with agendas that "tick off" someone - =20 and our personal data could be used against us or our families. We =20 have legal privacy protections not yet discussed significantly on this =20 list - protections under Art 9 of EU GDPR for "sensitive data" which =20 links us to our political, gender and similar views AND protection for =20 free speech, freedom of expression and freedom of association under =20 the UN Declaration of Human Rights, the US Constitution and the =20 European Convention on Human Rights, and more (feel free to share your =20 own national laws). STEPHANIE IS ABSOLUTELY RIGHT.=C2=A0 (I'LL HAVE A NOTE BELOW ABOUT WHERE = I =20 AGREE WITH MILTON TOO.) ON THE PROXY & PRIVACY SERVICES ACCREDITATION =20 ISSUES WORKING GROUP (PPSAI) WE WORKED ON BEHALF OF NCSG TO SEE THAT =20 NSCG REGISTRANTS (AND OTHERS) WERE NOT ASKED TO ANSWER QUESTIONS OF =20 "LEGAL AND NATURAL PERSONS" THAT WOULD LEAD TO QUESTIONS OUR MEMBERS =20 WOULD HAVE THE MOST DIFFICULT TIME ANSWERING.=C2=A0 THE ANSWERS ARE NOT =20 CLEAR OR EASY - AS OUR DISCUSSION OF THE LAST FEW DAYS HAS SHOWN. One goal of the GDPR is to encourage the overprotection rather that =20 the underprotection of privacy - if we are going to err, it is to =20 protect the data.=C2=A0 In that spirit, I would vote to hold the present = =20 course - Option 1.=C2=A0 Let those who want to publish their data publish= =20 their data. And keep the rest of us from making the wrong choices with =20 legal implications that threaten us, our organizations and the data =20 controllers and processors. /As Stephanie writes below, ICANN is designing automated disclosure =20 systems that will operate automatically based on our =20 self-identification. Asking questions registrant can't easily answer, =20 with enormous implications, is not fair or right. / I AGREE WITH MILTON THAT REGISTRANTS SHOULD BE ABLE TO DISCLOSURE =20 THEIR DATA ONLY IF THEY WANT TO (WHICH IS CLEAR PART OF THE STATUS QUO). /Thus, at this time and with the evidence we have, STATUS QUO=C2=A0 - =20 OPTION 1 - PRESERVES THE CHOICE REGISTRANTS HAVE NOW:=C2=A0 ANY REGISTRAN= T =20 BE IT COMPANY, ORGANIZATION, INDIVIDUAL=C2=A0 CAN PUBLISH ITS/HER/HIS DAT= A =20 IF THEY WANT TO./ Tx to our EPDP Team for including us in their evaluations! Best, Kathy Quoting Stephanie E Perrin <[log in to unmask]>: > Thanks again Manju, for your untiring efforts to get us to solve this > disagreement about next steps.=C2=A0 I am going to try to summarize my > thinking on this, without diving into the complexity of the law and > the difficulties inherent in implementing it. > > 1.=C2=A0 The push to distinguish between legal and natural is not new.=C2= =A0 We > fought it in the PPSAI, and won.=C2=A0 In phase 1 EPDP, we managed to g= et > recommendation #6 through, but with the concession that ICANN would > do a study on legal natural, and that we would reexamine.=C2=A0 My > position is basically HOLD THAT LINE!=C2=A0 We do not need to change ou= r > position, we can examine the matter, take a look at what guidance > would do, and maintain the status quo. > > 2.=C2=A0 We have sought advice from Bird and Bird on mitigating the ris= k > to contracted parties in terms of how they provide information to > their registrants, in order to be in full compliance with data > protection law (viewed through the GDPR lens).=C2=A0 For the contracted > parties, nothing in there eliminates the risk that the data > controller has, but certainly guidance mitigates it.=C2=A0 However, > remember that civil society can take a case under GDPR, and if I were > advising civil society as to how to take a case, I would point out > the history of WHOIS, the dogged determination of ICANN and the IP > and business community to get back to the good old WHOIS, the lack of > evidence that forcing this determination on smaller actors will > indeed result in greater security and stability=C2=A0 of the DNS, and t= he > unequal power relationship between ICANN the regulator and the > contracted parties who must be accredited to do business.=C2=A0 Third > party data accessors are driving this process, and registrants are > basicly being represented by ourselves, and the Registrars who have > them as customers.=C2=A0 I think we have a responsibility not to cave i= n. > > 3.=C2=A0 A word on small business, sole proprietors, and home based > entrepreneurs or gig workers.=C2=A0 We are the Non-commercial > stakeholders, so we do not claim to represent them.=C2=A0 Frankly, I do= n't > know who does here at ICANN, in my 8 years of volunteering at ICANN I > have never heard the ALAC folks advance a cohesive argument on behalf > of these folks (or even an argument, but I hesitate to say that > because someone will trawl through the archives and come up with > someone defending the little guy against giant corporations).=C2=A0 > Certainly they are not speaking for them at the EPDP, they are > speaking for government, law enforcement, and cybersecurity > operatives.=C2=A0 As folks who care about human rights and fairness to > developing economies, I think we should care about how much this > differentiation between legal persons and natural persons does not > work in countries other than the EU states and the US.=C2=A0 Countries > around the world have different ways to describe small business, > different ways to regulate it, and this differentiation may not match > tax schemes, municipal registration patterns, etc.=C2=A0 There is of > course an additional barrier in the matter of languages. > > 4.=C2=A0 Remember that what we are arguing about is not providing acces= s > to data about suspected legal persons through the SSAD.=C2=A0 We are > arguing about Automatic disclosure based on the choice the individual > makes, legal or natural person.=C2=A0 As I have said before, the skies = are > not going to fall if the legitimate requestors have to request the > data and get it in one or two business days, as opposed to having it > pre-emptively disclosed. =C2=A0 Remember that the registrar or his > reseller has a wealth of other day about their customer that is > "below the surface", most importantly credit card info, billing > address for the credit card, emails, IP address etc.=C2=A0 They can loo= k > at that data if necessary, to figure out whether they are dealing > with a company or a person.=C2=A0 However, the SSAD does not have acces= s > to that data.=C2=A0 If we encourage this differentiation by putting > guidance into the policy, then we are heading for the slippery slope > of automated disclosure. Remember that there is already a section in > there that once the data has been verified as pertaining to a legal > person and not containing personal data, it MUST be disclosed.=C2=A0 Wh= at > happens when that legal entity moves to a jurisdiction where > employees have privacy rights, either under data protection law or > other laws such as labour laws or contracts?=C2=A0 There is a good chan= ce > that some of their data becomes personal. > > 5.=C2=A0 Registrars already have excellent advice for their members > available through their own websites.=C2=A0 Remember that at ICANN we a= re > only dealing with the big ones, and the responsible ones.=C2=A0 We have= to > consider whether any activity we sanction in this policy induces the > lazy ones to cut corners.=C2=A0 They are used to disclosing everything = in > the WHOIS, if given an opportunity to revert to that by creating this > distinction, they will most likely do what is easiest.=C2=A0 At the > moment, under the temp spec and article 6, the easiest thing to do is > to consider these grey area folks as natural persons unless proven > otherwise, and protect the data. Why on earth would we not choose > this option?=C2=A0 There is no law telling us to do otherwise, and ther= e > is certainly a great deal of law out there that makes differentiation > a legal risk that carries liability and cost.=C2=A0 We want domain name= s > to remain affordable, and we want our people protected. > > 6.=C2=A0 One more thing:=C2=A0 remember that not all domain names are u= sed for > websites engaged in commerce.=C2=A0 Some are being held by individuals = for > future use.=C2=A0 Disclosure provides market information to big players > who may want to prevent the name from being used, or to purchase > them, but there is no harm emanating from them in dormancy, and small > players need not have their competitive positions compromised in this > way.=C2=A0 Most of the online crime that we hear adduced to justify > disclosure of data is coming from websites.=C2=A0 Websites can be > regulated to protect consumers, but that is not within ICANN's > bailiwick.=C2=A0 Folks come to ICANN to demand this activity because ot= her > multilateral instruments have failed, but given the lack of oversight > over ICANN, the responsibility to ensure fairness and human rights > are respected falls on the shoulders of the stakeholders engaged here. > > 7.=C2=A0 Finally:=C2=A0 Several folks are worried that governments will > regulate if we do not concede here.=C2=A0 I say let them, the Courts an= d > the Constitution and the much more rigorous defences against > incursions into human rights available within countries will > prevail.=C2=A0 It certainly will in the EU, where the draft NIS is > progressing.....I keep pointing out the Opinion of the European Data > Protection Supervisor on this matter, so one more time here it is > https://www.google.com/search?client=3Dfirefox-b-d&q=3Dedps+on+the+nis+= directive. As for the increasing number of autocratic countries intereste= d in curtailing the free speech and internet rights of their citizens, th= ey are regulating anyway and nothing that ICANN does is going to persuade= them otherwise.=C2=A0 A good example of us falling on the side of custom= er protection might at least give those individuals in these countries so= mething to point to, as opposed to caving in =20 > to > threats. > > cheers Stephanie Perrin > > On 2021-04-27 11:56 p.m., =E9=99=B3=E6=9B=BC=E8=8C=B9 Manju Chen wrote: >> *EXTERNAL EMAIL:* >> Hi all, >> >> This has been a very helpful discussion. Our ultimate goal is to >> finalize an NCSG position, and I'd like to provide some context in >> the interest of reaching that goal. >> >> Some have pointed out that the question of 'do you agree to publish >> your data' is a much better one than 'are you a legal or natural >> person'. I totally agree. But we already have that in the policy. In >> the EPDP phase 1 final report, recommendation #6 reads: >> >> =C2=A0 =C2=A0 The EPDP Team recommends that, as soon as commercially r= easonable, >> =C2=A0 =C2=A0 Registrar must provide the opportunity for the Registere= d Name >> =C2=A0 =C2=A0 Holder to provide its Consent to publish redacted contac= t >> =C2=A0 =C2=A0 information, as well as the email address, in the RDS fo= r the >> =C2=A0 =C2=A0 sponsoring registrar. >> >> >> In the EPDP phase2A, the WG is tasked to address the following questio= ns: >> >> 1. Whether any updates are required to the EPDP Phase 1 >> =C2=A0 =C2=A0 recommendation on this topic (=E2=80=9CRegistrars and Re= gistry Operators >> =C2=A0 =C2=A0 are permitted to differentiate between registrations of = legal and >> =C2=A0 =C2=A0 natural persons, but are not obligated to do so=E2=80=9C= ); >> 2. What guidance, if any, can be provided to Registrars and/or >> =C2=A0 =C2=A0 Registries who differentiate between registrations of le= gal and >> =C2=A0 =C2=A0 natural persons. >> >> So it's not that we 'want' the distinction of natural=C2=A0vs. legal. >> It's the task we're given, and per the WG chair's last email to the >> EPDP team, it's not something we can avoid. We have to stick to the >> 'natural vs. legal persons' rhetoric to answer the questions. >> >> Of course, we can simply assert that 'there's no update needed' and >> let the contracted parties do whatever they want when they feel like >> making the distinction. I was personally very tempted by this option >> every now and then. However, as Milton pointed out in another email, >> we are already developing guidance in the EPDP, so that option seems >> far-fetched. >> >> I hope this explains some of the confusion and helps us to consider >> Milton's 4 options in the other email. >> >> Thanks! >> >> >> Best, >> Manju >> >> On Wed, Apr 28, 2021 at 4:40 AM Mark Leiser <[log in to unmask] >> <mailto:[log in to unmask]>> wrote: >> >> =C2=A0 =C2=A0 Hi Milton, >> >> =C2=A0 =C2=A0 First let me say I completely agree=C2=A0with you on=C2=A0= your statements >> =C2=A0 =C2=A0 about European data privacy. I feel like I've dedicated = most of my >> =C2=A0 =C2=A0 professional life arguing about the dangers of privacy=C2= =A0and data >> =C2=A0 =C2=A0 protection maximalism - yet almost always feel=C2=A0like= my arguments >> =C2=A0 =C2=A0 on deaf ears. While people are arguing that 'everything = is >> =C2=A0 =C2=A0 personal data', I've been arguing that this makes the re= gime >> =C2=A0 =C2=A0 unmanageable. >> >> =C2=A0 =C2=A0 So let me try to explain 'relating to' with=C2=A0referen= ce to 'Milton >> =C2=A0 =C2=A0 Mueller's Porkbelly=C2=A0Diner'. Because of Recital 14, = this would >> =C2=A0 =C2=A0 amount to a legal person. It's pretty clear that the int= ention of >> =C2=A0 =C2=A0 the GDPR's drafters was to exclude legal persons. Howeve= r, let's >> =C2=A0 =C2=A0 say you have registered 'MM Porkbelly Diner' in the=C2=A0= register of >> =C2=A0 =C2=A0 companies. I think you would agree that this would amoun= t to >> =C2=A0 =C2=A0 information about a legal person. But say someone=C2=A0s= earched the >> =C2=A0 =C2=A0 company register and discovered Milton Mueller was the p= rincipal >> =C2=A0 =C2=A0 shareholder of MM Porkbelly Diner. This is an identifier= which >> =C2=A0 =C2=A0 would /tie nformation about Milton Mueller to/ 'MM PorkB= elly >> =C2=A0 =C2=A0 Diner'. Therefore, this is 'any information' 'relating t= o' an >> =C2=A0 =C2=A0 identified=C2=A0or identifiable living person. It would = be reasonable >> =C2=A0 =C2=A0 to infer that MM registered in the registrar database un= der MM >> =C2=A0 =C2=A0 PorkBelly Diner is the same as the Milton=C2=A0Mueller t= hat is in the >> =C2=A0 =C2=A0 register of companies. The fact that someone can combine= =C2=A0the >> =C2=A0 =C2=A0 knowledge from the company register with the knowledge f= rom the >> =C2=A0 =C2=A0 registrar database could make 'MM Porkbelly Diner' perso= nal data >> =C2=A0 =C2=A0 under Article 4(1) of the GDPR. Someone who did not disc= lose their >> =C2=A0 =C2=A0 identity at all could still be identifiable; hence, the = perceived >> =C2=A0 =C2=A0 need for protection in the EU data protection regime. >> >> =C2=A0 =C2=A0 =C2=A0"Iam saying that the user, the registrant, gets to= decide what is >> =C2=A0 =C2=A0 personal data or not, because THERE IS NO OBJECTIVE, CLE= AR LEGAL >> =C2=A0 =C2=A0 DEFINITION" is, on the surface, problematic. It doesn't = matter >> =C2=A0 =C2=A0 whether the user says NO or YES or the registrar says no= or yes, >> =C2=A0 =C2=A0 or whether it is objective or clear, the test is whether= any >> =C2=A0 =C2=A0 information can be combined with other information to re= veal an >> =C2=A0 =C2=A0 identifiable living person. I would argue, absent a whol= esale >> =C2=A0 =C2=A0 change in the reasoning used by the CJEU, this would rem= ain the >> =C2=A0 =C2=A0 case for the foreseeable future. This is not intended as= a Mark >> =C2=A0 =C2=A0 Leiser argument or an attempt to discredit what you are = saying, >> =C2=A0 =C2=A0 but an honest account of how I think the Courts and the = EU data >> =C2=A0 =C2=A0 protection Board would react to what you are proposing. >> >> =C2=A0 =C2=A0 You asked about IP addresses >> =C2=A0 =C2=A0 >> <https://iapp.org/news/a/are-ip-addresses-generated-when-users-visit-w= ebsites-personal-information/#:~:text=3DUnder%20the%20EU%20General%20Data= ,header%20information%20that%20website%20hosts>, >> =C2=A0 =C2=A0 'port numbers', 'browser config', etc could be used to i= dentify >> =C2=A0 =C2=A0 you personally. Yes, absolutely. This is personal data i= n the EU - >> =C2=A0 =C2=A0 if it can relate to a living person. What your=C2=A0writ= ing=C2=A0here >> =C2=A0 =C2=A0 reveals, is that you are a little confused about how the= =C2=A0GDPR >> =C2=A0 =C2=A0 works - the GDPR does not rely on 'consent' or 'explicit >> =C2=A0 =C2=A0 permission' as the only basis for processing personal da= ta. >> =C2=A0 =C2=A0 Remember the GDPR has six=C2=A0grounds of processing >> =C2=A0 =C2=A0 <https://gdpr-info.eu/art-6-gdpr/>. It is a prohibitive >> =C2=A0 =C2=A0 regulation. You cannot process personal data in the EU u= nless you >> =C2=A0 =C2=A0 satisfy one of those six grounds. Most companies will NO= T be >> =C2=A0 =C2=A0 processing on the basis of 'consent' but on 'legitimate = interests' >> =C2=A0 =C2=A0 (Article 6(1)(f)) or performance of a contract (Article = 6(1)(b)). >> =C2=A0 =C2=A0 Don't worry, this is an extremely=C2=A0common mistake am= ong American >> =C2=A0 =C2=A0 attorneys! As most of these items are "technical', I wou= ld also >> =C2=A0 =C2=A0 imagine that there is a 'legal requirement' (another gro= und) or a >> =C2=A0 =C2=A0 lawful basis. All ISPs will be processing personal data = through >> =C2=A0 =C2=A0 'IP addresses', 'port browsers', and 'browser config' be= cause of >> =C2=A0 =C2=A0 the legal basis found in Article 15 of the e-Privacy Dir= ective >> =C2=A0 =C2=A0 >> <https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=3DCELEX:3200= 2L0058&from=3DEN>=C2=A0which >> =C2=A0 =C2=A0 provides Member=C2=A0States with a specific exemption fo= r the purposes >> =C2=A0 =C2=A0 of national security. If not covered by this, I would im= agine they >> =C2=A0 =C2=A0 would rely on 'legitimate interests' as their ground ins= tead. >> >> =C2=A0 =C2=A0 Finally, even if a registrar has a legitimate interest i= n >> =C2=A0 =C2=A0 processing someone's personal data, this does not addres= s the >> =C2=A0 =C2=A0 /privacy /requirements that i indicated in my previous e= mail. >> =C2=A0 =C2=A0 Unless there is a specific provision put into law, I do = not know >> =C2=A0 =C2=A0 how the registrar=C2=A0can remain compliant with the GDP= R and the EU's >> =C2=A0 =C2=A0 privacy requirements. In fact, I don't know how the EU c= an even >> =C2=A0 =C2=A0 comment on this, because, of course, the EU Charter is a= legal >> =C2=A0 =C2=A0 framework completely distinct from the European Conventi= on of >> =C2=A0 =C2=A0 Human Rights. >> >> =C2=A0 =C2=A0 One more thing to consider - if you choose to disclose y= our name, >> =C2=A0 =C2=A0 address, and designate as the contact person of a legal = person, >> =C2=A0 =C2=A0 what happens when that person exercises their 'right to = be >> =C2=A0 =C2=A0 forgotten' right under Article 17 GDPR. Maybe Milton Mue= ller the >> =C2=A0 =C2=A0 person chooses to leave the legal entity MM Porkbelly Di= ner, >> =C2=A0 =C2=A0 adopts a vegan lifestyle, and wants no affiliation=C2=A0= with the >> =C2=A0 =C2=A0 business? If it's=C2=A0published, he=C2=A0can demand a c= orrection of the >> =C2=A0 =C2=A0 database thereof. So what then? >> >> =C2=A0 =C2=A0 Regards, >> >> =C2=A0 =C2=A0 Mark >> >> =C2=A0 =C2=A0 *Dr Mark Leiser | Law and Digital Technologies | FRSA FH= EA |* >> >> >> =C2=A0 =C2=A0 On Tue, 27 Apr 2021 at 20:35, Mueller, Milton L <milton@= gatech.edu >> =C2=A0 =C2=A0 <mailto:[log in to unmask]>> wrote: >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 Mark, >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 Thanks for your intervention. Here is the = complete definition >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 of personal data in GDPR: >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =E2=80=98personal data=E2=80=99 means any = information relating to an >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 identified or identifiable natural person = (=E2=80=98data subject=E2=80=99); an >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 identifiable natural person is one who can= be identified, >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 directly or indirectly, in particular by r= eference to an >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 identifier such as a name, an identificati= on number, location >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 data, an online identifier or to one or mo= re factors specific >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 to the physical, physiological, genetic, m= ental, economic, >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 cultural or social identity of that natura= l person; >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 Alas, this raises more questions than it a= nswers. It is not >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 entirely clear what =E2=80=9Crelating to=E2= =80=9D means in this construct. >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 E.g., if the name of my company is Milton = Mueller=E2=80=99s Porkbelly >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 Diner, is the name relating to me as a per= son, or to my >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 business? Strictly speaking it=E2=80=99s a= business name. But it could >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 be used to identify me. An overly broad in= terpretation of this >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 definition would classify ANY data about A= NYTHING as =E2=80=9Cpersonal >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 data=E2=80=9D because at some point it cou= ld be =E2=80=9Crelated to=E2=80=9D an >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =E2=80=9Cidentifiable natural person.=E2=80= =9D So suddenly the business name >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 becomes personal data. Or a bunch of obscu= re technical >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 indicators inherent in your use of the int= ernet, such as port >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 numbers, browser config, etc., could be =E2= =80=9Crelated=E2=80=9D to your ISP >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 account number, and then used to identify = you, personally. But >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 does that mean that every website and host= ing service in the >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 world that uses that technical data in the= course of their >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 operations cannot process that info withou= t your explicit >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 permission, because it=E2=80=99s =E2=80=9C= personal data?=E2=80=9D I hope not, because >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 the internet would cease to function if so= . >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 >Therefore, [log in to unmask] <mailto:info@my= org.org> is personal >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 data if someone behind it is identifiable. >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 My point is that whether the user of info@= myorg.org >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 <mailto:[log in to unmask]> is identifiable do= es not depend on >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 that chunk of data, but on a bunch of acti= vities that relate >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 that data to other things. And in a digita= l world with >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 powerful processing capabilities, no one c= an fully control >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 those correlations and searches. Any attem= pt to do so simply >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 cripples the entire information economy. S= o the idea of >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 looking at a registration record and sayin= g =E2=80=9Cis there personal >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 data in here or not=E2=80=9D is a complete= ly invalid test. >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 There is an eerie similarity between these= exaggerated >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 applications of privacy law and the copyri= ght maximalists of >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 the 1990s. The IP interests thought you ne= eded permission to >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 transmit a copyrighted work over the inter= net, a claim that >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 would have crippled ISPs who had no idea w= hat packets were >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 parts of copyrighted material or not. Priv= acy maximalists have >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 reached the same point of absurdity, but t= hey don=E2=80=99t seem to >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 realize it. They are no longer protecting = a tangible privacy >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 interest of internet users, they are tryin= g to give >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 individuals rigid control over information= exchanges and >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 imposing largely meaningless consent requi= rements that do no >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 one any good. >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 >The confusion comes from=C2=A0Recital 14 = of the GDPR which states >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 that it only applies to natural persons an= d does not cover the >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 processing of personal data concerning leg= al persons, in >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 particular undertakings established as leg= al persons or legal >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 entities. This also includes the name of t= he legal person, the >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 form, and the contact details of the legal= person.But the >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 second you start adding identifiers to the= se details, it stops >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 becoming the data of a 'legal person' and = starts becoming >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 personal data. >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 Yes, indeed, the GDPR is confused on this = score. >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 Unfortunately, you don=E2=80=99t escape th= at confusion by saying >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =E2=80=9Cadding identifiers=E2=80=9D is th= e problem. Your argument fails >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 because names of legal persons and contact= details ARE >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =E2=80=9Cidentifiers,=E2=80=9D they are ju= st identifiers of legal persons. As >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 I pointed out they can easily overlap with= , or be used to >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 identify, natural persons. >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 So my basic point is that we do not solve = this problem by >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 reference to GDPR definitions. In fact if = GDPR is taken >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 literally no one can ever publish and shar= e any kind of >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 information without absurd overhead and le= gal bureaucracy, >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 because ALL of it can be used to identify = you in some way. >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 These kinds of interpretations actually di= scredit privacy laws >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 and protections, by taking them to counter= productive lengths. >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 We have to make common sense-based, practi= cal distinctions >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 between what data needs protection, what d= ata can be easily >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 shared at the registrants=E2=80=99 choice. >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 Secondly, I find this statement, "I think = it is simplest to >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 just say to the registrant, if you=E2=80=99= re a company and don=E2=80=99t mind >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 (or even want) your data to be published, = check this box. If >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 you=E2=80=99re not, or you do mind, don=E2= =80=99t check it."=C2=A0 to be BOTH >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 perplexing and inaccurate.=C2=A0=C2=A0Whet= her someone checks the box, or >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 does not check the box is completely irrel= evant for >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 determining whether it is personal data. W= hether someone >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 checks the box is a question of CONSENT to= processing AND >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 publication, not whether this amounts to p= ersonal data. >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 We actually seem to agree here, more than = you think. I am >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 saying that the user, the registrant, gets= to decide what is >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 personal data or not, because THERE IS NO = OBJECTIVE, CLEAR >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 LEGAL DEFINITION. So the user can decide w= hether they want to >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 be classified as a legal person and =E2=80= =9Cconsent=E2=80=9D to publishing >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 their data or not. As an example, that if = I decide that >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 publishing the name of =E2=80=9CMilton Mue= ller=E2=80=99s Porkbelly Diner=E2=80=9D is >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 not a violation of my privacy, it isn=E2=80= =99t. It doesn=E2=80=99t matter >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 what the European Union says, it=E2=80=99s= my choice. >> >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 And let=E2=80=99s not overlook the embarra= ssing fact that the European >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 Union is now one of the key players pushin= g hard for >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 publication of legal person data. But I=E2= =80=99ll leave that one to >> =C2=A0 =C2=A0 =C2=A0 =C2=A0 later. >> --=_G7R-t8JtcKOpo7L83k4emWf Content-Type: text/html; charset=utf-8 Content-Description: HTML Message Content-Disposition: inline <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <title></title> </head> <body style="font-family:Arial;font-size:14px"> <p>All,<br> I would like to urge us to step back from the discussion for a few days. I think there is a lot of data that is being created that needs to be shared - data and studies that should inform our decision. Some of the data presented to the EPDP, I am told, includes:<br> <br> 1) 50% of gTLD domain name registrations are for natural persons (which makes sense to me since the number of people on the Internet far exceeds the number of companies). That's significant.<br> <br> 2) That DNS Abuse has dropped meaningfully since the redaction of the data.<br> <br> I also think we should explore more meaningfully what our members need. We are noncommercial organizations and individuals seeking to protect noncommerical speech online. Many of our groups are public interest and human rights -- with agendas that "tick off" someone - and our personal data could be used against us or our families. We have legal privacy protections not yet discussed significantly on this list - protections under Art 9 of EU GDPR for "sensitive data" which links us to our political, gender and similar views AND protection for free speech, freedom of expression and freedom of association under the UN Declaration of Human Rights, the US Constitution and the European Convention on Human Rights, and more (feel free to share your own national laws).<br> <br> <strong>Stephanie is absolutely right. (I'll have a note below about where I agree with Milton too.) On the Proxy & Privacy Services Accreditation Issues Working Group (PPSAI) we worked on behalf of NCSG to see that NSCG registrants (and others) were not asked to answer questions of "legal and natural persons" that would lead to questions our members would have the most difficult time answering. The answers are not clear or easy - as our discussion of the last few days has shown.</strong><br> <br> One goal of the GDPR is to encourage the overprotection rather that the underprotection of privacy - if we are going to err, it is to protect the data. In that spirit, I would vote to hold the present course - Option 1. Let those who want to publish their data publish their data. And keep the rest of us from making the wrong choices with legal implications that threaten us, our organizations and the data controllers and processors.<br> <br> <em>As Stephanie writes below, ICANN is designing automated disclosure systems that will operate automatically based on our self-identification. Asking questions registrant can't easily answer, with enormous implications, is not fair or right.</em><br> <br> <strong>I agree with Milton that Registrants should be able to disclosure their data only if they want to (which is clear part of the status quo).</strong><br> <br> <em>Thus, at this time and with the evidence we have, <strong>Status Quo - Option 1 - preserves the choice registrants have now: Any registrant be it company, organization, individual can publish its/her/his data if they want to.</strong></em><br> <br> Tx to our EPDP Team for including us in their evaluations!<br> <br> Best, Kathy<br> <br> Quoting Stephanie E Perrin <<a href="mailto:[log in to unmask]">[log in to unmask]</a>>:<br> <br> > Thanks again Manju, for your untiring efforts to get us to solve this<br> > disagreement about next steps. I am going to try to summarize my<br> > thinking on this, without diving into the complexity of the law and<br> > the difficulties inherent in implementing it.<br> ><br> > 1. The push to distinguish between legal and natural is not new. We<br> > fought it in the PPSAI, and won. In phase 1 EPDP, we managed to get<br> > recommendation #6 through, but with the concession that ICANN would<br> > do a study on legal natural, and that we would reexamine. My<br> > position is basically HOLD THAT LINE! We do not need to change our<br> > position, we can examine the matter, take a look at what guidance<br> > would do, and maintain the status quo.<br> ><br> > 2. We have sought advice from Bird and Bird on mitigating the risk<br> > to contracted parties in terms of how they provide information to<br> > their registrants, in order to be in full compliance with data<br> > protection law (viewed through the GDPR lens). For the contracted<br> > parties, nothing in there eliminates the risk that the data<br> > controller has, but certainly guidance mitigates it. However,<br> > remember that civil society can take a case under GDPR, and if I were<br> > advising civil society as to how to take a case, I would point out<br> > the history of WHOIS, the dogged determination of ICANN and the IP<br> > and business community to get back to the good old WHOIS, the lack of<br> > evidence that forcing this determination on smaller actors will<br> > indeed result in greater security and stability of the DNS, and the<br> > unequal power relationship between ICANN the regulator and the<br> > contracted parties who must be accredited to do business. Third<br> > party data accessors are driving this process, and registrants are<br> > basicly being represented by ourselves, and the Registrars who have<br> > them as customers. I think we have a responsibility not to cave in.<br> ><br> > 3. A word on small business, sole proprietors, and home based<br> > entrepreneurs or gig workers. We are the Non-commercial<br> > stakeholders, so we do not claim to represent them. Frankly, I don't<br> > know who does here at ICANN, in my 8 years of volunteering at ICANN I<br> > have never heard the ALAC folks advance a cohesive argument on behalf<br> > of these folks (or even an argument, but I hesitate to say that<br> > because someone will trawl through the archives and come up with<br> > someone defending the little guy against giant corporations). <br> > Certainly they are not speaking for them at the EPDP, they are<br> > speaking for government, law enforcement, and cybersecurity<br> > operatives. As folks who care about human rights and fairness to<br> > developing economies, I think we should care about how much this<br> > differentiation between legal persons and natural persons does not<br> > work in countries other than the EU states and the US. Countries<br> > around the world have different ways to describe small business,<br> > different ways to regulate it, and this differentiation may not match<br> > tax schemes, municipal registration patterns, etc. There is of<br> > course an additional barrier in the matter of languages.<br> ><br> > 4. Remember that what we are arguing about is not providing access<br> > to data about suspected legal persons through the SSAD. We are<br> > arguing about Automatic disclosure based on the choice the individual<br> > makes, legal or natural person. As I have said before, the skies are<br> > not going to fall if the legitimate requestors have to request the<br> > data and get it in one or two business days, as opposed to having it<br> > pre-emptively disclosed. Remember that the registrar or his<br> > reseller has a wealth of other day about their customer that is<br> > "below the surface", most importantly credit card info, billing<br> > address for the credit card, emails, IP address etc. They can look<br> > at that data if necessary, to figure out whether they are dealing<br> > with a company or a person. However, the SSAD does not have access<br> > to that data. If we encourage this differentiation by putting<br> > guidance into the policy, then we are heading for the slippery slope<br> > of automated disclosure. Remember that there is already a section in<br> > there that once the data has been verified as pertaining to a legal<br> > person and not containing personal data, it MUST be disclosed. What<br> > happens when that legal entity moves to a jurisdiction where<br> > employees have privacy rights, either under data protection law or<br> > other laws such as labour laws or contracts? There is a good chance<br> > that some of their data becomes personal.<br> ><br> > 5. Registrars already have excellent advice for their members<br> > available through their own websites. Remember that at ICANN we are<br> > only dealing with the big ones, and the responsible ones. We have to<br> > consider whether any activity we sanction in this policy induces the<br> > lazy ones to cut corners. They are used to disclosing everything in<br> > the WHOIS, if given an opportunity to revert to that by creating this<br> > distinction, they will most likely do what is easiest. At the<br> > moment, under the temp spec and article 6, the easiest thing to do is<br> > to consider these grey area folks as natural persons unless proven<br> > otherwise, and protect the data. Why on earth would we not choose<br> > this option? There is no law telling us to do otherwise, and there<br> > is certainly a great deal of law out there that makes differentiation<br> > a legal risk that carries liability and cost. We want domain names<br> > to remain affordable, and we want our people protected.<br> ><br> > 6. One more thing: remember that not all domain names are used for<br> > websites engaged in commerce. Some are being held by individuals for<br> > future use. Disclosure provides market information to big players<br> > who may want to prevent the name from being used, or to purchase<br> > them, but there is no harm emanating from them in dormancy, and small<br> > players need not have their competitive positions compromised in this<br> > way. Most of the online crime that we hear adduced to justify<br> > disclosure of data is coming from websites. Websites can be<br> > regulated to protect consumers, but that is not within ICANN's<br> > bailiwick. Folks come to ICANN to demand this activity because other<br> > multilateral instruments have failed, but given the lack of oversight<br> > over ICANN, the responsibility to ensure fairness and human rights<br> > are respected falls on the shoulders of the stakeholders engaged here.<br> ><br> > 7. Finally: Several folks are worried that governments will<br> > regulate if we do not concede here. I say let them, the Courts and<br> > the Constitution and the much more rigorous defences against<br> > incursions into human rights available within countries will<br> > prevail. It certainly will in the EU, where the draft NIS is<br> > progressing.....I keep pointing out the Opinion of the European Data<br> > Protection Supervisor on this matter, so one more time here it is<br> > <a href="https://www.google.com/search?client=firefox-b-d&q=edps+on+the+nis+directive" target="_blank">https://www.google.com/search?client=firefox-b-d&q=edps+on+the+nis+directive</a>. As for the increasing number of autocratic countries interested in curtailing the free speech and internet rights of their citizens, they are regulating anyway and nothing that ICANN does is going to persuade them otherwise. A good example of us falling on the side of customer protection might at least give those individuals in these countries something to point to, as opposed to caving in to<br> > threats.<br> ><br> > cheers Stephanie Perrin<br> ><br> > On 2021-04-27 11:56 p.m., 陳曼茹 Manju Chen wrote:<br> >> *EXTERNAL EMAIL:*<br> >> Hi all,<br> >><br> >> This has been a very helpful discussion. Our ultimate goal is to<br> >> finalize an NCSG position, and I'd like to provide some context in<br> >> the interest of reaching that goal.<br> >><br> >> Some have pointed out that the question of 'do you agree to publish<br> >> your data' is a much better one than 'are you a legal or natural<br> >> person'. I totally agree. But we already have that in the policy. In<br> >> the EPDP phase 1 final report, recommendation #6 reads:<br> >><br> >> The EPDP Team recommends that, as soon as commercially reasonable,<br> >> Registrar must provide the opportunity for the Registered Name<br> >> Holder to provide its Consent to publish redacted contact<br> >> information, as well as the email address, in the RDS for the<br> >> sponsoring registrar.<br> >><br> >><br> >> In the EPDP phase2A, the WG is tasked to address the following questions:<br> >><br> >> 1. Whether any updates are required to the EPDP Phase 1<br> >> recommendation on this topic (“Registrars and Registry Operators<br> >> are permitted to differentiate between registrations of legal and<br> >> natural persons, but are not obligated to do so“);<br> >> 2. What guidance, if any, can be provided to Registrars and/or<br> >> Registries who differentiate between registrations of legal and<br> >> natural persons.<br> >><br> >> So it's not that we 'want' the distinction of natural vs. legal.<br> >> It's the task we're given, and per the WG chair's last email to the<br> >> EPDP team, it's not something we can avoid. We have to stick to the<br> >> 'natural vs. legal persons' rhetoric to answer the questions.<br> >><br> >> Of course, we can simply assert that 'there's no update needed' and<br> >> let the contracted parties do whatever they want when they feel like<br> >> making the distinction. I was personally very tempted by this option<br> >> every now and then. However, as Milton pointed out in another email,<br> >> we are already developing guidance in the EPDP, so that option seems<br> >> far-fetched.<br> >><br> >> I hope this explains some of the confusion and helps us to consider<br> >> Milton's 4 options in the other email.<br> >><br> >> Thanks!<br> >><br> >><br> >> Best,<br> >> Manju<br> >><br> >> On Wed, Apr 28, 2021 at 4:40 AM Mark Leiser <<a href="mailto:[log in to unmask]">[log in to unmask]</a><br> >> <mailto:<a href="mailto:[log in to unmask]>>">[log in to unmask]>></a> wrote:<br> >><br> >> Hi Milton,<br> >><br> >> First let me say I completely agree with you on your statements<br> >> about European data privacy. I feel like I've dedicated most of my<br> >> professional life arguing about the dangers of privacy and data<br> >> protection maximalism - yet almost always feel like my arguments<br> >> on deaf ears. While people are arguing that 'everything is<br> >> personal data', I've been arguing that this makes the regime<br> >> unmanageable.<br> >><br> >> So let me try to explain 'relating to' with reference to 'Milton<br> >> Mueller's Porkbelly Diner'. Because of Recital 14, this would<br> >> amount to a legal person. It's pretty clear that the intention of<br> >> the GDPR's drafters was to exclude legal persons. However, let's<br> >> say you have registered 'MM Porkbelly Diner' in the register of<br> >> companies. I think you would agree that this would amount to<br> >> information about a legal person. But say someone searched the<br> >> company register and discovered Milton Mueller was the principal<br> >> shareholder of MM Porkbelly Diner. This is an identifier which<br> >> would /tie nformation about Milton Mueller to/ 'MM PorkBelly<br> >> Diner'. Therefore, this is 'any information' 'relating to' an<br> >> identified or identifiable living person. It would be reasonable<br> >> to infer that MM registered in the registrar database under MM<br> >> PorkBelly Diner is the same as the Milton Mueller that is in the<br> >> register of companies. The fact that someone can combine the<br> >> knowledge from the company register with the knowledge from the<br> >> registrar database could make 'MM Porkbelly Diner' personal data<br> >> under Article 4(1) of the GDPR. Someone who did not disclose their<br> >> identity at all could still be identifiable; hence, the perceived<br> >> need for protection in the EU data protection regime.<br> >><br> >> "Iam saying that the user, the registrant, gets to decide what is<br> >> personal data or not, because THERE IS NO OBJECTIVE, CLEAR LEGAL<br> >> DEFINITION" is, on the surface, problematic. It doesn't matter<br> >> whether the user says NO or YES or the registrar says no or yes,<br> >> or whether it is objective or clear, the test is whether any<br> >> information can be combined with other information to reveal an<br> >> identifiable living person. I would argue, absent a wholesale<br> >> change in the reasoning used by the CJEU, this would remain the<br> >> case for the foreseeable future. This is not intended as a Mark<br> >> Leiser argument or an attempt to discredit what you are saying,<br> >> but an honest account of how I think the Courts and the EU data<br> >> protection Board would react to what you are proposing.<br> >><br> >> You asked about IP addresses<br> >> <br> >> <<a href="https://iapp.org/news/a/are-ip-addresses-generated-when-users-visit-websites-personal-information/#:~:text=Under%20the%20EU%20General%20Data,header%20information%20that%20website%20hosts" target="_blank">https://iapp.org/news/a/are-ip-addresses-generated-when-users-visit-websites-personal-information/#:~:text=Under%20the%20EU%20General%20Data,header%20information%20that%20website%20hosts</a>>,<br> >> 'port numbers', 'browser config', etc could be used to identify<br> >> you personally. Yes, absolutely. This is personal data in the EU -<br> >> if it can relate to a living person. What your writing here<br> >> reveals, is that you are a little confused about how the GDPR<br> >> works - the GDPR does not rely on 'consent' or 'explicit<br> >> permission' as the only basis for processing personal data.<br> >> Remember the GDPR has six grounds of processing<br> >> <<a href="https://gdpr-info.eu/art-6-gdpr/" target="_blank">https://gdpr-info.eu/art-6-gdpr/</a>>. It is a prohibitive<br> >> regulation. You cannot process personal data in the EU unless you<br> >> satisfy one of those six grounds. Most companies will NOT be<br> >> processing on the basis of 'consent' but on 'legitimate interests'<br> >> (Article 6(1)(f)) or performance of a contract (Article 6(1)(b)).<br> >> Don't worry, this is an extremely common mistake among American<br> >> attorneys! As most of these items are "technical', I would also<br> >> imagine that there is a 'legal requirement' (another ground) or a<br> >> lawful basis. All ISPs will be processing personal data through<br> >> 'IP addresses', 'port browsers', and 'browser config' because of<br> >> the legal basis found in Article 15 of the e-Privacy Directive<br> >> <br> >> <<a href="https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32002L0058&from=EN" target="_blank">https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32002L0058&from=EN</a>> which<br> >> provides Member States with a specific exemption for the purposes<br> >> of national security. If not covered by this, I would imagine they<br> >> would rely on 'legitimate interests' as their ground instead.<br> >><br> >> Finally, even if a registrar has a legitimate interest in<br> >> processing someone's personal data, this does not address the<br> >> /privacy /requirements that i indicated in my previous email.<br> >> Unless there is a specific provision put into law, I do not know<br> >> how the registrar can remain compliant with the GDPR and the EU's<br> >> privacy requirements. In fact, I don't know how the EU can even<br> >> comment on this, because, of course, the EU Charter is a legal<br> >> framework completely distinct from the European Convention of<br> >> Human Rights.<br> >><br> >> One more thing to consider - if you choose to disclose your name,<br> >> address, and designate as the contact person of a legal person,<br> >> what happens when that person exercises their 'right to be<br> >> forgotten' right under Article 17 GDPR. Maybe Milton Mueller the<br> >> person chooses to leave the legal entity MM Porkbelly Diner,<br> >> adopts a vegan lifestyle, and wants no affiliation with the<br> >> business? If it's published, he can demand a correction of the<br> >> database thereof. So what then?<br> >><br> >> Regards,<br> >><br> >> Mark<br> >><br> >> *Dr Mark Leiser | Law and Digital Technologies | FRSA FHEA |*<br> >><br> >><br> >> On Tue, 27 Apr 2021 at 20:35, Mueller, Milton L <<a href="mailto:[log in to unmask]">[log in to unmask]</a><br> >> <mailto:<a href="mailto:[log in to unmask]>>">[log in to unmask]>></a> wrote:<br> >><br> >> Mark,<br> >><br> >> Thanks for your intervention. Here is the complete definition<br> >> of personal data in GDPR:<br> >><br> >> ‘personal data’ means any information relating to an<br> >> identified or identifiable natural person (‘data subject’); an<br> >> identifiable natural person is one who can be identified,<br> >> directly or indirectly, in particular by reference to an<br> >> identifier such as a name, an identification number, location<br> >> data, an online identifier or to one or more factors specific<br> >> to the physical, physiological, genetic, mental, economic,<br> >> cultural or social identity of that natural person;<br> >><br> >> Alas, this raises more questions than it answers. It is not<br> >> entirely clear what “relating to” means in this construct.<br> >> E.g., if the name of my company is Milton Mueller’s Porkbelly<br> >> Diner, is the name relating to me as a person, or to my<br> >> business? Strictly speaking it’s a business name. But it could<br> >> be used to identify me. An overly broad interpretation of this<br> >> definition would classify ANY data about ANYTHING as “personal<br> >> data” because at some point it could be “related to” an<br> >> “identifiable natural person.” So suddenly the business name<br> >> becomes personal data. Or a bunch of obscure technical<br> >> indicators inherent in your use of the internet, such as port<br> >> numbers, browser config, etc., could be “related” to your ISP<br> >> account number, and then used to identify you, personally. But<br> >> does that mean that every website and hosting service in the<br> >> world that uses that technical data in the course of their<br> >> operations cannot process that info without your explicit<br> >> permission, because it’s “personal data?” I hope not, because<br> >> the internet would cease to function if so.<br> >><br> >> >Therefore, <a href="mailto:[log in to unmask]">[log in to unmask]</a> <mailto:<a href="mailto:[log in to unmask]>">[log in to unmask]></a> is personal<br> >> data if someone behind it is identifiable.<br> >><br> >> My point is that whether the user of <a href="mailto:[log in to unmask]">[log in to unmask]</a><br> >> <mailto:<a href="mailto:[log in to unmask]>">[log in to unmask]></a> is identifiable does not depend on<br> >> that chunk of data, but on a bunch of activities that relate<br> >> that data to other things. And in a digital world with<br> >> powerful processing capabilities, no one can fully control<br> >> those correlations and searches. Any attempt to do so simply<br> >> cripples the entire information economy. So the idea of<br> >> looking at a registration record and saying “is there personal<br> >> data in here or not” is a completely invalid test.<br> >><br> >> There is an eerie similarity between these exaggerated<br> >> applications of privacy law and the copyright maximalists of<br> >> the 1990s. The IP interests thought you needed permission to<br> >> transmit a copyrighted work over the internet, a claim that<br> >> would have crippled ISPs who had no idea what packets were<br> >> parts of copyrighted material or not. Privacy maximalists have<br> >> reached the same point of absurdity, but they don’t seem to<br> >> realize it. They are no longer protecting a tangible privacy<br> >> interest of internet users, they are trying to give<br> >> individuals rigid control over information exchanges and<br> >> imposing largely meaningless consent requirements that do no<br> >> one any good.<br> >><br> >> >The confusion comes from Recital 14 of the GDPR which states<br> >> that it only applies to natural persons and does not cover the<br> >> processing of personal data concerning legal persons, in<br> >> particular undertakings established as legal persons or legal<br> >> entities. This also includes the name of the legal person, the<br> >> form, and the contact details of the legal person.But the<br> >> second you start adding identifiers to these details, it stops<br> >> becoming the data of a 'legal person' and starts becoming<br> >> personal data.<br> >><br> >> Yes, indeed, the GDPR is confused on this score.<br> >> Unfortunately, you don’t escape that confusion by saying<br> >> “adding identifiers” is the problem. Your argument fails<br> >> because names of legal persons and contact details ARE<br> >> “identifiers,” they are just identifiers of legal persons. As<br> >> I pointed out they can easily overlap with, or be used to<br> >> identify, natural persons.<br> >><br> >> So my basic point is that we do not solve this problem by<br> >> reference to GDPR definitions. In fact if GDPR is taken<br> >> literally no one can ever publish and share any kind of<br> >> information without absurd overhead and legal bureaucracy,<br> >> because ALL of it can be used to identify you in some way.<br> >> These kinds of interpretations actually discredit privacy laws<br> >> and protections, by taking them to counterproductive lengths.<br> >> We have to make common sense-based, practical distinctions<br> >> between what data needs protection, what data can be easily<br> >> shared at the registrants’ choice.<br> >><br> >> Secondly, I find this statement, "I think it is simplest to<br> >> just say to the registrant, if you’re a company and don’t mind<br> >> (or even want) your data to be published, check this box. If<br> >> you’re not, or you do mind, don’t check it." to be BOTH<br> >> perplexing and inaccurate. Whether someone checks the box, or<br> >> does not check the box is completely irrelevant for<br> >> determining whether it is personal data. Whether someone<br> >> checks the box is a question of CONSENT to processing AND<br> >> publication, not whether this amounts to personal data.<br> >><br> >> We actually seem to agree here, more than you think. I am<br> >> saying that the user, the registrant, gets to decide what is<br> >> personal data or not, because THERE IS NO OBJECTIVE, CLEAR<br> >> LEGAL DEFINITION. So the user can decide whether they want to<br> >> be classified as a legal person and “consent” to publishing<br> >> their data or not. As an example, that if I decide that<br> >> publishing the name of “Milton Mueller’s Porkbelly Diner” is<br> >> not a violation of my privacy, it isn’t. It doesn’t matter<br> >> what the European Union says, it’s my choice.<br> >><br> >> And let’s not overlook the embarrassing fact that the European<br> >> Union is now one of the key players pushing hard for<br> >> publication of legal person data. But I’ll leave that one to<br> >> later.<br> >><br> <br></p> </body> </html> --=_G7R-t8JtcKOpo7L83k4emWf-- ========================================================================= Date: Thu, 29 Apr 2021 14:06:20 +1000 Reply-To: Tomslin Samme-Nlar <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: Tomslin Samme-Nlar <[log in to unmask]> Subject: Re: DRAFT COMMENT - GNSO Review of All Rights Protection Mechanisms in All gTLDs Policy Development Process Phase 1 Final Recommendations for ICANN Board Consideration X-To: ncsg-pc <[log in to unmask]> In-Reply-To: <[log in to unmask]> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="000000000000e4156205c1149e2b" Message-ID: <[log in to unmask]> --000000000000e4156205c1149e2b Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Dear members and PC, We have a draft comment on this proceeding which has been kindly drafted by Pedro de Perdig=C3=A3o found here: https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFelOAxyAK0THFb= j6io/edit?usp=3Dsharing Unfortunately, we have only 2 days to review/edit. So could members, especially the PC please review? Cheers, Tomslin On Tue., 13 Apr. 2021, 21:36 Tomslin Samme-Nlar, <[log in to unmask]> wrote: > Dear members, > > There is a running public proceeding seeking to obtain community input > prior to the Board action on the Phase 1 final recommendations of the GNS= O > Review of All Rights Protection Mechanisms (RPMs) in All gTLDs Policy > Development Process (PDP) > > Please let me know off-list if you'd like to volunteer for the comment > drafting. It'll be nice to have more than one volunteer. > > The comment period closes on 30 April 2021. > > More information on the public comment can be found here : > https://www.icann.org/public-comments/gnso-rpm-pdp-phase-1-final-recommen= dations-2021-04-07-en > > A draft Google doc for the comment can be found here: > https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFelOAxyAK0TH= Fbj6io/edit?usp=3Dsharing > > You can find previous NCSG comments here: > https://community.icann.org/display/gnsononcomstake/Public+Comments+-+202= 1 > > Regards, > Tomslin > > --000000000000e4156205c1149e2b Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"auto"><div>Dear members and PC,<div dir=3D"auto"><br></div><div= dir=3D"auto">We have a draft comment on this proceeding which has been kin= dly drafted by=C2=A0Pedro de Perdig=C3=A3o found here:=C2=A0<a href=3D"http= s://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFelOAxyAK0THFbj6io= /edit?usp=3Dsharing" style=3D"font-family:sans-serif">https://docs.google.c= om/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFelOAxyAK0THFbj6io/edit?usp=3Dshari= ng</a></div><div dir=3D"auto"><br></div><div dir=3D"auto">Unfortunately, we= have only 2 days to review/edit. So could members, especially the PC pleas= e review?</div><div dir=3D"auto"><br><div data-smartmail=3D"gmail_signature= " dir=3D"auto">Cheers,<br>Tomslin<br>=C2=A0=C2=A0=C2=A0 </div></div><br><di= v class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Tue., 13 A= pr. 2021, 21:36 Tomslin Samme-Nlar, <<a href=3D"mailto:mesumbeslin@gmail= .com" rel=3D"noreferrer noreferrer" target=3D"_blank">[log in to unmask] </a>> wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:= 0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir=3D"ltr"><d= iv>Dear members,</div><div><br></div><div>There is a running public proceed= ing seeking to obtain community input prior to the Board action on the Phas= e 1 final recommendations of the GNSO Review of All Rights Protection Mecha= nisms (RPMs) in All gTLDs Policy Development Process (PDP)</div><div><br></= div><div>Please let me know off-list if you'd like to volunteer for the= comment drafting. It'll be nice to have more than one volunteer.<br></= div><div><br></div><div> The comment period closes on 30 April 2021. <br></div><div><br></div><div>M= ore information on the public comment can be found here : <a href=3D"https:= //www.icann.org/public-comments/gnso-rpm-pdp-phase-1-final-recommendations-= 2021-04-07-en" rel=3D"noreferrer noreferrer noreferrer" target=3D"_blank">h= ttps://www.icann.org/public-comments/gnso-rpm-pdp-phase-1-final-recommendat= ions-2021-04-07-en</a><br><br>A draft Google doc for the comment can be fou= nd here: <a href=3D"https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpS= FnpPRiFelOAxyAK0THFbj6io/edit?usp=3Dsharing" rel=3D"noreferrer noreferrer n= oreferrer" target=3D"_blank">https://docs.google.com/document/d/1sfowGrsBgw= wCieCaKpSFnpPRiFelOAxyAK0THFbj6io/edit?usp=3Dsharing</a><br><br>You can fin= d previous NCSG comments here: <a href=3D"https://community.icann.org/displ= ay/gnsononcomstake/Public+Comments+-+2021" rel=3D"noreferrer noreferrer nor= eferrer" target=3D"_blank">https://community.icann.org/display/gnsononcomst= ake/Public+Comments+-+2021</a><br><br></div><div><div dir=3D"ltr" data-smar= tmail=3D"gmail_signature"><div dir=3D"ltr"><div><div dir=3D"ltr"><div><div = dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"= ltr"><div dir=3D"ltr"><div>Regards,<br></div>Tomslin<div><span style=3D"col= or:rgb(0,0,0);font-size:12.8px"><br></span></div></div></div></div></div></= div></div></div></div></div></div></div></div></div> </blockquote></div></div></div> --000000000000e4156205c1149e2b-- ========================================================================= Date: Thu, 29 Apr 2021 13:18:03 +0000 Reply-To: "Mueller, Milton L" <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: "Mueller, Milton L" <[log in to unmask]> Subject: Re: EPDP policy issues - [adding Kathy] X-To: Stephanie E Perrin <[log in to unmask]> In-Reply-To: <[log in to unmask]> Content-Type: multipart/alternative; boundary="_000_BN7PR07MB468972ABF9C9B637CBEC2CA6A15F9BN7PR07MB4689namp_" MIME-Version: 1.0 Message-ID: <[log in to unmask]> --_000_BN7PR07MB468972ABF9C9B637CBEC2CA6A15F9BN7PR07MB4689namp_ Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 U3RlcGhhbmllOg0KSGVscCB1cyBvdXQgaGVyZTogd2hpY2ggZG8geW91IHByZWZlcj8NCk9wdGlv biAxDQpPcHRpb24gMg0KT3B0aW9uIDMNCk9wdGlvbiA0DQoNClNwZW50IDIwIG1pbnV0ZXMgb24g eW91ciBtZXNzYWdlIGJlbG93LiBTdGlsbCBkb27igJl0IGtub3cgdGhlIGFuc3dlciB0byB0aGUg cXVlc3Rpb24NCi0tTU0NCg0KRnJvbTogTkNTRy1EaXNjdXNzIDxOQ1NHLURJU0NVU1NATElTVFNF UlYuU1lSLkVEVT4gT24gQmVoYWxmIE9mIFN0ZXBoYW5pZSBFIFBlcnJpbg0KU2VudDogV2VkbmVz ZGF5LCBBcHJpbCAyOCwgMjAyMSAxMDo1MyBBTQ0KVG86IE5DU0ctRElTQ1VTU0BMSVNUU0VSVi5T WVIuRURVDQpTdWJqZWN0OiBSZTogRVBEUCBwb2xpY3kgaXNzdWVzIC0gW2FkZGluZyBLYXRoeV0N Cg0KDQpUaGFua3MgYWdhaW4gTWFuanUsIGZvciB5b3VyIHVudGlyaW5nIGVmZm9ydHMgdG8gZ2V0 IHVzIHRvIHNvbHZlIHRoaXMgZGlzYWdyZWVtZW50IGFib3V0IG5leHQgc3RlcHMuICBJIGFtIGdv aW5nIHRvIHRyeSB0byBzdW1tYXJpemUgbXkgdGhpbmtpbmcgb24gdGhpcywgd2l0aG91dCBkaXZp bmcgaW50byB0aGUgY29tcGxleGl0eSBvZiB0aGUgbGF3IGFuZCB0aGUgZGlmZmljdWx0aWVzIGlu aGVyZW50IGluIGltcGxlbWVudGluZyBpdC4NCg0KMS4gIFRoZSBwdXNoIHRvIGRpc3Rpbmd1aXNo IGJldHdlZW4gbGVnYWwgYW5kIG5hdHVyYWwgaXMgbm90IG5ldy4gIFdlIGZvdWdodCBpdCBpbiB0 aGUgUFBTQUksIGFuZCB3b24uICBJbiBwaGFzZSAxIEVQRFAsIHdlIG1hbmFnZWQgdG8gZ2V0IHJl Y29tbWVuZGF0aW9uICM2IHRocm91Z2gsIGJ1dCB3aXRoIHRoZSBjb25jZXNzaW9uIHRoYXQgSUNB Tk4gd291bGQgZG8gYSBzdHVkeSBvbiBsZWdhbCBuYXR1cmFsLCBhbmQgdGhhdCB3ZSB3b3VsZCBy ZWV4YW1pbmUuICBNeSBwb3NpdGlvbiBpcyBiYXNpY2FsbHkgSE9MRCBUSEFUIExJTkUhICBXZSBk byBub3QgbmVlZCB0byBjaGFuZ2Ugb3VyIHBvc2l0aW9uLCB3ZSBjYW4gZXhhbWluZSB0aGUgbWF0 dGVyLCB0YWtlIGEgbG9vayBhdCB3aGF0IGd1aWRhbmNlIHdvdWxkIGRvLCBhbmQgbWFpbnRhaW4g dGhlIHN0YXR1cyBxdW8uDQoNCjIuICBXZSBoYXZlIHNvdWdodCBhZHZpY2UgZnJvbSBCaXJkIGFu ZCBCaXJkIG9uIG1pdGlnYXRpbmcgdGhlIHJpc2sgdG8gY29udHJhY3RlZCBwYXJ0aWVzIGluIHRl cm1zIG9mIGhvdyB0aGV5IHByb3ZpZGUgaW5mb3JtYXRpb24gdG8gdGhlaXIgcmVnaXN0cmFudHMs IGluIG9yZGVyIHRvIGJlIGluIGZ1bGwgY29tcGxpYW5jZSB3aXRoIGRhdGEgcHJvdGVjdGlvbiBs YXcgKHZpZXdlZCB0aHJvdWdoIHRoZSBHRFBSIGxlbnMpLiAgRm9yIHRoZSBjb250cmFjdGVkIHBh cnRpZXMsIG5vdGhpbmcgaW4gdGhlcmUgZWxpbWluYXRlcyB0aGUgcmlzayB0aGF0IHRoZSBkYXRh IGNvbnRyb2xsZXIgaGFzLCBidXQgY2VydGFpbmx5IGd1aWRhbmNlIG1pdGlnYXRlcyBpdC4gIEhv d2V2ZXIsIHJlbWVtYmVyIHRoYXQgY2l2aWwgc29jaWV0eSBjYW4gdGFrZSBhIGNhc2UgdW5kZXIg R0RQUiwgYW5kIGlmIEkgd2VyZSBhZHZpc2luZyBjaXZpbCBzb2NpZXR5IGFzIHRvIGhvdyB0byB0 YWtlIGEgY2FzZSwgSSB3b3VsZCBwb2ludCBvdXQgdGhlIGhpc3Rvcnkgb2YgV0hPSVMsIHRoZSBk b2dnZWQgZGV0ZXJtaW5hdGlvbiBvZiBJQ0FOTiBhbmQgdGhlIElQIGFuZCBidXNpbmVzcyBjb21t dW5pdHkgdG8gZ2V0IGJhY2sgdG8gdGhlIGdvb2Qgb2xkIFdIT0lTLCB0aGUgbGFjayBvZiBldmlk ZW5jZSB0aGF0IGZvcmNpbmcgdGhpcyBkZXRlcm1pbmF0aW9uIG9uIHNtYWxsZXIgYWN0b3JzIHdp bGwgaW5kZWVkIHJlc3VsdCBpbiBncmVhdGVyIHNlY3VyaXR5IGFuZCBzdGFiaWxpdHkgIG9mIHRo ZSBETlMsIGFuZCB0aGUgdW5lcXVhbCBwb3dlciByZWxhdGlvbnNoaXAgYmV0d2VlbiBJQ0FOTiB0 aGUgcmVndWxhdG9yIGFuZCB0aGUgY29udHJhY3RlZCBwYXJ0aWVzIHdobyBtdXN0IGJlIGFjY3Jl ZGl0ZWQgdG8gZG8gYnVzaW5lc3MuICBUaGlyZCBwYXJ0eSBkYXRhIGFjY2Vzc29ycyBhcmUgZHJp dmluZyB0aGlzIHByb2Nlc3MsIGFuZCByZWdpc3RyYW50cyBhcmUgYmFzaWNseSBiZWluZyByZXBy ZXNlbnRlZCBieSBvdXJzZWx2ZXMsIGFuZCB0aGUgUmVnaXN0cmFycyB3aG8gaGF2ZSB0aGVtIGFz IGN1c3RvbWVycy4gIEkgdGhpbmsgd2UgaGF2ZSBhIHJlc3BvbnNpYmlsaXR5IG5vdCB0byBjYXZl IGluLg0KDQozLiAgQSB3b3JkIG9uIHNtYWxsIGJ1c2luZXNzLCBzb2xlIHByb3ByaWV0b3JzLCBh bmQgaG9tZSBiYXNlZCBlbnRyZXByZW5ldXJzIG9yIGdpZyB3b3JrZXJzLiAgV2UgYXJlIHRoZSBO b24tY29tbWVyY2lhbCBzdGFrZWhvbGRlcnMsIHNvIHdlIGRvIG5vdCBjbGFpbSB0byByZXByZXNl bnQgdGhlbS4gIEZyYW5rbHksIEkgZG9uJ3Qga25vdyB3aG8gZG9lcyBoZXJlIGF0IElDQU5OLCBp biBteSA4IHllYXJzIG9mIHZvbHVudGVlcmluZyBhdCBJQ0FOTiBJIGhhdmUgbmV2ZXIgaGVhcmQg dGhlIEFMQUMgZm9sa3MgYWR2YW5jZSBhIGNvaGVzaXZlIGFyZ3VtZW50IG9uIGJlaGFsZiBvZiB0 aGVzZSBmb2xrcyAob3IgZXZlbiBhbiBhcmd1bWVudCwgYnV0IEkgaGVzaXRhdGUgdG8gc2F5IHRo YXQgYmVjYXVzZSBzb21lb25lIHdpbGwgdHJhd2wgdGhyb3VnaCB0aGUgYXJjaGl2ZXMgYW5kIGNv bWUgdXAgd2l0aCBzb21lb25lIGRlZmVuZGluZyB0aGUgbGl0dGxlIGd1eSBhZ2FpbnN0IGdpYW50 IGNvcnBvcmF0aW9ucykuICBDZXJ0YWlubHkgdGhleSBhcmUgbm90IHNwZWFraW5nIGZvciB0aGVt IGF0IHRoZSBFUERQLCB0aGV5IGFyZSBzcGVha2luZyBmb3IgZ292ZXJubWVudCwgbGF3IGVuZm9y Y2VtZW50LCBhbmQgY3liZXJzZWN1cml0eSBvcGVyYXRpdmVzLiAgQXMgZm9sa3Mgd2hvIGNhcmUg YWJvdXQgaHVtYW4gcmlnaHRzIGFuZCBmYWlybmVzcyB0byBkZXZlbG9waW5nIGVjb25vbWllcywg SSB0aGluayB3ZSBzaG91bGQgY2FyZSBhYm91dCBob3cgbXVjaCB0aGlzIGRpZmZlcmVudGlhdGlv biBiZXR3ZWVuIGxlZ2FsIHBlcnNvbnMgYW5kIG5hdHVyYWwgcGVyc29ucyBkb2VzIG5vdCB3b3Jr IGluIGNvdW50cmllcyBvdGhlciB0aGFuIHRoZSBFVSBzdGF0ZXMgYW5kIHRoZSBVUy4gIENvdW50 cmllcyBhcm91bmQgdGhlIHdvcmxkIGhhdmUgZGlmZmVyZW50IHdheXMgdG8gZGVzY3JpYmUgc21h bGwgYnVzaW5lc3MsIGRpZmZlcmVudCB3YXlzIHRvIHJlZ3VsYXRlIGl0LCBhbmQgdGhpcyBkaWZm ZXJlbnRpYXRpb24gbWF5IG5vdCBtYXRjaCB0YXggc2NoZW1lcywgbXVuaWNpcGFsIHJlZ2lzdHJh dGlvbiBwYXR0ZXJucywgZXRjLiAgVGhlcmUgaXMgb2YgY291cnNlIGFuIGFkZGl0aW9uYWwgYmFy cmllciBpbiB0aGUgbWF0dGVyIG9mIGxhbmd1YWdlcy4NCg0KNC4gIFJlbWVtYmVyIHRoYXQgd2hh dCB3ZSBhcmUgYXJndWluZyBhYm91dCBpcyBub3QgcHJvdmlkaW5nIGFjY2VzcyB0byBkYXRhIGFi b3V0IHN1c3BlY3RlZCBsZWdhbCBwZXJzb25zIHRocm91Z2ggdGhlIFNTQUQuICBXZSBhcmUgYXJn dWluZyBhYm91dCBBdXRvbWF0aWMgZGlzY2xvc3VyZSBiYXNlZCBvbiB0aGUgY2hvaWNlIHRoZSBp bmRpdmlkdWFsIG1ha2VzLCBsZWdhbCBvciBuYXR1cmFsIHBlcnNvbi4gIEFzIEkgaGF2ZSBzYWlk IGJlZm9yZSwgdGhlIHNraWVzIGFyZSBub3QgZ29pbmcgdG8gZmFsbCBpZiB0aGUgbGVnaXRpbWF0 ZSByZXF1ZXN0b3JzIGhhdmUgdG8gcmVxdWVzdCB0aGUgZGF0YSBhbmQgZ2V0IGl0IGluIG9uZSBv ciB0d28gYnVzaW5lc3MgZGF5cywgYXMgb3Bwb3NlZCB0byBoYXZpbmcgaXQgcHJlLWVtcHRpdmVs eSBkaXNjbG9zZWQuICAgUmVtZW1iZXIgdGhhdCB0aGUgcmVnaXN0cmFyIG9yIGhpcyByZXNlbGxl ciBoYXMgYSB3ZWFsdGggb2Ygb3RoZXIgZGF5IGFib3V0IHRoZWlyIGN1c3RvbWVyIHRoYXQgaXMg ImJlbG93IHRoZSBzdXJmYWNlIiwgbW9zdCBpbXBvcnRhbnRseSBjcmVkaXQgY2FyZCBpbmZvLCBi aWxsaW5nIGFkZHJlc3MgZm9yIHRoZSBjcmVkaXQgY2FyZCwgZW1haWxzLCBJUCBhZGRyZXNzIGV0 Yy4gIFRoZXkgY2FuIGxvb2sgYXQgdGhhdCBkYXRhIGlmIG5lY2Vzc2FyeSwgdG8gZmlndXJlIG91 dCB3aGV0aGVyIHRoZXkgYXJlIGRlYWxpbmcgd2l0aCBhIGNvbXBhbnkgb3IgYSBwZXJzb24uICBI b3dldmVyLCB0aGUgU1NBRCBkb2VzIG5vdCBoYXZlIGFjY2VzcyB0byB0aGF0IGRhdGEuICBJZiB3 ZSBlbmNvdXJhZ2UgdGhpcyBkaWZmZXJlbnRpYXRpb24gYnkgcHV0dGluZyBndWlkYW5jZSBpbnRv IHRoZSBwb2xpY3ksIHRoZW4gd2UgYXJlIGhlYWRpbmcgZm9yIHRoZSBzbGlwcGVyeSBzbG9wZSBv ZiBhdXRvbWF0ZWQgZGlzY2xvc3VyZS4gUmVtZW1iZXIgdGhhdCB0aGVyZSBpcyBhbHJlYWR5IGEg c2VjdGlvbiBpbiB0aGVyZSB0aGF0IG9uY2UgdGhlIGRhdGEgaGFzIGJlZW4gdmVyaWZpZWQgYXMg cGVydGFpbmluZyB0byBhIGxlZ2FsIHBlcnNvbiBhbmQgbm90IGNvbnRhaW5pbmcgcGVyc29uYWwg ZGF0YSwgaXQgTVVTVCBiZSBkaXNjbG9zZWQuICBXaGF0IGhhcHBlbnMgd2hlbiB0aGF0IGxlZ2Fs IGVudGl0eSBtb3ZlcyB0byBhIGp1cmlzZGljdGlvbiB3aGVyZSBlbXBsb3llZXMgaGF2ZSBwcml2 YWN5IHJpZ2h0cywgZWl0aGVyIHVuZGVyIGRhdGEgcHJvdGVjdGlvbiBsYXcgb3Igb3RoZXIgbGF3 cyBzdWNoIGFzIGxhYm91ciBsYXdzIG9yIGNvbnRyYWN0cz8gIFRoZXJlIGlzIGEgZ29vZCBjaGFu Y2UgdGhhdCBzb21lIG9mIHRoZWlyIGRhdGEgYmVjb21lcyBwZXJzb25hbC4NCg0KNS4gIFJlZ2lz dHJhcnMgYWxyZWFkeSBoYXZlIGV4Y2VsbGVudCBhZHZpY2UgZm9yIHRoZWlyIG1lbWJlcnMgYXZh aWxhYmxlIHRocm91Z2ggdGhlaXIgb3duIHdlYnNpdGVzLiAgUmVtZW1iZXIgdGhhdCBhdCBJQ0FO TiB3ZSBhcmUgb25seSBkZWFsaW5nIHdpdGggdGhlIGJpZyBvbmVzLCBhbmQgdGhlIHJlc3BvbnNp YmxlIG9uZXMuICBXZSBoYXZlIHRvIGNvbnNpZGVyIHdoZXRoZXIgYW55IGFjdGl2aXR5IHdlIHNh bmN0aW9uIGluIHRoaXMgcG9saWN5IGluZHVjZXMgdGhlIGxhenkgb25lcyB0byBjdXQgY29ybmVy cy4gIFRoZXkgYXJlIHVzZWQgdG8gZGlzY2xvc2luZyBldmVyeXRoaW5nIGluIHRoZSBXSE9JUywg aWYgZ2l2ZW4gYW4gb3Bwb3J0dW5pdHkgdG8gcmV2ZXJ0IHRvIHRoYXQgYnkgY3JlYXRpbmcgdGhp cyBkaXN0aW5jdGlvbiwgdGhleSB3aWxsIG1vc3QgbGlrZWx5IGRvIHdoYXQgaXMgZWFzaWVzdC4g IEF0IHRoZSBtb21lbnQsIHVuZGVyIHRoZSB0ZW1wIHNwZWMgYW5kIGFydGljbGUgNiwgdGhlIGVh c2llc3QgdGhpbmcgdG8gZG8gaXMgdG8gY29uc2lkZXIgdGhlc2UgZ3JleSBhcmVhIGZvbGtzIGFz IG5hdHVyYWwgcGVyc29ucyB1bmxlc3MgcHJvdmVuIG90aGVyd2lzZSwgYW5kIHByb3RlY3QgdGhl IGRhdGEuICBXaHkgb24gZWFydGggd291bGQgd2Ugbm90IGNob29zZSB0aGlzIG9wdGlvbj8gIFRo ZXJlIGlzIG5vIGxhdyB0ZWxsaW5nIHVzIHRvIGRvIG90aGVyd2lzZSwgYW5kIHRoZXJlIGlzIGNl cnRhaW5seSBhIGdyZWF0IGRlYWwgb2YgbGF3IG91dCB0aGVyZSB0aGF0IG1ha2VzIGRpZmZlcmVu dGlhdGlvbiBhIGxlZ2FsIHJpc2sgdGhhdCBjYXJyaWVzIGxpYWJpbGl0eSBhbmQgY29zdC4gIFdl IHdhbnQgZG9tYWluIG5hbWVzIHRvIHJlbWFpbiBhZmZvcmRhYmxlLCBhbmQgd2Ugd2FudCBvdXIg cGVvcGxlIHByb3RlY3RlZC4NCg0KNi4gIE9uZSBtb3JlIHRoaW5nOiAgcmVtZW1iZXIgdGhhdCBu b3QgYWxsIGRvbWFpbiBuYW1lcyBhcmUgdXNlZCBmb3Igd2Vic2l0ZXMgZW5nYWdlZCBpbiBjb21t ZXJjZS4gIFNvbWUgYXJlIGJlaW5nIGhlbGQgYnkgaW5kaXZpZHVhbHMgZm9yIGZ1dHVyZSB1c2Uu ICBEaXNjbG9zdXJlIHByb3ZpZGVzIG1hcmtldCBpbmZvcm1hdGlvbiB0byBiaWcgcGxheWVycyB3 aG8gbWF5IHdhbnQgdG8gcHJldmVudCB0aGUgbmFtZSBmcm9tIGJlaW5nIHVzZWQsIG9yIHRvIHB1 cmNoYXNlIHRoZW0sIGJ1dCB0aGVyZSBpcyBubyBoYXJtIGVtYW5hdGluZyBmcm9tIHRoZW0gaW4g ZG9ybWFuY3ksIGFuZCBzbWFsbCBwbGF5ZXJzIG5lZWQgbm90IGhhdmUgdGhlaXIgY29tcGV0aXRp dmUgcG9zaXRpb25zIGNvbXByb21pc2VkIGluIHRoaXMgd2F5LiAgTW9zdCBvZiB0aGUgb25saW5l IGNyaW1lIHRoYXQgd2UgaGVhciBhZGR1Y2VkIHRvIGp1c3RpZnkgZGlzY2xvc3VyZSBvZiBkYXRh IGlzIGNvbWluZyBmcm9tIHdlYnNpdGVzLiAgV2Vic2l0ZXMgY2FuIGJlIHJlZ3VsYXRlZCB0byBw cm90ZWN0IGNvbnN1bWVycywgYnV0IHRoYXQgaXMgbm90IHdpdGhpbiBJQ0FOTidzIGJhaWxpd2lj ay4gIEZvbGtzIGNvbWUgdG8gSUNBTk4gdG8gZGVtYW5kIHRoaXMgYWN0aXZpdHkgYmVjYXVzZSBv dGhlciBtdWx0aWxhdGVyYWwgaW5zdHJ1bWVudHMgaGF2ZSBmYWlsZWQsIGJ1dCBnaXZlbiB0aGUg bGFjayBvZiBvdmVyc2lnaHQgb3ZlciBJQ0FOTiwgdGhlIHJlc3BvbnNpYmlsaXR5IHRvIGVuc3Vy ZSBmYWlybmVzcyBhbmQgaHVtYW4gcmlnaHRzIGFyZSByZXNwZWN0ZWQgZmFsbHMgb24gdGhlIHNo b3VsZGVycyBvZiB0aGUgc3Rha2Vob2xkZXJzIGVuZ2FnZWQgaGVyZS4NCg0KNy4gIEZpbmFsbHk6 ICBTZXZlcmFsIGZvbGtzIGFyZSB3b3JyaWVkIHRoYXQgZ292ZXJubWVudHMgd2lsbCByZWd1bGF0 ZSBpZiB3ZSBkbyBub3QgY29uY2VkZSBoZXJlLiAgSSBzYXkgbGV0IHRoZW0sIHRoZSBDb3VydHMg YW5kIHRoZSBDb25zdGl0dXRpb24gYW5kIHRoZSBtdWNoIG1vcmUgcmlnb3JvdXMgZGVmZW5jZXMg YWdhaW5zdCBpbmN1cnNpb25zIGludG8gaHVtYW4gcmlnaHRzIGF2YWlsYWJsZSB3aXRoaW4gY291 bnRyaWVzIHdpbGwgcHJldmFpbC4gIEl0IGNlcnRhaW5seSB3aWxsIGluIHRoZSBFVSwgd2hlcmUg dGhlIGRyYWZ0IE5JUyBpcyBwcm9ncmVzc2luZy4uLi4uSSBrZWVwIHBvaW50aW5nIG91dCB0aGUg T3BpbmlvbiBvZiB0aGUgRXVyb3BlYW4gRGF0YSBQcm90ZWN0aW9uIFN1cGVydmlzb3Igb24gdGhp cyBtYXR0ZXIsIHNvIG9uZSBtb3JlIHRpbWUgaGVyZSBpdCBpcyBodHRwczovL3d3dy5nb29nbGUu Y29tL3NlYXJjaD9jbGllbnQ9ZmlyZWZveC1iLWQmcT1lZHBzK29uK3RoZStuaXMrZGlyZWN0aXZl LiAgQXMgZm9yIHRoZSBpbmNyZWFzaW5nIG51bWJlciBvZiBhdXRvY3JhdGljIGNvdW50cmllcyBp bnRlcmVzdGVkIGluIGN1cnRhaWxpbmcgdGhlIGZyZWUgc3BlZWNoIGFuZCBpbnRlcm5ldCByaWdo dHMgb2YgdGhlaXIgY2l0aXplbnMsIHRoZXkgYXJlIHJlZ3VsYXRpbmcgYW55d2F5IGFuZCBub3Ro aW5nIHRoYXQgSUNBTk4gZG9lcyBpcyBnb2luZyB0byBwZXJzdWFkZSB0aGVtIG90aGVyd2lzZS4g IEEgZ29vZCBleGFtcGxlIG9mIHVzIGZhbGxpbmcgb24gdGhlIHNpZGUgb2YgY3VzdG9tZXIgcHJv dGVjdGlvbiBtaWdodCBhdCBsZWFzdCBnaXZlIHRob3NlIGluZGl2aWR1YWxzIGluIHRoZXNlIGNv dW50cmllcyBzb21ldGhpbmcgdG8gcG9pbnQgdG8sIGFzIG9wcG9zZWQgdG8gY2F2aW5nIGluIHRv IHRocmVhdHMuDQoNCmNoZWVycyBTdGVwaGFuaWUgUGVycmluDQpPbiAyMDIxLTA0LTI3IDExOjU2 IHAubS4sIOmZs+abvOiMuSBNYW5qdSBDaGVuIHdyb3RlOg0KRVhURVJOQUwgRU1BSUw6DQpIaSBh bGwsDQoNClRoaXMgaGFzIGJlZW4gYSB2ZXJ5IGhlbHBmdWwgZGlzY3Vzc2lvbi4gT3VyIHVsdGlt YXRlIGdvYWwgaXMgdG8gZmluYWxpemUgYW4gTkNTRyBwb3NpdGlvbiwgYW5kIEknZCBsaWtlIHRv IHByb3ZpZGUgc29tZSBjb250ZXh0IGluIHRoZSBpbnRlcmVzdCBvZiByZWFjaGluZyB0aGF0IGdv YWwuDQoNClNvbWUgaGF2ZSBwb2ludGVkIG91dCB0aGF0IHRoZSBxdWVzdGlvbiBvZiAnZG8geW91 IGFncmVlIHRvIHB1Ymxpc2ggeW91ciBkYXRhJyBpcyBhIG11Y2ggYmV0dGVyIG9uZSB0aGFuICdh cmUgeW91IGEgbGVnYWwgb3IgbmF0dXJhbCBwZXJzb24nLiBJIHRvdGFsbHkgYWdyZWUuIEJ1dCB3 ZSBhbHJlYWR5IGhhdmUgdGhhdCBpbiB0aGUgcG9saWN5LiBJbiB0aGUgRVBEUCBwaGFzZSAxIGZp bmFsIHJlcG9ydCwgcmVjb21tZW5kYXRpb24gIzYgcmVhZHM6DQpUaGUgRVBEUCBUZWFtIHJlY29t bWVuZHMgdGhhdCwgYXMgc29vbiBhcyBjb21tZXJjaWFsbHkgcmVhc29uYWJsZSwgUmVnaXN0cmFy IG11c3QgcHJvdmlkZSB0aGUgb3Bwb3J0dW5pdHkgZm9yIHRoZSBSZWdpc3RlcmVkIE5hbWUgSG9s ZGVyIHRvIHByb3ZpZGUgaXRzIENvbnNlbnQgdG8gcHVibGlzaCByZWRhY3RlZCBjb250YWN0IGlu Zm9ybWF0aW9uLCBhcyB3ZWxsIGFzIHRoZSBlbWFpbCBhZGRyZXNzLCBpbiB0aGUgUkRTIGZvciB0 aGUgc3BvbnNvcmluZyByZWdpc3RyYXIuDQoNCkluIHRoZSBFUERQIHBoYXNlMkEsIHRoZSBXRyBp cyB0YXNrZWQgdG8gYWRkcmVzcyB0aGUgZm9sbG93aW5nIHF1ZXN0aW9uczoNCg0KICAxLiAgV2hl dGhlciBhbnkgdXBkYXRlcyBhcmUgcmVxdWlyZWQgdG8gdGhlIEVQRFAgUGhhc2UgMSByZWNvbW1l bmRhdGlvbiBvbiB0aGlzIHRvcGljICjigJxSZWdpc3RyYXJzIGFuZCBSZWdpc3RyeSBPcGVyYXRv cnMgYXJlIHBlcm1pdHRlZCB0byBkaWZmZXJlbnRpYXRlIGJldHdlZW4gcmVnaXN0cmF0aW9ucyBv ZiBsZWdhbCBhbmQgbmF0dXJhbCBwZXJzb25zLCBidXQgYXJlIG5vdCBvYmxpZ2F0ZWQgdG8gZG8g c2/igJwpOw0KICAyLiAgV2hhdCBndWlkYW5jZSwgaWYgYW55LCBjYW4gYmUgcHJvdmlkZWQgdG8g UmVnaXN0cmFycyBhbmQvb3IgUmVnaXN0cmllcyB3aG8gZGlmZmVyZW50aWF0ZSBiZXR3ZWVuIHJl Z2lzdHJhdGlvbnMgb2YgbGVnYWwgYW5kIG5hdHVyYWwgcGVyc29ucy4NClNvIGl0J3Mgbm90IHRo YXQgd2UgJ3dhbnQnIHRoZSBkaXN0aW5jdGlvbiBvZiBuYXR1cmFsIHZzLiBsZWdhbC4gSXQncyB0 aGUgdGFzayB3ZSdyZSBnaXZlbiwgYW5kIHBlciB0aGUgV0cgY2hhaXIncyBsYXN0IGVtYWlsIHRv IHRoZSBFUERQIHRlYW0sIGl0J3Mgbm90IHNvbWV0aGluZyB3ZSBjYW4gYXZvaWQuIFdlIGhhdmUg dG8gc3RpY2sgdG8gdGhlICduYXR1cmFsIHZzLiBsZWdhbCBwZXJzb25zJyByaGV0b3JpYyB0byBh bnN3ZXIgdGhlIHF1ZXN0aW9ucy4NCg0KT2YgY291cnNlLCB3ZSBjYW4gc2ltcGx5IGFzc2VydCB0 aGF0ICd0aGVyZSdzIG5vIHVwZGF0ZSBuZWVkZWQnIGFuZCBsZXQgdGhlIGNvbnRyYWN0ZWQgcGFy dGllcyBkbyB3aGF0ZXZlciB0aGV5IHdhbnQgd2hlbiB0aGV5IGZlZWwgbGlrZSBtYWtpbmcgdGhl IGRpc3RpbmN0aW9uLiBJIHdhcyBwZXJzb25hbGx5IHZlcnkgdGVtcHRlZCBieSB0aGlzIG9wdGlv biBldmVyeSBub3cgYW5kIHRoZW4uIEhvd2V2ZXIsIGFzIE1pbHRvbiBwb2ludGVkIG91dCBpbiBh bm90aGVyIGVtYWlsLCB3ZSBhcmUgYWxyZWFkeSBkZXZlbG9waW5nIGd1aWRhbmNlIGluIHRoZSBF UERQLCBzbyB0aGF0IG9wdGlvbiBzZWVtcyBmYXItZmV0Y2hlZC4NCg0KSSBob3BlIHRoaXMgZXhw bGFpbnMgc29tZSBvZiB0aGUgY29uZnVzaW9uIGFuZCBoZWxwcyB1cyB0byBjb25zaWRlciBNaWx0 b24ncyA0IG9wdGlvbnMgaW4gdGhlIG90aGVyIGVtYWlsLg0KDQpUaGFua3MhDQoNCg0KQmVzdCwN Ck1hbmp1DQoNCk9uIFdlZCwgQXByIDI4LCAyMDIxIGF0IDQ6NDAgQU0gTWFyayBMZWlzZXIgPG1h cmtsZWlzZXJAZ21haWwuY29tPG1haWx0bzptYXJrbGVpc2VyQGdtYWlsLmNvbT4+IHdyb3RlOg0K SGkgTWlsdG9uLA0KDQpGaXJzdCBsZXQgbWUgc2F5IEkgY29tcGxldGVseSBhZ3JlZSB3aXRoIHlv dSBvbiB5b3VyIHN0YXRlbWVudHMgYWJvdXQgRXVyb3BlYW4gZGF0YSBwcml2YWN5LiBJIGZlZWwg bGlrZSBJJ3ZlIGRlZGljYXRlZCBtb3N0IG9mIG15IHByb2Zlc3Npb25hbCBsaWZlIGFyZ3Vpbmcg YWJvdXQgdGhlIGRhbmdlcnMgb2YgcHJpdmFjeSBhbmQgZGF0YSBwcm90ZWN0aW9uIG1heGltYWxp c20gLSB5ZXQgYWxtb3N0IGFsd2F5cyBmZWVsIGxpa2UgbXkgYXJndW1lbnRzIG9uIGRlYWYgZWFy cy4gV2hpbGUgcGVvcGxlIGFyZSBhcmd1aW5nIHRoYXQgJ2V2ZXJ5dGhpbmcgaXMgcGVyc29uYWwg ZGF0YScsIEkndmUgYmVlbiBhcmd1aW5nIHRoYXQgdGhpcyBtYWtlcyB0aGUgcmVnaW1lIHVubWFu YWdlYWJsZS4NCg0KU28gbGV0IG1lIHRyeSB0byBleHBsYWluICdyZWxhdGluZyB0bycgd2l0aCBy ZWZlcmVuY2UgdG8gJ01pbHRvbiBNdWVsbGVyJ3MgUG9ya2JlbGx5IERpbmVyJy4gQmVjYXVzZSBv ZiBSZWNpdGFsIDE0LCB0aGlzIHdvdWxkIGFtb3VudCB0byBhIGxlZ2FsIHBlcnNvbi4gSXQncyBw cmV0dHkgY2xlYXIgdGhhdCB0aGUgaW50ZW50aW9uIG9mIHRoZSBHRFBSJ3MgZHJhZnRlcnMgd2Fz IHRvIGV4Y2x1ZGUgbGVnYWwgcGVyc29ucy4gSG93ZXZlciwgbGV0J3Mgc2F5IHlvdSBoYXZlIHJl Z2lzdGVyZWQgJ01NIFBvcmtiZWxseSBEaW5lcicgaW4gdGhlIHJlZ2lzdGVyIG9mIGNvbXBhbmll cy4gSSB0aGluayB5b3Ugd291bGQgYWdyZWUgdGhhdCB0aGlzIHdvdWxkIGFtb3VudCB0byBpbmZv cm1hdGlvbiBhYm91dCBhIGxlZ2FsIHBlcnNvbi4gQnV0IHNheSBzb21lb25lIHNlYXJjaGVkIHRo ZSBjb21wYW55IHJlZ2lzdGVyIGFuZCBkaXNjb3ZlcmVkIE1pbHRvbiBNdWVsbGVyIHdhcyB0aGUg cHJpbmNpcGFsIHNoYXJlaG9sZGVyIG9mIE1NIFBvcmtiZWxseSBEaW5lci4gVGhpcyBpcyBhbiBp ZGVudGlmaWVyIHdoaWNoIHdvdWxkIHRpZSBuZm9ybWF0aW9uIGFib3V0IE1pbHRvbiBNdWVsbGVy IHRvICdNTSBQb3JrQmVsbHkgRGluZXInLiBUaGVyZWZvcmUsIHRoaXMgaXMgJ2FueSBpbmZvcm1h dGlvbicgJ3JlbGF0aW5nIHRvJyBhbiBpZGVudGlmaWVkIG9yIGlkZW50aWZpYWJsZSBsaXZpbmcg cGVyc29uLiBJdCB3b3VsZCBiZSByZWFzb25hYmxlIHRvIGluZmVyIHRoYXQgTU0gcmVnaXN0ZXJl ZCBpbiB0aGUgcmVnaXN0cmFyIGRhdGFiYXNlIHVuZGVyIE1NIFBvcmtCZWxseSBEaW5lciBpcyB0 aGUgc2FtZSBhcyB0aGUgTWlsdG9uIE11ZWxsZXIgdGhhdCBpcyBpbiB0aGUgcmVnaXN0ZXIgb2Yg Y29tcGFuaWVzLiBUaGUgZmFjdCB0aGF0IHNvbWVvbmUgY2FuIGNvbWJpbmUgdGhlIGtub3dsZWRn ZSBmcm9tIHRoZSBjb21wYW55IHJlZ2lzdGVyIHdpdGggdGhlIGtub3dsZWRnZSBmcm9tIHRoZSBy ZWdpc3RyYXIgZGF0YWJhc2UgY291bGQgbWFrZSAnTU0gUG9ya2JlbGx5IERpbmVyJyBwZXJzb25h bCBkYXRhIHVuZGVyIEFydGljbGUgNCgxKSBvZiB0aGUgR0RQUi4gU29tZW9uZSB3aG8gZGlkIG5v dCBkaXNjbG9zZSB0aGVpciBpZGVudGl0eSBhdCBhbGwgY291bGQgc3RpbGwgYmUgaWRlbnRpZmlh YmxlOyBoZW5jZSwgdGhlIHBlcmNlaXZlZCBuZWVkIGZvciBwcm90ZWN0aW9uIGluIHRoZSBFVSBk YXRhIHByb3RlY3Rpb24gcmVnaW1lLg0KDQogIkkgYW0gc2F5aW5nIHRoYXQgdGhlIHVzZXIsIHRo ZSByZWdpc3RyYW50LCBnZXRzIHRvIGRlY2lkZSB3aGF0IGlzIHBlcnNvbmFsIGRhdGEgb3Igbm90 LCBiZWNhdXNlIFRIRVJFIElTIE5PIE9CSkVDVElWRSwgQ0xFQVIgTEVHQUwgREVGSU5JVElPTiIg aXMsIG9uIHRoZSBzdXJmYWNlLCBwcm9ibGVtYXRpYy4gSXQgZG9lc24ndCBtYXR0ZXIgd2hldGhl ciB0aGUgdXNlciBzYXlzIE5PIG9yIFlFUyBvciB0aGUgcmVnaXN0cmFyIHNheXMgbm8gb3IgeWVz LCBvciB3aGV0aGVyIGl0IGlzIG9iamVjdGl2ZSBvciBjbGVhciwgdGhlIHRlc3QgaXMgd2hldGhl ciBhbnkgaW5mb3JtYXRpb24gY2FuIGJlIGNvbWJpbmVkIHdpdGggb3RoZXIgaW5mb3JtYXRpb24g dG8gcmV2ZWFsIGFuIGlkZW50aWZpYWJsZSBsaXZpbmcgcGVyc29uLiBJIHdvdWxkIGFyZ3VlLCBh YnNlbnQgYSB3aG9sZXNhbGUgY2hhbmdlIGluIHRoZSByZWFzb25pbmcgdXNlZCBieSB0aGUgQ0pF VSwgdGhpcyB3b3VsZCByZW1haW4gdGhlIGNhc2UgZm9yIHRoZSBmb3Jlc2VlYWJsZSBmdXR1cmUu IFRoaXMgaXMgbm90IGludGVuZGVkIGFzIGEgTWFyayBMZWlzZXIgYXJndW1lbnQgb3IgYW4gYXR0 ZW1wdCB0byBkaXNjcmVkaXQgd2hhdCB5b3UgYXJlIHNheWluZywgYnV0IGFuIGhvbmVzdCBhY2Nv dW50IG9mIGhvdyBJIHRoaW5rIHRoZSBDb3VydHMgYW5kIHRoZSBFVSBkYXRhIHByb3RlY3Rpb24g Qm9hcmQgd291bGQgcmVhY3QgdG8gd2hhdCB5b3UgYXJlIHByb3Bvc2luZy4NCg0KWW91IGFza2Vk IGFib3V0IElQIGFkZHJlc3NlczxodHRwczovL2lhcHAub3JnL25ld3MvYS9hcmUtaXAtYWRkcmVz c2VzLWdlbmVyYXRlZC13aGVuLXVzZXJzLXZpc2l0LXdlYnNpdGVzLXBlcnNvbmFsLWluZm9ybWF0 aW9uLyM6fjp0ZXh0PVVuZGVyJTIwdGhlJTIwRVUlMjBHZW5lcmFsJTIwRGF0YSxoZWFkZXIlMjBp bmZvcm1hdGlvbiUyMHRoYXQlMjB3ZWJzaXRlJTIwaG9zdHM+LCAncG9ydCBudW1iZXJzJywgJ2Jy b3dzZXIgY29uZmlnJywgZXRjIGNvdWxkIGJlIHVzZWQgdG8gaWRlbnRpZnkgeW91IHBlcnNvbmFs bHkuIFllcywgYWJzb2x1dGVseS4gVGhpcyBpcyBwZXJzb25hbCBkYXRhIGluIHRoZSBFVSAtIGlm IGl0IGNhbiByZWxhdGUgdG8gYSBsaXZpbmcgcGVyc29uLiBXaGF0IHlvdXIgd3JpdGluZyBoZXJl IHJldmVhbHMsIGlzIHRoYXQgeW91IGFyZSBhIGxpdHRsZSBjb25mdXNlZCBhYm91dCBob3cgdGhl IEdEUFIgd29ya3MgLSB0aGUgR0RQUiBkb2VzIG5vdCByZWx5IG9uICdjb25zZW50JyBvciAnZXhw bGljaXQgcGVybWlzc2lvbicgYXMgdGhlIG9ubHkgYmFzaXMgZm9yIHByb2Nlc3NpbmcgcGVyc29u YWwgZGF0YS4gUmVtZW1iZXIgdGhlIEdEUFIgaGFzIHNpeCBncm91bmRzIG9mIHByb2Nlc3Npbmc8 aHR0cHM6Ly9nZHByLWluZm8uZXUvYXJ0LTYtZ2Rwci8+LiBJdCBpcyBhIHByb2hpYml0aXZlIHJl Z3VsYXRpb24uIFlvdSBjYW5ub3QgcHJvY2VzcyBwZXJzb25hbCBkYXRhIGluIHRoZSBFVSB1bmxl c3MgeW91IHNhdGlzZnkgb25lIG9mIHRob3NlIHNpeCBncm91bmRzLiBNb3N0IGNvbXBhbmllcyB3 aWxsIE5PVCBiZSBwcm9jZXNzaW5nIG9uIHRoZSBiYXNpcyBvZiAnY29uc2VudCcgYnV0IG9uICds ZWdpdGltYXRlIGludGVyZXN0cycgKEFydGljbGUgNigxKShmKSkgb3IgcGVyZm9ybWFuY2Ugb2Yg YSBjb250cmFjdCAoQXJ0aWNsZSA2KDEpKGIpKS4gRG9uJ3Qgd29ycnksIHRoaXMgaXMgYW4gZXh0 cmVtZWx5IGNvbW1vbiBtaXN0YWtlIGFtb25nIEFtZXJpY2FuIGF0dG9ybmV5cyEgQXMgbW9zdCBv ZiB0aGVzZSBpdGVtcyBhcmUgInRlY2huaWNhbCcsIEkgd291bGQgYWxzbyBpbWFnaW5lIHRoYXQg dGhlcmUgaXMgYSAnbGVnYWwgcmVxdWlyZW1lbnQnIChhbm90aGVyIGdyb3VuZCkgb3IgYSBsYXdm dWwgYmFzaXMuIEFsbCBJU1BzIHdpbGwgYmUgcHJvY2Vzc2luZyBwZXJzb25hbCBkYXRhIHRocm91 Z2ggJ0lQIGFkZHJlc3NlcycsICdwb3J0IGJyb3dzZXJzJywgYW5kICdicm93c2VyIGNvbmZpZycg YmVjYXVzZSBvZiB0aGUgbGVnYWwgYmFzaXMgZm91bmQgaW4gQXJ0aWNsZSAxNSBvZiB0aGUgZS1Q cml2YWN5IERpcmVjdGl2ZTxodHRwczovL2V1ci1sZXguZXVyb3BhLmV1L2xlZ2FsLWNvbnRlbnQv RU4vVFhUL0hUTUwvP3VyaT1DRUxFWDozMjAwMkwwMDU4JmZyb209RU4+IHdoaWNoIHByb3ZpZGVz IE1lbWJlciBTdGF0ZXMgd2l0aCBhIHNwZWNpZmljIGV4ZW1wdGlvbiBmb3IgdGhlIHB1cnBvc2Vz IG9mIG5hdGlvbmFsIHNlY3VyaXR5LiBJZiBub3QgY292ZXJlZCBieSB0aGlzLCBJIHdvdWxkIGlt YWdpbmUgdGhleSB3b3VsZCByZWx5IG9uICdsZWdpdGltYXRlIGludGVyZXN0cycgYXMgdGhlaXIg Z3JvdW5kIGluc3RlYWQuDQoNCkZpbmFsbHksIGV2ZW4gaWYgYSByZWdpc3RyYXIgaGFzIGEgbGVn aXRpbWF0ZSBpbnRlcmVzdCBpbiBwcm9jZXNzaW5nIHNvbWVvbmUncyBwZXJzb25hbCBkYXRhLCB0 aGlzIGRvZXMgbm90IGFkZHJlc3MgdGhlIHByaXZhY3kgcmVxdWlyZW1lbnRzIHRoYXQgaSBpbmRp Y2F0ZWQgaW4gbXkgcHJldmlvdXMgZW1haWwuIFVubGVzcyB0aGVyZSBpcyBhIHNwZWNpZmljIHBy b3Zpc2lvbiBwdXQgaW50byBsYXcsIEkgZG8gbm90IGtub3cgaG93IHRoZSByZWdpc3RyYXIgY2Fu IHJlbWFpbiBjb21wbGlhbnQgd2l0aCB0aGUgR0RQUiBhbmQgdGhlIEVVJ3MgcHJpdmFjeSByZXF1 aXJlbWVudHMuIEluIGZhY3QsIEkgZG9uJ3Qga25vdyBob3cgdGhlIEVVIGNhbiBldmVuIGNvbW1l bnQgb24gdGhpcywgYmVjYXVzZSwgb2YgY291cnNlLCB0aGUgRVUgQ2hhcnRlciBpcyBhIGxlZ2Fs IGZyYW1ld29yayBjb21wbGV0ZWx5IGRpc3RpbmN0IGZyb20gdGhlIEV1cm9wZWFuIENvbnZlbnRp b24gb2YgSHVtYW4gUmlnaHRzLg0KDQpPbmUgbW9yZSB0aGluZyB0byBjb25zaWRlciAtIGlmIHlv dSBjaG9vc2UgdG8gZGlzY2xvc2UgeW91ciBuYW1lLCBhZGRyZXNzLCBhbmQgZGVzaWduYXRlIGFz IHRoZSBjb250YWN0IHBlcnNvbiBvZiBhIGxlZ2FsIHBlcnNvbiwgd2hhdCBoYXBwZW5zIHdoZW4g dGhhdCBwZXJzb24gZXhlcmNpc2VzIHRoZWlyICdyaWdodCB0byBiZSBmb3Jnb3R0ZW4nIHJpZ2h0 IHVuZGVyIEFydGljbGUgMTcgR0RQUi4gTWF5YmUgTWlsdG9uIE11ZWxsZXIgdGhlIHBlcnNvbiBj aG9vc2VzIHRvIGxlYXZlIHRoZSBsZWdhbCBlbnRpdHkgTU0gUG9ya2JlbGx5IERpbmVyLCBhZG9w dHMgYSB2ZWdhbiBsaWZlc3R5bGUsIGFuZCB3YW50cyBubyBhZmZpbGlhdGlvbiB3aXRoIHRoZSBi dXNpbmVzcz8gSWYgaXQncyBwdWJsaXNoZWQsIGhlIGNhbiBkZW1hbmQgYSBjb3JyZWN0aW9uIG9m IHRoZSBkYXRhYmFzZSB0aGVyZW9mLiBTbyB3aGF0IHRoZW4/DQoNClJlZ2FyZHMsDQoNCk1hcmsN Cg0KRHIgTWFyayBMZWlzZXIgfCBMYXcgYW5kIERpZ2l0YWwgVGVjaG5vbG9naWVzIHwgRlJTQSBG SEVBIHwNCg0KDQpPbiBUdWUsIDI3IEFwciAyMDIxIGF0IDIwOjM1LCBNdWVsbGVyLCBNaWx0b24g TCA8bWlsdG9uQGdhdGVjaC5lZHU8bWFpbHRvOm1pbHRvbkBnYXRlY2guZWR1Pj4gd3JvdGU6DQpN YXJrLA0KVGhhbmtzIGZvciB5b3VyIGludGVydmVudGlvbi4gSGVyZSBpcyB0aGUgY29tcGxldGUg ZGVmaW5pdGlvbiBvZiBwZXJzb25hbCBkYXRhIGluIEdEUFI6DQrigJhwZXJzb25hbCBkYXRh4oCZ IG1lYW5zIGFueSBpbmZvcm1hdGlvbiByZWxhdGluZyB0byBhbiBpZGVudGlmaWVkIG9yIGlkZW50 aWZpYWJsZSBuYXR1cmFsIHBlcnNvbiAo4oCYZGF0YSBzdWJqZWN04oCZKTsgYW4gaWRlbnRpZmlh YmxlIG5hdHVyYWwgcGVyc29uIGlzIG9uZSB3aG8gY2FuIGJlIGlkZW50aWZpZWQsIGRpcmVjdGx5 IG9yIGluZGlyZWN0bHksIGluIHBhcnRpY3VsYXIgYnkgcmVmZXJlbmNlIHRvIGFuIGlkZW50aWZp ZXIgc3VjaCBhcyBhIG5hbWUsIGFuIGlkZW50aWZpY2F0aW9uIG51bWJlciwgbG9jYXRpb24gZGF0 YSwgYW4gb25saW5lIGlkZW50aWZpZXIgb3IgdG8gb25lIG9yIG1vcmUgZmFjdG9ycyBzcGVjaWZp YyB0byB0aGUgcGh5c2ljYWwsIHBoeXNpb2xvZ2ljYWwsIGdlbmV0aWMsIG1lbnRhbCwgZWNvbm9t aWMsIGN1bHR1cmFsIG9yIHNvY2lhbCBpZGVudGl0eSBvZiB0aGF0IG5hdHVyYWwgcGVyc29uOw0K QWxhcywgdGhpcyByYWlzZXMgbW9yZSBxdWVzdGlvbnMgdGhhbiBpdCBhbnN3ZXJzLiBJdCBpcyBu b3QgZW50aXJlbHkgY2xlYXIgd2hhdCDigJxyZWxhdGluZyB0b+KAnSBtZWFucyBpbiB0aGlzIGNv bnN0cnVjdC4gRS5nLiwgaWYgdGhlIG5hbWUgb2YgbXkgY29tcGFueSBpcyBNaWx0b24gTXVlbGxl cuKAmXMgUG9ya2JlbGx5IERpbmVyLCBpcyB0aGUgbmFtZSByZWxhdGluZyB0byBtZSBhcyBhIHBl cnNvbiwgb3IgdG8gbXkgYnVzaW5lc3M/IFN0cmljdGx5IHNwZWFraW5nIGl04oCZcyBhIGJ1c2lu ZXNzIG5hbWUuIEJ1dCBpdCBjb3VsZCBiZSB1c2VkIHRvIGlkZW50aWZ5IG1lLiBBbiBvdmVybHkg YnJvYWQgaW50ZXJwcmV0YXRpb24gb2YgdGhpcyBkZWZpbml0aW9uIHdvdWxkIGNsYXNzaWZ5IEFO WSBkYXRhIGFib3V0IEFOWVRISU5HIGFzIOKAnHBlcnNvbmFsIGRhdGHigJ0gYmVjYXVzZSBhdCBz b21lIHBvaW50IGl0IGNvdWxkIGJlIOKAnHJlbGF0ZWQgdG/igJ0gYW4g4oCcaWRlbnRpZmlhYmxl IG5hdHVyYWwgcGVyc29uLuKAnSBTbyBzdWRkZW5seSB0aGUgYnVzaW5lc3MgbmFtZSBiZWNvbWVz IHBlcnNvbmFsIGRhdGEuIE9yIGEgYnVuY2ggb2Ygb2JzY3VyZSB0ZWNobmljYWwgaW5kaWNhdG9y cyBpbmhlcmVudCBpbiB5b3VyIHVzZSBvZiB0aGUgaW50ZXJuZXQsIHN1Y2ggYXMgcG9ydCBudW1i ZXJzLCBicm93c2VyIGNvbmZpZywgZXRjLiwgY291bGQgYmUg4oCccmVsYXRlZOKAnSB0byB5b3Vy IElTUCBhY2NvdW50IG51bWJlciwgYW5kIHRoZW4gdXNlZCB0byBpZGVudGlmeSB5b3UsIHBlcnNv bmFsbHkuIEJ1dCBkb2VzIHRoYXQgbWVhbiB0aGF0IGV2ZXJ5IHdlYnNpdGUgYW5kIGhvc3Rpbmcg c2VydmljZSBpbiB0aGUgd29ybGQgdGhhdCB1c2VzIHRoYXQgdGVjaG5pY2FsIGRhdGEgaW4gdGhl IGNvdXJzZSBvZiB0aGVpciBvcGVyYXRpb25zIGNhbm5vdCBwcm9jZXNzIHRoYXQgaW5mbyB3aXRo b3V0IHlvdXIgZXhwbGljaXQgcGVybWlzc2lvbiwgYmVjYXVzZSBpdOKAmXMg4oCccGVyc29uYWwg ZGF0YT/igJ0gSSBob3BlIG5vdCwgYmVjYXVzZSB0aGUgaW50ZXJuZXQgd291bGQgY2Vhc2UgdG8g ZnVuY3Rpb24gaWYgc28uDQoNCj5UaGVyZWZvcmUsIGluZm9AbXlvcmcub3JnPG1haWx0bzppbmZv QG15b3JnLm9yZz4gaXMgcGVyc29uYWwgZGF0YSBpZiBzb21lb25lIGJlaGluZCBpdCBpcyBpZGVu dGlmaWFibGUuDQoNCk15IHBvaW50IGlzIHRoYXQgd2hldGhlciB0aGUgdXNlciBvZiBpbmZvQG15 b3JnLm9yZzxtYWlsdG86aW5mb0BteW9yZy5vcmc+IGlzIGlkZW50aWZpYWJsZSBkb2VzIG5vdCBk ZXBlbmQgb24gdGhhdCBjaHVuayBvZiBkYXRhLCBidXQgb24gYSBidW5jaCBvZiBhY3Rpdml0aWVz IHRoYXQgcmVsYXRlIHRoYXQgZGF0YSB0byBvdGhlciB0aGluZ3MuIEFuZCBpbiBhIGRpZ2l0YWwg d29ybGQgd2l0aCBwb3dlcmZ1bCBwcm9jZXNzaW5nIGNhcGFiaWxpdGllcywgbm8gb25lIGNhbiBm dWxseSBjb250cm9sIHRob3NlIGNvcnJlbGF0aW9ucyBhbmQgc2VhcmNoZXMuIEFueSBhdHRlbXB0 IHRvIGRvIHNvIHNpbXBseSBjcmlwcGxlcyB0aGUgZW50aXJlIGluZm9ybWF0aW9uIGVjb25vbXku IFNvIHRoZSBpZGVhIG9mIGxvb2tpbmcgYXQgYSByZWdpc3RyYXRpb24gcmVjb3JkIGFuZCBzYXlp bmcg4oCcaXMgdGhlcmUgcGVyc29uYWwgZGF0YSBpbiBoZXJlIG9yIG5vdOKAnSBpcyBhIGNvbXBs ZXRlbHkgaW52YWxpZCB0ZXN0Lg0KDQpUaGVyZSBpcyBhbiBlZXJpZSBzaW1pbGFyaXR5IGJldHdl ZW4gdGhlc2UgZXhhZ2dlcmF0ZWQgYXBwbGljYXRpb25zIG9mIHByaXZhY3kgbGF3IGFuZCB0aGUg Y29weXJpZ2h0IG1heGltYWxpc3RzIG9mIHRoZSAxOTkwcy4gVGhlIElQIGludGVyZXN0cyB0aG91 Z2h0IHlvdSBuZWVkZWQgcGVybWlzc2lvbiB0byB0cmFuc21pdCBhIGNvcHlyaWdodGVkIHdvcmsg b3ZlciB0aGUgaW50ZXJuZXQsIGEgY2xhaW0gdGhhdCB3b3VsZCBoYXZlIGNyaXBwbGVkIElTUHMg d2hvIGhhZCBubyBpZGVhIHdoYXQgcGFja2V0cyB3ZXJlIHBhcnRzIG9mIGNvcHlyaWdodGVkIG1h dGVyaWFsIG9yIG5vdC4gUHJpdmFjeSBtYXhpbWFsaXN0cyBoYXZlIHJlYWNoZWQgdGhlIHNhbWUg cG9pbnQgb2YgYWJzdXJkaXR5LCBidXQgdGhleSBkb27igJl0IHNlZW0gdG8gcmVhbGl6ZSBpdC4g VGhleSBhcmUgbm8gbG9uZ2VyIHByb3RlY3RpbmcgYSB0YW5naWJsZSBwcml2YWN5IGludGVyZXN0 IG9mIGludGVybmV0IHVzZXJzLCB0aGV5IGFyZSB0cnlpbmcgdG8gZ2l2ZSBpbmRpdmlkdWFscyBy aWdpZCBjb250cm9sIG92ZXIgaW5mb3JtYXRpb24gZXhjaGFuZ2VzIGFuZCBpbXBvc2luZyBsYXJn ZWx5IG1lYW5pbmdsZXNzIGNvbnNlbnQgcmVxdWlyZW1lbnRzIHRoYXQgZG8gbm8gb25lIGFueSBn b29kLg0KDQo+VGhlIGNvbmZ1c2lvbiBjb21lcyBmcm9tIFJlY2l0YWwgMTQgb2YgdGhlIEdEUFIg d2hpY2ggc3RhdGVzIHRoYXQgaXQgb25seSBhcHBsaWVzIHRvIG5hdHVyYWwgcGVyc29ucyBhbmQg ZG9lcyBub3QgY292ZXIgdGhlIHByb2Nlc3Npbmcgb2YgcGVyc29uYWwgZGF0YSBjb25jZXJuaW5n IGxlZ2FsIHBlcnNvbnMsIGluIHBhcnRpY3VsYXIgdW5kZXJ0YWtpbmdzIGVzdGFibGlzaGVkIGFz IGxlZ2FsIHBlcnNvbnMgb3IgbGVnYWwgZW50aXRpZXMuIFRoaXMgYWxzbyBpbmNsdWRlcyB0aGUg bmFtZSBvZiB0aGUgbGVnYWwgcGVyc29uLCB0aGUgZm9ybSwgYW5kIHRoZSBjb250YWN0IGRldGFp bHMgb2YgdGhlIGxlZ2FsIHBlcnNvbi4gQnV0IHRoZSBzZWNvbmQgeW91IHN0YXJ0IGFkZGluZyBp ZGVudGlmaWVycyB0byB0aGVzZSBkZXRhaWxzLCBpdCBzdG9wcyBiZWNvbWluZyB0aGUgZGF0YSBv ZiBhICdsZWdhbCBwZXJzb24nIGFuZCBzdGFydHMgYmVjb21pbmcgcGVyc29uYWwgZGF0YS4NCg0K WWVzLCBpbmRlZWQsIHRoZSBHRFBSIGlzIGNvbmZ1c2VkIG9uIHRoaXMgc2NvcmUuIFVuZm9ydHVu YXRlbHksIHlvdSBkb27igJl0IGVzY2FwZSB0aGF0IGNvbmZ1c2lvbiBieSBzYXlpbmcg4oCcYWRk aW5nIGlkZW50aWZpZXJz4oCdIGlzIHRoZSBwcm9ibGVtLiBZb3VyIGFyZ3VtZW50IGZhaWxzIGJl Y2F1c2UgbmFtZXMgb2YgbGVnYWwgcGVyc29ucyBhbmQgY29udGFjdCBkZXRhaWxzIEFSRSDigJxp ZGVudGlmaWVycyzigJ0gdGhleSBhcmUganVzdCBpZGVudGlmaWVycyBvZiBsZWdhbCBwZXJzb25z LiBBcyBJIHBvaW50ZWQgb3V0IHRoZXkgY2FuIGVhc2lseSBvdmVybGFwIHdpdGgsIG9yIGJlIHVz ZWQgdG8gaWRlbnRpZnksIG5hdHVyYWwgcGVyc29ucy4NCg0KU28gbXkgYmFzaWMgcG9pbnQgaXMg dGhhdCB3ZSBkbyBub3Qgc29sdmUgdGhpcyBwcm9ibGVtIGJ5IHJlZmVyZW5jZSB0byBHRFBSIGRl ZmluaXRpb25zLiBJbiBmYWN0IGlmIEdEUFIgaXMgdGFrZW4gbGl0ZXJhbGx5IG5vIG9uZSBjYW4g ZXZlciBwdWJsaXNoIGFuZCBzaGFyZSBhbnkga2luZCBvZiBpbmZvcm1hdGlvbiB3aXRob3V0IGFi c3VyZCBvdmVyaGVhZCBhbmQgbGVnYWwgYnVyZWF1Y3JhY3ksIGJlY2F1c2UgQUxMIG9mIGl0IGNh biBiZSB1c2VkIHRvIGlkZW50aWZ5IHlvdSBpbiBzb21lIHdheS4gVGhlc2Uga2luZHMgb2YgaW50 ZXJwcmV0YXRpb25zIGFjdHVhbGx5IGRpc2NyZWRpdCBwcml2YWN5IGxhd3MgYW5kIHByb3RlY3Rp b25zLCBieSB0YWtpbmcgdGhlbSB0byBjb3VudGVycHJvZHVjdGl2ZSBsZW5ndGhzLiBXZSBoYXZl IHRvIG1ha2UgY29tbW9uIHNlbnNlLWJhc2VkLCBwcmFjdGljYWwgZGlzdGluY3Rpb25zIGJldHdl ZW4gd2hhdCBkYXRhIG5lZWRzIHByb3RlY3Rpb24sIHdoYXQgZGF0YSBjYW4gYmUgZWFzaWx5IHNo YXJlZCBhdCB0aGUgcmVnaXN0cmFudHPigJkgY2hvaWNlLg0KDQpTZWNvbmRseSwgSSBmaW5kIHRo aXMgc3RhdGVtZW50LCAiSSB0aGluayBpdCBpcyBzaW1wbGVzdCB0byBqdXN0IHNheSB0byB0aGUg cmVnaXN0cmFudCwgaWYgeW914oCZcmUgYSBjb21wYW55IGFuZCBkb27igJl0IG1pbmQgKG9yIGV2 ZW4gd2FudCkgeW91ciBkYXRhIHRvIGJlIHB1Ymxpc2hlZCwgY2hlY2sgdGhpcyBib3guIElmIHlv deKAmXJlIG5vdCwgb3IgeW91IGRvIG1pbmQsIGRvbuKAmXQgY2hlY2sgaXQuIiAgdG8gYmUgQk9U SCBwZXJwbGV4aW5nIGFuZCBpbmFjY3VyYXRlLiAgV2hldGhlciBzb21lb25lIGNoZWNrcyB0aGUg Ym94LCBvciBkb2VzIG5vdCBjaGVjayB0aGUgYm94IGlzIGNvbXBsZXRlbHkgaXJyZWxldmFudCBm b3IgZGV0ZXJtaW5pbmcgd2hldGhlciBpdCBpcyBwZXJzb25hbCBkYXRhLiBXaGV0aGVyIHNvbWVv bmUgY2hlY2tzIHRoZSBib3ggaXMgYSBxdWVzdGlvbiBvZiBDT05TRU5UIHRvIHByb2Nlc3Npbmcg QU5EIHB1YmxpY2F0aW9uLCBub3Qgd2hldGhlciB0aGlzIGFtb3VudHMgdG8gcGVyc29uYWwgZGF0 YS4NCg0KV2UgYWN0dWFsbHkgc2VlbSB0byBhZ3JlZSBoZXJlLCBtb3JlIHRoYW4geW91IHRoaW5r LiBJIGFtIHNheWluZyB0aGF0IHRoZSB1c2VyLCB0aGUgcmVnaXN0cmFudCwgZ2V0cyB0byBkZWNp ZGUgd2hhdCBpcyBwZXJzb25hbCBkYXRhIG9yIG5vdCwgYmVjYXVzZSBUSEVSRSBJUyBOTyBPQkpF Q1RJVkUsIENMRUFSIExFR0FMIERFRklOSVRJT04uIFNvIHRoZSB1c2VyIGNhbiBkZWNpZGUgd2hl dGhlciB0aGV5IHdhbnQgdG8gYmUgY2xhc3NpZmllZCBhcyBhIGxlZ2FsIHBlcnNvbiBhbmQg4oCc Y29uc2VudOKAnSB0byBwdWJsaXNoaW5nIHRoZWlyIGRhdGEgb3Igbm90LiBBcyBhbiBleGFtcGxl LCB0aGF0IGlmIEkgZGVjaWRlIHRoYXQgcHVibGlzaGluZyB0aGUgbmFtZSBvZiDigJxNaWx0b24g TXVlbGxlcuKAmXMgUG9ya2JlbGx5IERpbmVy4oCdIGlzIG5vdCBhIHZpb2xhdGlvbiBvZiBteSBw cml2YWN5LCBpdCBpc27igJl0LiBJdCBkb2VzbuKAmXQgbWF0dGVyIHdoYXQgdGhlIEV1cm9wZWFu IFVuaW9uIHNheXMsIGl04oCZcyBteSBjaG9pY2UuDQoNCkFuZCBsZXTigJlzIG5vdCBvdmVybG9v ayB0aGUgZW1iYXJyYXNzaW5nIGZhY3QgdGhhdCB0aGUgRXVyb3BlYW4gVW5pb24gaXMgbm93IG9u ZSBvZiB0aGUga2V5IHBsYXllcnMgcHVzaGluZyBoYXJkIGZvciBwdWJsaWNhdGlvbiBvZiBsZWdh bCBwZXJzb24gZGF0YS4gQnV0IEnigJlsbCBsZWF2ZSB0aGF0IG9uZSB0byBsYXRlci4NCg== --_000_BN7PR07MB468972ABF9C9B637CBEC2CA6A15F9BN7PR07MB4689namp_ Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: base64 PGh0bWwgeG1sbnM6dj0idXJuOnNjaGVtYXMtbWljcm9zb2Z0LWNvbTp2bWwiIHhtbG5zOm89InVy bjpzY2hlbWFzLW1pY3Jvc29mdC1jb206b2ZmaWNlOm9mZmljZSIgeG1sbnM6dz0idXJuOnNjaGVt YXMtbWljcm9zb2Z0LWNvbTpvZmZpY2U6d29yZCIgeG1sbnM6bT0iaHR0cDovL3NjaGVtYXMubWlj cm9zb2Z0LmNvbS9vZmZpY2UvMjAwNC8xMi9vbW1sIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcv VFIvUkVDLWh0bWw0MCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIg Y29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04Ij4NCjxtZXRhIG5hbWU9IkdlbmVyYXRv ciIgY29udGVudD0iTWljcm9zb2Z0IFdvcmQgMTUgKGZpbHRlcmVkIG1lZGl1bSkiPg0KPHN0eWxl PjwhLS0NCi8qIEZvbnQgRGVmaW5pdGlvbnMgKi8NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6 Ik1TIEdvdGhpYyI7DQoJcGFub3NlLTE6MiAxMSA2IDkgNyAyIDUgOCAyIDQ7fQ0KQGZvbnQtZmFj ZQ0KCXtmb250LWZhbWlseToiQ2FtYnJpYSBNYXRoIjsNCglwYW5vc2UtMToyIDQgNSAzIDUgNCA2 IDMgMiA0O30NCkBmb250LWZhY2UNCgl7Zm9udC1mYW1pbHk6Q2FsaWJyaTsNCglwYW5vc2UtMToy IDE1IDUgMiAyIDIgNCAzIDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFtaWx5OlRhaG9tYTsN CglwYW5vc2UtMToyIDExIDYgNCAzIDUgNCA0IDIgNDt9DQpAZm9udC1mYWNlDQoJe2ZvbnQtZmFt aWx5OiJcQE1TIEdvdGhpYyI7DQoJcGFub3NlLTE6MiAxMSA2IDkgNyAyIDUgOCAyIDQ7fQ0KLyog U3R5bGUgRGVmaW5pdGlvbnMgKi8NCnAuTXNvTm9ybWFsLCBsaS5Nc29Ob3JtYWwsIGRpdi5Nc29O b3JtYWwNCgl7bWFyZ2luOjBpbjsNCgltYXJnaW4tYm90dG9tOi4wMDAxcHQ7DQoJZm9udC1zaXpl OjEyLjBwdDsNCglmb250LWZhbWlseToiVGltZXMgTmV3IFJvbWFuIixzZXJpZjt9DQphOmxpbmss IHNwYW4uTXNvSHlwZXJsaW5rDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjpibHVl Ow0KCXRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7fQ0KYTp2aXNpdGVkLCBzcGFuLk1zb0h5cGVy bGlua0ZvbGxvd2VkDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsNCgljb2xvcjpwdXJwbGU7DQoJ dGV4dC1kZWNvcmF0aW9uOnVuZGVybGluZTt9DQpwDQoJe21zby1zdHlsZS1wcmlvcml0eTo5OTsN Cgltc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzsNCgltYXJnaW4tcmlnaHQ6MGluOw0KCW1zby1tYXJn aW4tYm90dG9tLWFsdDphdXRvOw0KCW1hcmdpbi1sZWZ0OjBpbjsNCglmb250LXNpemU6MTIuMHB0 Ow0KCWZvbnQtZmFtaWx5OiJUaW1lcyBOZXcgUm9tYW4iLHNlcmlmO30NCnAubXNvbm9ybWFsMCwg bGkubXNvbm9ybWFsMCwgZGl2Lm1zb25vcm1hbDANCgl7bXNvLXN0eWxlLW5hbWU6bXNvbm9ybWFs Ow0KCW1zby1tYXJnaW4tdG9wLWFsdDphdXRvOw0KCW1hcmdpbi1yaWdodDowaW47DQoJbXNvLW1h cmdpbi1ib3R0b20tYWx0OmF1dG87DQoJbWFyZ2luLWxlZnQ6MGluOw0KCWZvbnQtc2l6ZToxMi4w cHQ7DQoJZm9udC1mYW1pbHk6IlRpbWVzIE5ldyBSb21hbiIsc2VyaWY7fQ0Kc3Bhbi5FbWFpbFN0 eWxlMjANCgl7bXNvLXN0eWxlLXR5cGU6cGVyc29uYWwtcmVwbHk7DQoJZm9udC1mYW1pbHk6IkNh bGlicmkiLHNhbnMtc2VyaWY7DQoJY29sb3I6IzFGNDk3RDt9DQouTXNvQ2hwRGVmYXVsdA0KCXtt c28tc3R5bGUtdHlwZTpleHBvcnQtb25seTsNCglmb250LXNpemU6MTAuMHB0O30NCkBwYWdlIFdv cmRTZWN0aW9uMQ0KCXtzaXplOjguNWluIDExLjBpbjsNCgltYXJnaW46MS4waW4gMS4waW4gMS4w aW4gMS4waW47fQ0KZGl2LldvcmRTZWN0aW9uMQ0KCXtwYWdlOldvcmRTZWN0aW9uMTt9DQovKiBM aXN0IERlZmluaXRpb25zICovDQpAbGlzdCBsMA0KCXttc28tbGlzdC1pZDo4MDc2NjY0NTc7DQoJ bXNvLWxpc3QtdGVtcGxhdGUtaWRzOjUwNzEyMzMyNjt9DQpvbA0KCXttYXJnaW4tYm90dG9tOjBp bjt9DQp1bA0KCXttYXJnaW4tYm90dG9tOjBpbjt9DQotLT48L3N0eWxlPjwhLS1baWYgZ3RlIG1z byA5XT48eG1sPg0KPG86c2hhcGVkZWZhdWx0cyB2OmV4dD0iZWRpdCIgc3BpZG1heD0iMTAyNiIg Lz4NCjwveG1sPjwhW2VuZGlmXS0tPjwhLS1baWYgZ3RlIG1zbyA5XT48eG1sPg0KPG86c2hhcGVs YXlvdXQgdjpleHQ9ImVkaXQiPg0KPG86aWRtYXAgdjpleHQ9ImVkaXQiIGRhdGE9IjEiIC8+DQo8 L286c2hhcGVsYXlvdXQ+PC94bWw+PCFbZW5kaWZdLS0+DQo8L2hlYWQ+DQo8Ym9keSBsYW5nPSJF Ti1VUyIgbGluaz0iYmx1ZSIgdmxpbms9InB1cnBsZSI+DQo8ZGl2IGNsYXNzPSJXb3JkU2VjdGlv bjEiPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7 Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0Qi PlN0ZXBoYW5pZTo8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1 b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+SGVscCB1cyBvdXQgaGVyZTogd2hpY2ggZG8g eW91IHByZWZlcj88bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1 b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+T3B0aW9uIDE8bzpwPjwvbzpwPjwvc3Bhbj48 L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtm b250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+ T3B0aW9uIDI8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3Bh biBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7 LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+T3B0aW9uIDM8bzpwPjwvbzpwPjwvc3Bhbj48L3A+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250 LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+T3B0 aW9uIDQ8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBz dHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNh bnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPHAg Y2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1p bHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0QiPlNwZW50IDIw IG1pbnV0ZXMgb24geW91ciBtZXNzYWdlIGJlbG93LiBTdGlsbCBkb27igJl0IGtub3cgdGhlIGFu c3dlciB0byB0aGUgcXVlc3Rpb248bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8cCBjbGFzcz0iTXNv Tm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtD YWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+LS1NTTxvOnA+PC9vOnA+PC9z cGFuPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEu MHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0 OTdEIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8ZGl2Pg0KPGRpdiBzdHlsZT0iYm9y ZGVyOm5vbmU7Ym9yZGVyLXRvcDpzb2xpZCAjRTFFMUUxIDEuMHB0O3BhZGRpbmc6My4wcHQgMGlu IDBpbiAwaW4iPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PGI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6 ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmIj5Gcm9t Ojwvc3Bhbj48L2I+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1 b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmIj4gTkNTRy1EaXNjdXNzICZsdDtOQ1NHLURJU0NV U1NATElTVFNFUlYuU1lSLkVEVSZndDsNCjxiPk9uIEJlaGFsZiBPZiA8L2I+U3RlcGhhbmllIEUg UGVycmluPGJyPg0KPGI+U2VudDo8L2I+IFdlZG5lc2RheSwgQXByaWwgMjgsIDIwMjEgMTA6NTMg QU08YnI+DQo8Yj5Ubzo8L2I+IE5DU0ctRElTQ1VTU0BMSVNUU0VSVi5TWVIuRURVPGJyPg0KPGI+ U3ViamVjdDo8L2I+IFJlOiBFUERQIHBvbGljeSBpc3N1ZXMgLSBbYWRkaW5nIEthdGh5XTxvOnA+ PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjxwPlRoYW5rcyBhZ2FpbiBNYW5qdSwgZm9yIHlvdXIgdW50 aXJpbmcgZWZmb3J0cyB0byBnZXQgdXMgdG8gc29sdmUgdGhpcyBkaXNhZ3JlZW1lbnQgYWJvdXQg bmV4dCBzdGVwcy4mbmJzcDsgSSBhbSBnb2luZyB0byB0cnkgdG8gc3VtbWFyaXplIG15IHRoaW5r aW5nIG9uIHRoaXMsIHdpdGhvdXQgZGl2aW5nIGludG8gdGhlIGNvbXBsZXhpdHkgb2YgdGhlIGxh dyBhbmQgdGhlIGRpZmZpY3VsdGllcyBpbmhlcmVudCBpbiBpbXBsZW1lbnRpbmcgaXQuPG86cD48 L286cD48L3A+DQo8cD4xLiZuYnNwOyBUaGUgcHVzaCB0byBkaXN0aW5ndWlzaCBiZXR3ZWVuIGxl Z2FsIGFuZCBuYXR1cmFsIGlzIG5vdCBuZXcuJm5ic3A7IFdlIGZvdWdodCBpdCBpbiB0aGUgUFBT QUksIGFuZCB3b24uJm5ic3A7IEluIHBoYXNlIDEgRVBEUCwgd2UgbWFuYWdlZCB0byBnZXQgcmVj b21tZW5kYXRpb24gIzYgdGhyb3VnaCwgYnV0IHdpdGggdGhlIGNvbmNlc3Npb24gdGhhdCBJQ0FO TiB3b3VsZCBkbyBhIHN0dWR5IG9uIGxlZ2FsIG5hdHVyYWwsIGFuZCB0aGF0IHdlIHdvdWxkDQog cmVleGFtaW5lLiZuYnNwOyBNeSBwb3NpdGlvbiBpcyBiYXNpY2FsbHkgSE9MRCBUSEFUIExJTkUh Jm5ic3A7IFdlIGRvIG5vdCBuZWVkIHRvIGNoYW5nZSBvdXIgcG9zaXRpb24sIHdlIGNhbiBleGFt aW5lIHRoZSBtYXR0ZXIsIHRha2UgYSBsb29rIGF0IHdoYXQgZ3VpZGFuY2Ugd291bGQgZG8sIGFu ZCBtYWludGFpbiB0aGUgc3RhdHVzIHF1by48bzpwPjwvbzpwPjwvcD4NCjxwPjIuJm5ic3A7IFdl IGhhdmUgc291Z2h0IGFkdmljZSBmcm9tIEJpcmQgYW5kIEJpcmQgb24gbWl0aWdhdGluZyB0aGUg cmlzayB0byBjb250cmFjdGVkIHBhcnRpZXMgaW4gdGVybXMgb2YgaG93IHRoZXkgcHJvdmlkZSBp bmZvcm1hdGlvbiB0byB0aGVpciByZWdpc3RyYW50cywgaW4gb3JkZXIgdG8gYmUgaW4gZnVsbCBj b21wbGlhbmNlIHdpdGggZGF0YSBwcm90ZWN0aW9uIGxhdyAodmlld2VkIHRocm91Z2ggdGhlIEdE UFIgbGVucykuJm5ic3A7IEZvciB0aGUgY29udHJhY3RlZA0KIHBhcnRpZXMsIG5vdGhpbmcgaW4g dGhlcmUgZWxpbWluYXRlcyB0aGUgcmlzayB0aGF0IHRoZSBkYXRhIGNvbnRyb2xsZXIgaGFzLCBi dXQgY2VydGFpbmx5IGd1aWRhbmNlIG1pdGlnYXRlcyBpdC4mbmJzcDsgSG93ZXZlciwgcmVtZW1i ZXIgdGhhdCBjaXZpbCBzb2NpZXR5IGNhbiB0YWtlIGEgY2FzZSB1bmRlciBHRFBSLCBhbmQgaWYg SSB3ZXJlIGFkdmlzaW5nIGNpdmlsIHNvY2lldHkgYXMgdG8gaG93IHRvIHRha2UgYSBjYXNlLCBJ IHdvdWxkIHBvaW50DQogb3V0IHRoZSBoaXN0b3J5IG9mIFdIT0lTLCB0aGUgZG9nZ2VkIGRldGVy bWluYXRpb24gb2YgSUNBTk4gYW5kIHRoZSBJUCBhbmQgYnVzaW5lc3MgY29tbXVuaXR5IHRvIGdl dCBiYWNrIHRvIHRoZSBnb29kIG9sZCBXSE9JUywgdGhlIGxhY2sgb2YgZXZpZGVuY2UgdGhhdCBm b3JjaW5nIHRoaXMgZGV0ZXJtaW5hdGlvbiBvbiBzbWFsbGVyIGFjdG9ycyB3aWxsIGluZGVlZCBy ZXN1bHQgaW4gZ3JlYXRlciBzZWN1cml0eSBhbmQgc3RhYmlsaXR5Jm5ic3A7IG9mDQogdGhlIERO UywgYW5kIHRoZSB1bmVxdWFsIHBvd2VyIHJlbGF0aW9uc2hpcCBiZXR3ZWVuIElDQU5OIHRoZSBy ZWd1bGF0b3IgYW5kIHRoZSBjb250cmFjdGVkIHBhcnRpZXMgd2hvIG11c3QgYmUgYWNjcmVkaXRl ZCB0byBkbyBidXNpbmVzcy4mbmJzcDsgVGhpcmQgcGFydHkgZGF0YSBhY2Nlc3NvcnMgYXJlIGRy aXZpbmcgdGhpcyBwcm9jZXNzLCBhbmQgcmVnaXN0cmFudHMgYXJlIGJhc2ljbHkgYmVpbmcgcmVw cmVzZW50ZWQgYnkgb3Vyc2VsdmVzLCBhbmQNCiB0aGUgUmVnaXN0cmFycyB3aG8gaGF2ZSB0aGVt IGFzIGN1c3RvbWVycy4mbmJzcDsgSSB0aGluayB3ZSBoYXZlIGEgcmVzcG9uc2liaWxpdHkgbm90 IHRvIGNhdmUgaW4uPG86cD48L286cD48L3A+DQo8cD4zLiZuYnNwOyBBIHdvcmQgb24gc21hbGwg YnVzaW5lc3MsIHNvbGUgcHJvcHJpZXRvcnMsIGFuZCBob21lIGJhc2VkIGVudHJlcHJlbmV1cnMg b3IgZ2lnIHdvcmtlcnMuJm5ic3A7IFdlIGFyZSB0aGUgTm9uLWNvbW1lcmNpYWwgc3Rha2Vob2xk ZXJzLCBzbyB3ZSBkbyBub3QgY2xhaW0gdG8gcmVwcmVzZW50IHRoZW0uJm5ic3A7IEZyYW5rbHks IEkgZG9uJ3Qga25vdyB3aG8gZG9lcyBoZXJlIGF0IElDQU5OLCBpbiBteSA4IHllYXJzIG9mIHZv bHVudGVlcmluZyBhdCBJQ0FOTg0KIEkgaGF2ZSBuZXZlciBoZWFyZCB0aGUgQUxBQyBmb2xrcyBh ZHZhbmNlIGEgY29oZXNpdmUgYXJndW1lbnQgb24gYmVoYWxmIG9mIHRoZXNlIGZvbGtzIChvciBl dmVuIGFuIGFyZ3VtZW50LCBidXQgSSBoZXNpdGF0ZSB0byBzYXkgdGhhdCBiZWNhdXNlIHNvbWVv bmUgd2lsbCB0cmF3bCB0aHJvdWdoIHRoZSBhcmNoaXZlcyBhbmQgY29tZSB1cCB3aXRoIHNvbWVv bmUgZGVmZW5kaW5nIHRoZSBsaXR0bGUgZ3V5IGFnYWluc3QgZ2lhbnQgY29ycG9yYXRpb25zKS4m bmJzcDsNCiBDZXJ0YWlubHkgdGhleSBhcmUgbm90IHNwZWFraW5nIGZvciB0aGVtIGF0IHRoZSBF UERQLCB0aGV5IGFyZSBzcGVha2luZyBmb3IgZ292ZXJubWVudCwgbGF3IGVuZm9yY2VtZW50LCBh bmQgY3liZXJzZWN1cml0eSBvcGVyYXRpdmVzLiZuYnNwOyBBcyBmb2xrcyB3aG8gY2FyZSBhYm91 dCBodW1hbiByaWdodHMgYW5kIGZhaXJuZXNzIHRvIGRldmVsb3BpbmcgZWNvbm9taWVzLCBJIHRo aW5rIHdlIHNob3VsZCBjYXJlIGFib3V0IGhvdyBtdWNoIHRoaXMgZGlmZmVyZW50aWF0aW9uDQog YmV0d2VlbiBsZWdhbCBwZXJzb25zIGFuZCBuYXR1cmFsIHBlcnNvbnMgZG9lcyBub3Qgd29yayBp biBjb3VudHJpZXMgb3RoZXIgdGhhbiB0aGUgRVUgc3RhdGVzIGFuZCB0aGUgVVMuJm5ic3A7IENv dW50cmllcyBhcm91bmQgdGhlIHdvcmxkIGhhdmUgZGlmZmVyZW50IHdheXMgdG8gZGVzY3JpYmUg c21hbGwgYnVzaW5lc3MsIGRpZmZlcmVudCB3YXlzIHRvIHJlZ3VsYXRlIGl0LCBhbmQgdGhpcyBk aWZmZXJlbnRpYXRpb24gbWF5IG5vdCBtYXRjaCB0YXgNCiBzY2hlbWVzLCBtdW5pY2lwYWwgcmVn aXN0cmF0aW9uIHBhdHRlcm5zLCBldGMuJm5ic3A7IFRoZXJlIGlzIG9mIGNvdXJzZSBhbiBhZGRp dGlvbmFsIGJhcnJpZXIgaW4gdGhlIG1hdHRlciBvZiBsYW5ndWFnZXMuPG86cD48L286cD48L3A+ DQo8cD40LiZuYnNwOyBSZW1lbWJlciB0aGF0IHdoYXQgd2UgYXJlIGFyZ3VpbmcgYWJvdXQgaXMg bm90IHByb3ZpZGluZyBhY2Nlc3MgdG8gZGF0YSBhYm91dCBzdXNwZWN0ZWQgbGVnYWwgcGVyc29u cyB0aHJvdWdoIHRoZSBTU0FELiZuYnNwOyBXZSBhcmUgYXJndWluZyBhYm91dCBBdXRvbWF0aWMg ZGlzY2xvc3VyZSBiYXNlZCBvbiB0aGUgY2hvaWNlIHRoZSBpbmRpdmlkdWFsIG1ha2VzLCBsZWdh bCBvciBuYXR1cmFsIHBlcnNvbi4mbmJzcDsgQXMgSSBoYXZlIHNhaWQgYmVmb3JlLA0KIHRoZSBz a2llcyBhcmUgbm90IGdvaW5nIHRvIGZhbGwgaWYgdGhlIGxlZ2l0aW1hdGUgcmVxdWVzdG9ycyBo YXZlIHRvIHJlcXVlc3QgdGhlIGRhdGEgYW5kIGdldCBpdCBpbiBvbmUgb3IgdHdvIGJ1c2luZXNz IGRheXMsIGFzIG9wcG9zZWQgdG8gaGF2aW5nIGl0IHByZS1lbXB0aXZlbHkgZGlzY2xvc2VkLiAm bmJzcDsgUmVtZW1iZXIgdGhhdCB0aGUgcmVnaXN0cmFyIG9yIGhpcyByZXNlbGxlciBoYXMgYSB3 ZWFsdGggb2Ygb3RoZXIgZGF5IGFib3V0IHRoZWlyDQogY3VzdG9tZXIgdGhhdCBpcyAmcXVvdDti ZWxvdyB0aGUgc3VyZmFjZSZxdW90OywgbW9zdCBpbXBvcnRhbnRseSBjcmVkaXQgY2FyZCBpbmZv LCBiaWxsaW5nIGFkZHJlc3MgZm9yIHRoZSBjcmVkaXQgY2FyZCwgZW1haWxzLCBJUCBhZGRyZXNz IGV0Yy4mbmJzcDsgVGhleSBjYW4gbG9vayBhdCB0aGF0IGRhdGEgaWYgbmVjZXNzYXJ5LCB0byBm aWd1cmUgb3V0IHdoZXRoZXIgdGhleSBhcmUgZGVhbGluZyB3aXRoIGEgY29tcGFueSBvciBhIHBl cnNvbi4mbmJzcDsgSG93ZXZlciwgdGhlDQogU1NBRCBkb2VzIG5vdCBoYXZlIGFjY2VzcyB0byB0 aGF0IGRhdGEuJm5ic3A7IElmIHdlIGVuY291cmFnZSB0aGlzIGRpZmZlcmVudGlhdGlvbiBieSBw dXR0aW5nIGd1aWRhbmNlIGludG8gdGhlIHBvbGljeSwgdGhlbiB3ZSBhcmUgaGVhZGluZyBmb3Ig dGhlIHNsaXBwZXJ5IHNsb3BlIG9mIGF1dG9tYXRlZCBkaXNjbG9zdXJlLiBSZW1lbWJlciB0aGF0 IHRoZXJlIGlzIGFscmVhZHkgYSBzZWN0aW9uIGluIHRoZXJlIHRoYXQgb25jZSB0aGUgZGF0YSBo YXMNCiBiZWVuIHZlcmlmaWVkIGFzIHBlcnRhaW5pbmcgdG8gYSBsZWdhbCBwZXJzb24gYW5kIG5v dCBjb250YWluaW5nIHBlcnNvbmFsIGRhdGEsIGl0IE1VU1QgYmUgZGlzY2xvc2VkLiZuYnNwOyBX aGF0IGhhcHBlbnMgd2hlbiB0aGF0IGxlZ2FsIGVudGl0eSBtb3ZlcyB0byBhIGp1cmlzZGljdGlv biB3aGVyZSBlbXBsb3llZXMgaGF2ZSBwcml2YWN5IHJpZ2h0cywgZWl0aGVyIHVuZGVyIGRhdGEg cHJvdGVjdGlvbiBsYXcgb3Igb3RoZXIgbGF3cyBzdWNoIGFzIGxhYm91cg0KIGxhd3Mgb3IgY29u dHJhY3RzPyZuYnNwOyBUaGVyZSBpcyBhIGdvb2QgY2hhbmNlIHRoYXQgc29tZSBvZiB0aGVpciBk YXRhIGJlY29tZXMgcGVyc29uYWwuPG86cD48L286cD48L3A+DQo8cD41LiZuYnNwOyBSZWdpc3Ry YXJzIGFscmVhZHkgaGF2ZSBleGNlbGxlbnQgYWR2aWNlIGZvciB0aGVpciBtZW1iZXJzIGF2YWls YWJsZSB0aHJvdWdoIHRoZWlyIG93biB3ZWJzaXRlcy4mbmJzcDsgUmVtZW1iZXIgdGhhdCBhdCBJ Q0FOTiB3ZSBhcmUgb25seSBkZWFsaW5nIHdpdGggdGhlIGJpZyBvbmVzLCBhbmQgdGhlIHJlc3Bv bnNpYmxlIG9uZXMuJm5ic3A7IFdlIGhhdmUgdG8gY29uc2lkZXIgd2hldGhlciBhbnkgYWN0aXZp dHkgd2Ugc2FuY3Rpb24gaW4gdGhpcyBwb2xpY3kNCiBpbmR1Y2VzIHRoZSBsYXp5IG9uZXMgdG8g Y3V0IGNvcm5lcnMuJm5ic3A7IFRoZXkgYXJlIHVzZWQgdG8gZGlzY2xvc2luZyBldmVyeXRoaW5n IGluIHRoZSBXSE9JUywgaWYgZ2l2ZW4gYW4gb3Bwb3J0dW5pdHkgdG8gcmV2ZXJ0IHRvIHRoYXQg YnkgY3JlYXRpbmcgdGhpcyBkaXN0aW5jdGlvbiwgdGhleSB3aWxsIG1vc3QgbGlrZWx5IGRvIHdo YXQgaXMgZWFzaWVzdC4mbmJzcDsgQXQgdGhlIG1vbWVudCwgdW5kZXIgdGhlIHRlbXAgc3BlYyBh bmQgYXJ0aWNsZSA2LA0KIHRoZSBlYXNpZXN0IHRoaW5nIHRvIGRvIGlzIHRvIGNvbnNpZGVyIHRo ZXNlIGdyZXkgYXJlYSBmb2xrcyBhcyBuYXR1cmFsIHBlcnNvbnMgdW5sZXNzIHByb3ZlbiBvdGhl cndpc2UsIGFuZCBwcm90ZWN0IHRoZSBkYXRhLiZuYnNwOyBXaHkgb24gZWFydGggd291bGQgd2Ug bm90IGNob29zZSB0aGlzIG9wdGlvbj8mbmJzcDsgVGhlcmUgaXMgbm8gbGF3IHRlbGxpbmcgdXMg dG8gZG8gb3RoZXJ3aXNlLCBhbmQgdGhlcmUgaXMgY2VydGFpbmx5IGEgZ3JlYXQgZGVhbCBvZg0K IGxhdyBvdXQgdGhlcmUgdGhhdCBtYWtlcyBkaWZmZXJlbnRpYXRpb24gYSBsZWdhbCByaXNrIHRo YXQgY2FycmllcyBsaWFiaWxpdHkgYW5kIGNvc3QuJm5ic3A7IFdlIHdhbnQgZG9tYWluIG5hbWVz IHRvIHJlbWFpbiBhZmZvcmRhYmxlLCBhbmQgd2Ugd2FudCBvdXIgcGVvcGxlIHByb3RlY3RlZC48 bzpwPjwvbzpwPjwvcD4NCjxwPjYuJm5ic3A7IE9uZSBtb3JlIHRoaW5nOiZuYnNwOyByZW1lbWJl ciB0aGF0IG5vdCBhbGwgZG9tYWluIG5hbWVzIGFyZSB1c2VkIGZvciB3ZWJzaXRlcyBlbmdhZ2Vk IGluIGNvbW1lcmNlLiZuYnNwOyBTb21lIGFyZSBiZWluZyBoZWxkIGJ5IGluZGl2aWR1YWxzIGZv ciBmdXR1cmUgdXNlLiZuYnNwOyBEaXNjbG9zdXJlIHByb3ZpZGVzIG1hcmtldCBpbmZvcm1hdGlv biB0byBiaWcgcGxheWVycyB3aG8gbWF5IHdhbnQgdG8gcHJldmVudCB0aGUgbmFtZSBmcm9tIGJl aW5nIHVzZWQsDQogb3IgdG8gcHVyY2hhc2UgdGhlbSwgYnV0IHRoZXJlIGlzIG5vIGhhcm0gZW1h bmF0aW5nIGZyb20gdGhlbSBpbiBkb3JtYW5jeSwgYW5kIHNtYWxsIHBsYXllcnMgbmVlZCBub3Qg aGF2ZSB0aGVpciBjb21wZXRpdGl2ZSBwb3NpdGlvbnMgY29tcHJvbWlzZWQgaW4gdGhpcyB3YXku Jm5ic3A7IE1vc3Qgb2YgdGhlIG9ubGluZSBjcmltZSB0aGF0IHdlIGhlYXIgYWRkdWNlZCB0byBq dXN0aWZ5IGRpc2Nsb3N1cmUgb2YgZGF0YSBpcyBjb21pbmcgZnJvbSB3ZWJzaXRlcy4mbmJzcDsN CiBXZWJzaXRlcyBjYW4gYmUgcmVndWxhdGVkIHRvIHByb3RlY3QgY29uc3VtZXJzLCBidXQgdGhh dCBpcyBub3Qgd2l0aGluIElDQU5OJ3MgYmFpbGl3aWNrLiZuYnNwOyBGb2xrcyBjb21lIHRvIElD QU5OIHRvIGRlbWFuZCB0aGlzIGFjdGl2aXR5IGJlY2F1c2Ugb3RoZXIgbXVsdGlsYXRlcmFsIGlu c3RydW1lbnRzIGhhdmUgZmFpbGVkLCBidXQgZ2l2ZW4gdGhlIGxhY2sgb2Ygb3ZlcnNpZ2h0IG92 ZXIgSUNBTk4sIHRoZSByZXNwb25zaWJpbGl0eSB0byBlbnN1cmUNCiBmYWlybmVzcyBhbmQgaHVt YW4gcmlnaHRzIGFyZSByZXNwZWN0ZWQgZmFsbHMgb24gdGhlIHNob3VsZGVycyBvZiB0aGUgc3Rh a2Vob2xkZXJzIGVuZ2FnZWQgaGVyZS4NCjxvOnA+PC9vOnA+PC9wPg0KPHA+Ny4mbmJzcDsgRmlu YWxseTombmJzcDsgU2V2ZXJhbCBmb2xrcyBhcmUgd29ycmllZCB0aGF0IGdvdmVybm1lbnRzIHdp bGwgcmVndWxhdGUgaWYgd2UgZG8gbm90IGNvbmNlZGUgaGVyZS4mbmJzcDsgSSBzYXkgbGV0IHRo ZW0sIHRoZSBDb3VydHMgYW5kIHRoZSBDb25zdGl0dXRpb24gYW5kIHRoZSBtdWNoIG1vcmUgcmln b3JvdXMgZGVmZW5jZXMgYWdhaW5zdCBpbmN1cnNpb25zIGludG8gaHVtYW4gcmlnaHRzIGF2YWls YWJsZSB3aXRoaW4gY291bnRyaWVzIHdpbGwgcHJldmFpbC4mbmJzcDsNCiBJdCBjZXJ0YWlubHkg d2lsbCBpbiB0aGUgRVUsIHdoZXJlIHRoZSBkcmFmdCBOSVMgaXMgcHJvZ3Jlc3NpbmcuLi4uLkkg a2VlcCBwb2ludGluZyBvdXQgdGhlIE9waW5pb24gb2YgdGhlIEV1cm9wZWFuIERhdGEgUHJvdGVj dGlvbiBTdXBlcnZpc29yIG9uIHRoaXMgbWF0dGVyLCBzbyBvbmUgbW9yZSB0aW1lIGhlcmUgaXQg aXMNCjxhIGhyZWY9Imh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vc2VhcmNoP2NsaWVudD1maXJlZm94 LWItZCZhbXA7cT1lZHBzK29uK3RoZStuaXMrZGlyZWN0aXZlIj4NCmh0dHBzOi8vd3d3Lmdvb2ds ZS5jb20vc2VhcmNoP2NsaWVudD1maXJlZm94LWItZCZhbXA7cT1lZHBzK29uK3RoZStuaXMrZGly ZWN0aXZlPC9hPi4mbmJzcDsgQXMgZm9yIHRoZSBpbmNyZWFzaW5nIG51bWJlciBvZiBhdXRvY3Jh dGljIGNvdW50cmllcyBpbnRlcmVzdGVkIGluIGN1cnRhaWxpbmcgdGhlIGZyZWUgc3BlZWNoIGFu ZCBpbnRlcm5ldCByaWdodHMgb2YgdGhlaXIgY2l0aXplbnMsIHRoZXkgYXJlIHJlZ3VsYXRpbmcg YW55d2F5IGFuZCBub3RoaW5nIHRoYXQNCiBJQ0FOTiBkb2VzIGlzIGdvaW5nIHRvIHBlcnN1YWRl IHRoZW0gb3RoZXJ3aXNlLiZuYnNwOyBBIGdvb2QgZXhhbXBsZSBvZiB1cyBmYWxsaW5nIG9uIHRo ZSBzaWRlIG9mIGN1c3RvbWVyIHByb3RlY3Rpb24gbWlnaHQgYXQgbGVhc3QgZ2l2ZSB0aG9zZSBp bmRpdmlkdWFscyBpbiB0aGVzZSBjb3VudHJpZXMgc29tZXRoaW5nIHRvIHBvaW50IHRvLCBhcyBv cHBvc2VkIHRvIGNhdmluZyBpbiB0byB0aHJlYXRzLjxvOnA+PC9vOnA+PC9wPg0KPHA+Y2hlZXJz IFN0ZXBoYW5pZSBQZXJyaW48bzpwPjwvbzpwPjwvcD4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9y bWFsIj5PbiAyMDIxLTA0LTI3IDExOjU2IHAubS4sIDxzcGFuIHN0eWxlPSJmb250LWZhbWlseTom cXVvdDtNUyBHb3RoaWMmcXVvdDsiPg0K6Zmz5pu86Iy5PC9zcGFuPiBNYW5qdSBDaGVuIHdyb3Rl OjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8YmxvY2txdW90ZSBzdHlsZT0ibWFyZ2luLXRvcDo1 LjBwdDttYXJnaW4tYm90dG9tOjUuMHB0Ij4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48 c3Ryb25nPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0Fy aWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6I0M3NTAwMCI+RVhURVJOQUwgRU1BSUw6PC9zcGFu Pjwvc3Ryb25nPjxiPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTAuMHB0O2ZvbnQtZmFtaWx5OiZx dW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6d2hpdGUiPjxvOnA+PC9vOnA+PC9zcGFu PjwvYj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3Jt YWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlm Ij5IaSBhbGwsPG86cD48L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNh bnMtc2VyaWYiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxw IGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtBcmlhbCZx dW90OyxzYW5zLXNlcmlmIj5UaGlzIGhhcyBiZWVuIGEgdmVyeSBoZWxwZnVsIGRpc2N1c3Npb24u IE91ciB1bHRpbWF0ZSBnb2FsIGlzIHRvIGZpbmFsaXplIGFuIE5DU0cgcG9zaXRpb24sIGFuZCBJ J2QgbGlrZSB0byBwcm92aWRlIHNvbWUgY29udGV4dCBpbiB0aGUgaW50ZXJlc3Qgb2YgcmVhY2hp bmcgdGhhdCBnb2FsLjxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90 OyxzYW5zLXNlcmlmIj48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7QXJp YWwmcXVvdDssc2Fucy1zZXJpZiI+U29tZSBoYXZlIHBvaW50ZWQgb3V0IHRoYXQgdGhlIHF1ZXN0 aW9uIG9mICdkbyB5b3UgYWdyZWUgdG8gcHVibGlzaCB5b3VyIGRhdGEnIGlzIGEgbXVjaCBiZXR0 ZXIgb25lIHRoYW4gJ2FyZSB5b3UgYSBsZWdhbCBvciBuYXR1cmFsIHBlcnNvbicuIEkgdG90YWxs eSBhZ3JlZS4gQnV0IHdlIGFscmVhZHkgaGF2ZSB0aGF0IGluIHRoZQ0KIHBvbGljeS4gSW4gdGhl IEVQRFAgcGhhc2UgMSBmaW5hbCByZXBvcnQsIHJlY29tbWVuZGF0aW9uICM2IHJlYWRzOiZuYnNw OzxvOnA+PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGJsb2NrcXVvdGUgc3R5bGU9ImJvcmRl cjpub25lO2JvcmRlci1sZWZ0OnNvbGlkICNDQ0NDQ0MgMS4wcHQ7cGFkZGluZzowaW4gMGluIDBp biA2LjBwdDttYXJnaW4tbGVmdDo0LjhwdDttYXJnaW4tcmlnaHQ6MGluIj4NCjxwIGNsYXNzPSJN c29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5z LXNlcmlmIj5UaGUgRVBEUCBUZWFtIHJlY29tbWVuZHMgdGhhdCwgYXMgc29vbiBhcyBjb21tZXJj aWFsbHkgcmVhc29uYWJsZSwgUmVnaXN0cmFyIG11c3QmbmJzcDtwcm92aWRlIHRoZSBvcHBvcnR1 bml0eSBmb3IgdGhlIFJlZ2lzdGVyZWQgTmFtZSBIb2xkZXIgdG8gcHJvdmlkZSBpdHMgQ29uc2Vu dCB0byZuYnNwO3B1Ymxpc2ggcmVkYWN0ZWQgY29udGFjdCBpbmZvcm1hdGlvbiwNCiBhcyB3ZWxs IGFzIHRoZSBlbWFpbCBhZGRyZXNzLCBpbiB0aGUgUkRTIGZvciB0aGUmbmJzcDtzcG9uc29yaW5n IHJlZ2lzdHJhci48L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Jsb2NrcXVvdGU+DQo8ZGl2Pg0K PHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7QXJp YWwmcXVvdDssc2Fucy1zZXJpZiI+SW4gdGhlIEVQRFAgcGhhc2UyQSwgdGhlIFdHIGlzIHRhc2tl ZCB0byBhZGRyZXNzIHRoZSBmb2xsb3dpbmcgcXVlc3Rpb25zOjxvOnA+PC9vOnA+PC9zcGFuPjwv cD4NCjwvZGl2Pg0KPGRpdj4NCjxvbCBzdGFydD0iMSIgdHlwZT0iMSI+DQo8bGkgY2xhc3M9Ik1z b05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9t LWFsdDphdXRvO21zby1saXN0OmwwIGxldmVsMSBsZm8xIj4NCjxzcGFuIHN0eWxlPSJmb250LWZh bWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmIj5XaGV0aGVyIGFueSB1cGRhdGVzIGFy ZSByZXF1aXJlZCB0byB0aGUgRVBEUCBQaGFzZSAxIHJlY29tbWVuZGF0aW9uIG9uIHRoaXMgdG9w aWMgKOKAnFJlZ2lzdHJhcnMgYW5kIFJlZ2lzdHJ5IE9wZXJhdG9ycyBhcmUgcGVybWl0dGVkIHRv IGRpZmZlcmVudGlhdGUgYmV0d2VlbiByZWdpc3RyYXRpb25zIG9mIGxlZ2FsIGFuZCBuYXR1cmFs IHBlcnNvbnMsIGJ1dCBhcmUgbm90DQogb2JsaWdhdGVkIHRvIGRvIHNv4oCcKTsgPG86cD48L286 cD48L3NwYW4+PC9saT48bGkgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9w LWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvO21zby1saXN0OmwwIGxldmVsMSBs Zm8xIj4NCjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNl cmlmIj5XaGF0IGd1aWRhbmNlLCBpZiBhbnksIGNhbiBiZSBwcm92aWRlZCB0byBSZWdpc3RyYXJz IGFuZC9vciBSZWdpc3RyaWVzIHdobyBkaWZmZXJlbnRpYXRlIGJldHdlZW4gcmVnaXN0cmF0aW9u cyBvZiBsZWdhbCBhbmQgbmF0dXJhbCBwZXJzb25zLiZuYnNwOzxvOnA+PC9vOnA+PC9zcGFuPjwv bGk+PC9vbD4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1m YW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZiI+U28gaXQncyBub3QgdGhhdCB3ZSAn d2FudCcgdGhlIGRpc3RpbmN0aW9uIG9mIG5hdHVyYWwmbmJzcDt2cy4gbGVnYWwuIEl0J3MgdGhl IHRhc2sgd2UncmUgZ2l2ZW4sIGFuZCBwZXIgdGhlIFdHIGNoYWlyJ3MgbGFzdCBlbWFpbCB0byB0 aGUgRVBEUCB0ZWFtLCBpdCdzIG5vdCBzb21ldGhpbmcgd2UgY2FuIGF2b2lkLiBXZSBoYXZlIHRv IHN0aWNrDQogdG8gdGhlICduYXR1cmFsIHZzLiBsZWdhbCBwZXJzb25zJyByaGV0b3JpYyB0byBh bnN3ZXIgdGhlIHF1ZXN0aW9ucy4mbmJzcDs8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4N CjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1 b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZiI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0K PC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFt aWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWYiPk9mIGNvdXJzZSwgd2UgY2FuIHNpbXBs eSBhc3NlcnQgdGhhdCAndGhlcmUncyBubyB1cGRhdGUgbmVlZGVkJyBhbmQgbGV0IHRoZSBjb250 cmFjdGVkIHBhcnRpZXMgZG8gd2hhdGV2ZXIgdGhleSB3YW50IHdoZW4gdGhleSBmZWVsIGxpa2Ug bWFraW5nIHRoZSBkaXN0aW5jdGlvbi4gSSB3YXMgcGVyc29uYWxseSB2ZXJ5IHRlbXB0ZWQNCiBi eSB0aGlzIG9wdGlvbiBldmVyeSBub3cgYW5kIHRoZW4uIEhvd2V2ZXIsIGFzIE1pbHRvbiBwb2lu dGVkIG91dCBpbiBhbm90aGVyIGVtYWlsLCB3ZSBhcmUgYWxyZWFkeSBkZXZlbG9waW5nIGd1aWRh bmNlIGluIHRoZSBFUERQLCBzbyB0aGF0IG9wdGlvbiBzZWVtcyBmYXItZmV0Y2hlZC4mbmJzcDs8 bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZiI+ PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1z b05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMt c2VyaWYiPkkgaG9wZSB0aGlzIGV4cGxhaW5zIHNvbWUgb2YgdGhlIGNvbmZ1c2lvbiBhbmQgaGVs cHMgdXMgdG8gY29uc2lkZXIgTWlsdG9uJ3MgNCBvcHRpb25zIGluIHRoZSBvdGhlciBlbWFpbC4m bmJzcDs8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNv Tm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1z ZXJpZiI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7 LHNhbnMtc2VyaWYiPlRoYW5rcyE8bzpwPjwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7QXJp YWwmcXVvdDssc2Fucy1zZXJpZiI+PG86cD4mbmJzcDs8L286cD48L3NwYW4+PC9wPg0KPC9kaXY+ DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZx dW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWYiPjxvOnA+Jm5ic3A7PC9vOnA+PC9zcGFuPjwvcD4N CjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZh bWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmIj5CZXN0LCZuYnNwOzxvOnA+PC9vOnA+ PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0 eWxlPSJmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmIj5NYW5qdTxvOnA+ PC9vOnA+PC9zcGFuPjwvcD4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPGRpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNv Tm9ybWFsIj5PbiBXZWQsIEFwciAyOCwgMjAyMSBhdCA0OjQwIEFNIE1hcmsgTGVpc2VyICZsdDs8 YSBocmVmPSJtYWlsdG86bWFya2xlaXNlckBnbWFpbC5jb20iIHRhcmdldD0iX2JsYW5rIj5tYXJr bGVpc2VyQGdtYWlsLmNvbTwvYT4mZ3Q7IHdyb3RlOjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8 YmxvY2txdW90ZSBzdHlsZT0iYm9yZGVyOm5vbmU7Ym9yZGVyLWxlZnQ6c29saWQgI0NDQ0NDQyAx LjBwdDtwYWRkaW5nOjBpbiAwaW4gMGluIDYuMHB0O21hcmdpbi1sZWZ0OjQuOHB0O21hcmdpbi1y aWdodDowaW4iPg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250 LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmIj5IaSBNaWx0b24sPC9zcGFuPg0K PG86cD48L286cD48L3A+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8 L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHls ZT0iZm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZiI+Rmlyc3QgbGV0IG1l IHNheSBJIGNvbXBsZXRlbHkgYWdyZWUmbmJzcDt3aXRoIHlvdSBvbiZuYnNwO3lvdXIgc3RhdGVt ZW50cyBhYm91dCBFdXJvcGVhbiBkYXRhIHByaXZhY3kuIEkgZmVlbCBsaWtlIEkndmUgZGVkaWNh dGVkIG1vc3Qgb2YgbXkgcHJvZmVzc2lvbmFsIGxpZmUgYXJndWluZyBhYm91dCB0aGUgZGFuZ2Vy cyBvZiBwcml2YWN5Jm5ic3A7YW5kIGRhdGENCiBwcm90ZWN0aW9uIG1heGltYWxpc20gLSB5ZXQg YWxtb3N0IGFsd2F5cyBmZWVsJm5ic3A7bGlrZSBteSBhcmd1bWVudHMgb24gZGVhZiBlYXJzLiBX aGlsZSBwZW9wbGUgYXJlIGFyZ3VpbmcgdGhhdCAnZXZlcnl0aGluZyBpcyBwZXJzb25hbCBkYXRh JywgSSd2ZSBiZWVuIGFyZ3VpbmcgdGhhdCB0aGlzIG1ha2VzIHRoZSByZWdpbWUgdW5tYW5hZ2Vh YmxlLiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNz PSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xh c3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7 LHNhbnMtc2VyaWYiPlNvIGxldCBtZSB0cnkgdG8gZXhwbGFpbiAncmVsYXRpbmcgdG8nIHdpdGgm bmJzcDtyZWZlcmVuY2UgdG8gJ01pbHRvbiBNdWVsbGVyJ3MgUG9ya2JlbGx5Jm5ic3A7RGluZXIn LiBCZWNhdXNlIG9mIFJlY2l0YWwgMTQsIHRoaXMgd291bGQgYW1vdW50IHRvIGEgbGVnYWwgcGVy c29uLiBJdCdzIHByZXR0eSBjbGVhciB0aGF0IHRoZSBpbnRlbnRpb24gb2YNCiB0aGUgR0RQUidz IGRyYWZ0ZXJzIHdhcyB0byBleGNsdWRlIGxlZ2FsIHBlcnNvbnMuIEhvd2V2ZXIsIGxldCdzIHNh eSB5b3UgaGF2ZSByZWdpc3RlcmVkICdNTSBQb3JrYmVsbHkgRGluZXInIGluIHRoZSZuYnNwO3Jl Z2lzdGVyIG9mIGNvbXBhbmllcy4gSSB0aGluayB5b3Ugd291bGQgYWdyZWUgdGhhdCB0aGlzIHdv dWxkIGFtb3VudCB0byBpbmZvcm1hdGlvbiBhYm91dCBhIGxlZ2FsIHBlcnNvbi4gQnV0IHNheSBz b21lb25lJm5ic3A7c2VhcmNoZWQgdGhlIGNvbXBhbnkNCiByZWdpc3RlciBhbmQgZGlzY292ZXJl ZCBNaWx0b24gTXVlbGxlciB3YXMgdGhlIHByaW5jaXBhbCBzaGFyZWhvbGRlciBvZiBNTSBQb3Jr YmVsbHkgRGluZXIuIFRoaXMgaXMgYW4gaWRlbnRpZmllciB3aGljaCB3b3VsZA0KPGk+dGllIG5m b3JtYXRpb24gYWJvdXQgTWlsdG9uIE11ZWxsZXIgdG88L2k+ICdNTSBQb3JrQmVsbHkgRGluZXIn LiBUaGVyZWZvcmUsIHRoaXMgaXMgJ2FueSBpbmZvcm1hdGlvbicgJ3JlbGF0aW5nIHRvJyBhbiBp ZGVudGlmaWVkJm5ic3A7b3IgaWRlbnRpZmlhYmxlIGxpdmluZyBwZXJzb24uIEl0IHdvdWxkIGJl IHJlYXNvbmFibGUgdG8gaW5mZXIgdGhhdCBNTSByZWdpc3RlcmVkIGluIHRoZSByZWdpc3RyYXIg ZGF0YWJhc2UgdW5kZXIgTU0gUG9ya0JlbGx5DQogRGluZXIgaXMgdGhlIHNhbWUgYXMgdGhlIE1p bHRvbiZuYnNwO011ZWxsZXIgdGhhdCBpcyBpbiB0aGUgcmVnaXN0ZXIgb2YgY29tcGFuaWVzLiBU aGUgZmFjdCB0aGF0IHNvbWVvbmUgY2FuIGNvbWJpbmUmbmJzcDt0aGUga25vd2xlZGdlIGZyb20g dGhlIGNvbXBhbnkgcmVnaXN0ZXIgd2l0aCB0aGUga25vd2xlZGdlIGZyb20gdGhlIHJlZ2lzdHJh ciBkYXRhYmFzZSBjb3VsZCBtYWtlICdNTSBQb3JrYmVsbHkgRGluZXInIHBlcnNvbmFsIGRhdGEg dW5kZXIgQXJ0aWNsZQ0KIDQoMSkgb2YgdGhlIEdEUFIuIFNvbWVvbmUgd2hvIGRpZCBub3QgZGlz Y2xvc2UgdGhlaXIgaWRlbnRpdHkgYXQgYWxsIGNvdWxkIHN0aWxsIGJlIGlkZW50aWZpYWJsZTsg aGVuY2UsIHRoZSBwZXJjZWl2ZWQgbmVlZCBmb3IgcHJvdGVjdGlvbiBpbiB0aGUgRVUgZGF0YSBw cm90ZWN0aW9uIHJlZ2ltZS48L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4N CjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtBcmlh bCZxdW90OyxzYW5zLXNlcmlmIj4mbmJzcDsmcXVvdDtJPHNwYW4gc3R5bGU9ImNvbG9yOiMxRjQ5 N0QiPiZuYnNwO2FtIHNheWluZyB0aGF0IHRoZSB1c2VyLCB0aGUgcmVnaXN0cmFudCwgZ2V0cyB0 byBkZWNpZGUgd2hhdCBpcyBwZXJzb25hbCBkYXRhIG9yIG5vdCwgYmVjYXVzZSBUSEVSRSBJUyBO TyBPQkpFQ1RJVkUsIENMRUFSIExFR0FMIERFRklOSVRJT04mcXVvdDsgaXMsIG9uIHRoZSBzdXJm YWNlLA0KIHByb2JsZW1hdGljLiA8L3NwYW4+PHNwYW4gc3R5bGU9ImNvbG9yOmJsYWNrIj5JdCBk b2Vzbid0IG1hdHRlciB3aGV0aGVyIHRoZSB1c2VyIHNheXMgTk8gb3IgWUVTIG9yIHRoZSByZWdp c3RyYXIgc2F5cyBubyBvciB5ZXMsIG9yIHdoZXRoZXIgaXQgaXMgb2JqZWN0aXZlIG9yIGNsZWFy LCB0aGUgdGVzdCBpcyB3aGV0aGVyIGFueSBpbmZvcm1hdGlvbiBjYW4gYmUgY29tYmluZWQgd2l0 aCBvdGhlciBpbmZvcm1hdGlvbiB0byByZXZlYWwgYW4gaWRlbnRpZmlhYmxlDQogbGl2aW5nIHBl cnNvbi4gSSB3b3VsZCBhcmd1ZSwgYWJzZW50IGEgd2hvbGVzYWxlIGNoYW5nZSBpbiB0aGUgcmVh c29uaW5nIHVzZWQgYnkgdGhlIENKRVUsIHRoaXMgd291bGQgcmVtYWluIHRoZSBjYXNlIGZvciB0 aGUgZm9yZXNlZWFibGUgZnV0dXJlLiBUaGlzIGlzIG5vdCBpbnRlbmRlZCBhcyBhIE1hcmsgTGVp c2VyIGFyZ3VtZW50IG9yIGFuIGF0dGVtcHQgdG8gZGlzY3JlZGl0IHdoYXQgeW91IGFyZSBzYXlp bmcsIGJ1dCBhbiBob25lc3QgYWNjb3VudA0KIG9mIGhvdyBJIHRoaW5rIHRoZSBDb3VydHMgYW5k IHRoZSBFVSBkYXRhIHByb3RlY3Rpb24gQm9hcmQgd291bGQgcmVhY3QgdG8gd2hhdCB5b3UgYXJl IHByb3Bvc2luZy4mbmJzcDs8L3NwYW4+PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8 ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4N CjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1 b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZiI+WW91IGFza2VkIGFib3V0DQo8YSBocmVmPSJodHRw czovL2lhcHAub3JnL25ld3MvYS9hcmUtaXAtYWRkcmVzc2VzLWdlbmVyYXRlZC13aGVuLXVzZXJz LXZpc2l0LXdlYnNpdGVzLXBlcnNvbmFsLWluZm9ybWF0aW9uLyM6fjp0ZXh0PVVuZGVyJTIwdGhl JTIwRVUlMjBHZW5lcmFsJTIwRGF0YSxoZWFkZXIlMjBpbmZvcm1hdGlvbiUyMHRoYXQlMjB3ZWJz aXRlJTIwaG9zdHMiIHRhcmdldD0iX2JsYW5rIj4NCklQIGFkZHJlc3NlczwvYT4sICdwb3J0IG51 bWJlcnMnLCAnYnJvd3NlciBjb25maWcnLCBldGMgY291bGQgYmUgdXNlZCB0byBpZGVudGlmeSB5 b3UgcGVyc29uYWxseS4gWWVzLCBhYnNvbHV0ZWx5LiBUaGlzIGlzIHBlcnNvbmFsIGRhdGEgaW4g dGhlIEVVIC0gaWYgaXQgY2FuIHJlbGF0ZSB0byBhIGxpdmluZyBwZXJzb24uIFdoYXQgeW91ciZu YnNwO3dyaXRpbmcmbmJzcDtoZXJlIHJldmVhbHMsIGlzIHRoYXQgeW91IGFyZSBhIGxpdHRsZSBj b25mdXNlZCBhYm91dA0KIGhvdyB0aGUmbmJzcDtHRFBSIHdvcmtzIC0gdGhlIEdEUFIgZG9lcyBu b3QgcmVseSBvbiAnY29uc2VudCcgb3IgJ2V4cGxpY2l0IHBlcm1pc3Npb24nIGFzIHRoZSBvbmx5 IGJhc2lzIGZvciBwcm9jZXNzaW5nIHBlcnNvbmFsIGRhdGEuIFJlbWVtYmVyIHRoZSBHRFBSIGhh cyBzaXg8YSBocmVmPSJodHRwczovL2dkcHItaW5mby5ldS9hcnQtNi1nZHByLyIgdGFyZ2V0PSJf YmxhbmsiPiZuYnNwO2dyb3VuZHMgb2YgcHJvY2Vzc2luZzwvYT4uIEl0IGlzIGEgcHJvaGliaXRp dmUNCiByZWd1bGF0aW9uLiBZb3UgY2Fubm90IHByb2Nlc3MgcGVyc29uYWwgZGF0YSBpbiB0aGUg RVUgdW5sZXNzIHlvdSBzYXRpc2Z5IG9uZSBvZiB0aG9zZSBzaXggZ3JvdW5kcy4gTW9zdCBjb21w YW5pZXMgd2lsbCBOT1QgYmUgcHJvY2Vzc2luZyBvbiB0aGUgYmFzaXMgb2YgJ2NvbnNlbnQnIGJ1 dCBvbiAnbGVnaXRpbWF0ZSBpbnRlcmVzdHMnIChBcnRpY2xlIDYoMSkoZikpIG9yIHBlcmZvcm1h bmNlIG9mIGEgY29udHJhY3QgKEFydGljbGUgNigxKShiKSkuDQogRG9uJ3Qgd29ycnksIHRoaXMg aXMgYW4gZXh0cmVtZWx5Jm5ic3A7Y29tbW9uIG1pc3Rha2UgYW1vbmcgQW1lcmljYW4gYXR0b3Ju ZXlzISBBcyBtb3N0IG9mIHRoZXNlIGl0ZW1zIGFyZSAmcXVvdDt0ZWNobmljYWwnLCBJIHdvdWxk IGFsc28gaW1hZ2luZSB0aGF0IHRoZXJlIGlzIGEgJ2xlZ2FsIHJlcXVpcmVtZW50JyAoYW5vdGhl ciBncm91bmQpIG9yIGEgbGF3ZnVsIGJhc2lzLiBBbGwgSVNQcyB3aWxsIGJlIHByb2Nlc3Npbmcg cGVyc29uYWwgZGF0YSB0aHJvdWdoDQogJ0lQIGFkZHJlc3NlcycsICdwb3J0IGJyb3dzZXJzJywg YW5kICdicm93c2VyIGNvbmZpZycgYmVjYXVzZSBvZiB0aGUgbGVnYWwgYmFzaXMgZm91bmQgaW4m bmJzcDs8YSBocmVmPSJodHRwczovL2V1ci1sZXguZXVyb3BhLmV1L2xlZ2FsLWNvbnRlbnQvRU4v VFhUL0hUTUwvP3VyaT1DRUxFWDozMjAwMkwwMDU4JmFtcDtmcm9tPUVOIiB0YXJnZXQ9Il9ibGFu ayI+QXJ0aWNsZSAxNSBvZiB0aGUgZS1Qcml2YWN5IERpcmVjdGl2ZTwvYT4mbmJzcDt3aGljaCBw cm92aWRlcyBNZW1iZXImbmJzcDtTdGF0ZXMNCiB3aXRoIGEgc3BlY2lmaWMgZXhlbXB0aW9uIGZv ciB0aGUgcHVycG9zZXMgb2YgbmF0aW9uYWwgc2VjdXJpdHkuIElmIG5vdCBjb3ZlcmVkIGJ5IHRo aXMsIEkgd291bGQgaW1hZ2luZSB0aGV5IHdvdWxkIHJlbHkgb24gJ2xlZ2l0aW1hdGUgaW50ZXJl c3RzJyBhcyB0aGVpciBncm91bmQgaW5zdGVhZC4mbmJzcDs8L3NwYW4+PG86cD48L286cD48L3A+ DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwv cD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxzcGFuIHN0eWxlPSJmb250 LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNlcmlmIj5GaW5hbGx5LCBldmVuIGlmIGEg cmVnaXN0cmFyIGhhcyBhIGxlZ2l0aW1hdGUgaW50ZXJlc3QgaW4gcHJvY2Vzc2luZyBzb21lb25l J3MgcGVyc29uYWwgZGF0YSwgdGhpcyBkb2VzIG5vdCBhZGRyZXNzIHRoZQ0KPGk+cHJpdmFjeSA8 L2k+cmVxdWlyZW1lbnRzIHRoYXQgaSBpbmRpY2F0ZWQgaW4gbXkgcHJldmlvdXMgZW1haWwuIFVu bGVzcyB0aGVyZSBpcyBhIHNwZWNpZmljIHByb3Zpc2lvbiBwdXQgaW50byBsYXcsIEkgZG8gbm90 IGtub3cgaG93IHRoZSByZWdpc3RyYXImbmJzcDtjYW4gcmVtYWluIGNvbXBsaWFudCB3aXRoIHRo ZSBHRFBSIGFuZCB0aGUgRVUncyBwcml2YWN5IHJlcXVpcmVtZW50cy4gSW4gZmFjdCwgSSBkb24n dCBrbm93IGhvdyB0aGUgRVUgY2FuDQogZXZlbiBjb21tZW50IG9uIHRoaXMsIGJlY2F1c2UsIG9m IGNvdXJzZSwgdGhlIEVVIENoYXJ0ZXIgaXMgYSBsZWdhbCBmcmFtZXdvcmsgY29tcGxldGVseSBk aXN0aW5jdCBmcm9tIHRoZSBFdXJvcGVhbiBDb252ZW50aW9uIG9mIEh1bWFuIFJpZ2h0cy4mbmJz cDs8L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9y bWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29O b3JtYWwiPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtBcmlhbCZxdW90OyxzYW5zLXNl cmlmIj5PbmUgbW9yZSB0aGluZyB0byBjb25zaWRlciAtIGlmIHlvdSBjaG9vc2UgdG8gZGlzY2xv c2UgeW91ciBuYW1lLCBhZGRyZXNzLCBhbmQgZGVzaWduYXRlIGFzIHRoZSBjb250YWN0IHBlcnNv biBvZiBhIGxlZ2FsIHBlcnNvbiwgd2hhdCBoYXBwZW5zIHdoZW4gdGhhdCBwZXJzb24gZXhlcmNp c2VzIHRoZWlyICdyaWdodCB0byBiZSBmb3Jnb3R0ZW4nDQogcmlnaHQgdW5kZXIgQXJ0aWNsZSAx NyBHRFBSLiBNYXliZSBNaWx0b24gTXVlbGxlciB0aGUgcGVyc29uIGNob29zZXMgdG8gbGVhdmUg dGhlIGxlZ2FsIGVudGl0eSBNTSBQb3JrYmVsbHkgRGluZXIsIGFkb3B0cyBhIHZlZ2FuIGxpZmVz dHlsZSwgYW5kIHdhbnRzIG5vIGFmZmlsaWF0aW9uJm5ic3A7d2l0aCB0aGUgYnVzaW5lc3M/IElm IGl0J3MmbmJzcDtwdWJsaXNoZWQsIGhlJm5ic3A7Y2FuIGRlbWFuZCBhIGNvcnJlY3Rpb24gb2Yg dGhlIGRhdGFiYXNlIHRoZXJlb2YuDQogU28gd2hhdCB0aGVuPyZuYnNwOzwvc3Bhbj48bzpwPjwv bzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiPjxvOnA+Jm5ic3A7 PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+PHNwYW4gc3R5 bGU9ImZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWYiPlJlZ2FyZHMsPC9z cGFuPjxvOnA+PC9vOnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCI+ PG86cD4mbmJzcDs8L286cD48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFs Ij48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7QXJpYWwmcXVvdDssc2Fucy1zZXJpZiI+ TWFyayZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2Pg0KPGRpdj4NCjxkaXY+DQo8 ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxk aXY+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPGRpdj4NCjxkaXY+DQo8ZGl2Pg0KPGRp dj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjku NXB0Ij48bzpwPiZuYnNwOzwvbzpwPjwvc3Bhbj48L3A+DQo8L2Rpdj4NCjxkaXY+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIj48Yj48c3BhbiBzdHlsZT0iZm9udC1mYW1pbHk6JnF1b3Q7VGFob21hJnF1 b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzY3NEVBNyI+RHIgTWFyayBMZWlzZXIgfA0KPC9zcGFuPjwv Yj48Yj48c3BhbiBzdHlsZT0iY29sb3I6IzY3NEVBNyI+TGF3IGFuZCBEaWdpdGFsIFRlY2hub2xv Z2llcyZuYnNwOzwvc3Bhbj48L2I+PGI+PHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OiZxdW90O1Rh aG9tYSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiM2NzRFQTciPnwgRlJTQSBGSEVBJm5ic3A7fDwv c3Bhbj48L2I+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZTo5LjVwdCI+PG86cD48L286cD48L3NwYW4+ PC9wPg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9k aXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rp dj4NCjwvZGl2Pg0KPC9kaXY+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+DQo8cCBjbGFzcz0iTXNv Tm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjwvZGl2Pg0KPC9kaXY+DQo8cCBjbGFzcz0i TXNvTm9ybWFsIj48bzpwPiZuYnNwOzwvbzpwPjwvcD4NCjxkaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9 Ik1zb05vcm1hbCI+T24gVHVlLCAyNyBBcHIgMjAyMSBhdCAyMDozNSwgTXVlbGxlciwgTWlsdG9u IEwgJmx0OzxhIGhyZWY9Im1haWx0bzptaWx0b25AZ2F0ZWNoLmVkdSIgdGFyZ2V0PSJfYmxhbmsi Pm1pbHRvbkBnYXRlY2guZWR1PC9hPiZndDsgd3JvdGU6PG86cD48L286cD48L3A+DQo8L2Rpdj4N CjxibG9ja3F1b3RlIHN0eWxlPSJib3JkZXI6bm9uZTtib3JkZXItbGVmdDpzb2xpZCAjQ0NDQ0ND IDEuMHB0O3BhZGRpbmc6MGluIDBpbiAwaW4gNi4wcHQ7bWFyZ2luLWxlZnQ6NC44cHQ7bWFyZ2lu LXJpZ2h0OjBpbiI+DQo8ZGl2Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJt c28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+PHNwYW4g c3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90Oyxz YW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0QiPk1hcmssDQo8L3NwYW4+PG86cD48L286cD48L3A+DQo8 cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1h cmdpbi1ib3R0b20tYWx0OmF1dG8iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQt ZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj5UaGFu a3MgZm9yIHlvdXIgaW50ZXJ2ZW50aW9uLiBIZXJlIGlzIHRoZSBjb21wbGV0ZSBkZWZpbml0aW9u IG9mIHBlcnNvbmFsIGRhdGEgaW4gR0RQUjo8L3NwYW4+PG86cD48L286cD48L3A+DQo8cCBjbGFz cz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bWFyZ2luLWJvdHRv bToxMi4wcHQ7bWFyZ2luLWxlZnQ6MzAuMHB0O2JhY2tncm91bmQ6d2hpdGU7dmVydGljYWwtYWxp Z246YmFzZWxpbmUiPg0KPHNwYW4gc3R5bGU9ImNvbG9yOiMzMzMzMzMiPuKAmHBlcnNvbmFsIGRh dGHigJkgbWVhbnMgYW55IGluZm9ybWF0aW9uIHJlbGF0aW5nIHRvIGFuIGlkZW50aWZpZWQgb3Ig aWRlbnRpZmlhYmxlIG5hdHVyYWwgcGVyc29uICjigJhkYXRhIHN1YmplY3TigJkpOyBhbiBpZGVu dGlmaWFibGUgbmF0dXJhbCBwZXJzb24gaXMgb25lIHdobyBjYW4gYmUgaWRlbnRpZmllZCwgZGly ZWN0bHkgb3IgaW5kaXJlY3RseSwgaW4gcGFydGljdWxhciBieSByZWZlcmVuY2UgdG8gYW4NCiBp ZGVudGlmaWVyIHN1Y2ggYXMgYSBuYW1lLCBhbiBpZGVudGlmaWNhdGlvbiBudW1iZXIsIGxvY2F0 aW9uIGRhdGEsIGFuIG9ubGluZSBpZGVudGlmaWVyIG9yIHRvIG9uZSBvciBtb3JlIGZhY3RvcnMg c3BlY2lmaWMgdG8gdGhlIHBoeXNpY2FsLCBwaHlzaW9sb2dpY2FsLCBnZW5ldGljLCBtZW50YWws IGVjb25vbWljLCBjdWx0dXJhbCBvciBzb2NpYWwgaWRlbnRpdHkgb2YgdGhhdCBuYXR1cmFsIHBl cnNvbjs8L3NwYW4+PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0i bXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPjxzcGFu IHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDss c2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj5BbGFzLCB0aGlzIHJhaXNlcyBtb3JlIHF1ZXN0aW9u cyB0aGFuIGl0IGFuc3dlcnMuIEl0IGlzIG5vdCBlbnRpcmVseSBjbGVhciB3aGF0IOKAnHJlbGF0 aW5nIHRv4oCdIG1lYW5zDQogaW4gdGhpcyBjb25zdHJ1Y3QuIEUuZy4sIGlmIHRoZSBuYW1lIG9m IG15IGNvbXBhbnkgaXMgTWlsdG9uIE11ZWxsZXLigJlzIFBvcmtiZWxseSBEaW5lciwgaXMgdGhl IG5hbWUgcmVsYXRpbmcgdG8gbWUgYXMgYSBwZXJzb24sIG9yIHRvIG15IGJ1c2luZXNzPyBTdHJp Y3RseSBzcGVha2luZyBpdOKAmXMgYSBidXNpbmVzcyBuYW1lLiBCdXQgaXQgY291bGQgYmUgdXNl ZCB0byBpZGVudGlmeSBtZS4gQW4gb3Zlcmx5IGJyb2FkIGludGVycHJldGF0aW9uIG9mDQogdGhp cyBkZWZpbml0aW9uIHdvdWxkIGNsYXNzaWZ5IEFOWSBkYXRhIGFib3V0IEFOWVRISU5HIGFzIOKA nHBlcnNvbmFsIGRhdGHigJ0gYmVjYXVzZSBhdCBzb21lIHBvaW50IGl0IGNvdWxkIGJlIOKAnHJl bGF0ZWQgdG/igJ0gYW4g4oCcaWRlbnRpZmlhYmxlIG5hdHVyYWwgcGVyc29uLuKAnSBTbyBzdWRk ZW5seSB0aGUgYnVzaW5lc3MgbmFtZSBiZWNvbWVzIHBlcnNvbmFsIGRhdGEuIE9yIGEgYnVuY2gg b2Ygb2JzY3VyZSB0ZWNobmljYWwgaW5kaWNhdG9ycyBpbmhlcmVudA0KIGluIHlvdXIgdXNlIG9m IHRoZSBpbnRlcm5ldCwgc3VjaCBhcyBwb3J0IG51bWJlcnMsIGJyb3dzZXIgY29uZmlnLCBldGMu LCBjb3VsZCBiZSDigJxyZWxhdGVk4oCdIHRvIHlvdXIgSVNQIGFjY291bnQgbnVtYmVyLCBhbmQg dGhlbiB1c2VkIHRvIGlkZW50aWZ5IHlvdSwgcGVyc29uYWxseS4gQnV0IGRvZXMgdGhhdCBtZWFu IHRoYXQgZXZlcnkgd2Vic2l0ZSBhbmQgaG9zdGluZyBzZXJ2aWNlIGluIHRoZSB3b3JsZCB0aGF0 IHVzZXMgdGhhdCB0ZWNobmljYWwNCiBkYXRhIGluIHRoZSBjb3Vyc2Ugb2YgdGhlaXIgb3BlcmF0 aW9ucyBjYW5ub3QgcHJvY2VzcyB0aGF0IGluZm8gd2l0aG91dCB5b3VyIGV4cGxpY2l0IHBlcm1p c3Npb24sIGJlY2F1c2UgaXTigJlzIOKAnHBlcnNvbmFsIGRhdGE/4oCdIEkgaG9wZSBub3QsIGJl Y2F1c2UgdGhlIGludGVybmV0IHdvdWxkIGNlYXNlIHRvIGZ1bmN0aW9uIGlmIHNvLg0KPC9zcGFu PjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4t dG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj48c3BhbiBzdHlsZT0iZm9u dC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWY7 Y29sb3I6IzFGNDk3RCI+Jm5ic3A7PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPGRpdj4NCjxkaXY+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNv LW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPjxzcGFuIHN0eWxlPSJmb250LWZhbWlseTomcXVvdDtB cmlhbCZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0QiPiZndDs8L3NwYW4+PHNwYW4gc3R5 bGU9ImZvbnQtZmFtaWx5OiZxdW90O0FyaWFsJnF1b3Q7LHNhbnMtc2VyaWYiPlRoZXJlZm9yZSwN CjxhIGhyZWY9Im1haWx0bzppbmZvQG15b3JnLm9yZyIgdGFyZ2V0PSJfYmxhbmsiPmluZm9AbXlv cmcub3JnPC9hPiBpcyBwZXJzb25hbCBkYXRhIGlmIHNvbWVvbmUgYmVoaW5kIGl0IGlzIGlkZW50 aWZpYWJsZS48L3NwYW4+PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHls ZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPjxz cGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVv dDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj4mbmJzcDs8L3NwYW4+PG86cD48L286cD48L3A+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNv LW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2Zv bnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj5N eSBwb2ludCBpcyB0aGF0IHdoZXRoZXIgdGhlIHVzZXIgb2YNCjxhIGhyZWY9Im1haWx0bzppbmZv QG15b3JnLm9yZyIgdGFyZ2V0PSJfYmxhbmsiPmluZm9AbXlvcmcub3JnPC9hPiBpcyBpZGVudGlm aWFibGUgZG9lcyBub3QgZGVwZW5kIG9uIHRoYXQgY2h1bmsgb2YgZGF0YSwgYnV0IG9uIGEgYnVu Y2ggb2YgYWN0aXZpdGllcyB0aGF0IHJlbGF0ZSB0aGF0IGRhdGEgdG8gb3RoZXIgdGhpbmdzLiBB bmQgaW4gYSBkaWdpdGFsIHdvcmxkIHdpdGggcG93ZXJmdWwgcHJvY2Vzc2luZyBjYXBhYmlsaXRp ZXMsIG5vIG9uZQ0KIGNhbiBmdWxseSBjb250cm9sIHRob3NlIGNvcnJlbGF0aW9ucyBhbmQgc2Vh cmNoZXMuIEFueSBhdHRlbXB0IHRvIGRvIHNvIHNpbXBseSBjcmlwcGxlcyB0aGUgZW50aXJlIGlu Zm9ybWF0aW9uIGVjb25vbXkuIFNvIHRoZSBpZGVhIG9mIGxvb2tpbmcgYXQgYSByZWdpc3RyYXRp b24gcmVjb3JkIGFuZCBzYXlpbmcg4oCcaXMgdGhlcmUgcGVyc29uYWwgZGF0YSBpbiBoZXJlIG9y IG5vdOKAnSBpcyBhIGNvbXBsZXRlbHkgaW52YWxpZCB0ZXN0Ljwvc3Bhbj48bzpwPjwvbzpwPjwv cD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bztt c28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7 Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0Qi PiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxl PSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+PHNw YW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90 OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0QiPlRoZXJlIGlzIGFuIGVlcmllIHNpbWlsYXJpdHkg YmV0d2VlbiB0aGVzZSBleGFnZ2VyYXRlZCBhcHBsaWNhdGlvbnMgb2YgcHJpdmFjeSBsYXcgYW5k IHRoZSBjb3B5cmlnaHQNCiBtYXhpbWFsaXN0cyBvZiB0aGUgMTk5MHMuIFRoZSBJUCBpbnRlcmVz dHMgdGhvdWdodCB5b3UgbmVlZGVkIHBlcm1pc3Npb24gdG8gdHJhbnNtaXQgYSBjb3B5cmlnaHRl ZCB3b3JrIG92ZXIgdGhlIGludGVybmV0LCBhIGNsYWltIHRoYXQgd291bGQgaGF2ZSBjcmlwcGxl ZCBJU1BzIHdobyBoYWQgbm8gaWRlYSB3aGF0IHBhY2tldHMgd2VyZSBwYXJ0cyBvZiBjb3B5cmln aHRlZCBtYXRlcmlhbCBvciBub3QuIFByaXZhY3kgbWF4aW1hbGlzdHMgaGF2ZQ0KIHJlYWNoZWQg dGhlIHNhbWUgcG9pbnQgb2YgYWJzdXJkaXR5LCBidXQgdGhleSBkb27igJl0IHNlZW0gdG8gcmVh bGl6ZSBpdC4gVGhleSBhcmUgbm8gbG9uZ2VyIHByb3RlY3RpbmcgYSB0YW5naWJsZSBwcml2YWN5 IGludGVyZXN0IG9mIGludGVybmV0IHVzZXJzLCB0aGV5IGFyZSB0cnlpbmcgdG8gZ2l2ZSBpbmRp dmlkdWFscyByaWdpZCBjb250cm9sIG92ZXIgaW5mb3JtYXRpb24gZXhjaGFuZ2VzIGFuZCBpbXBv c2luZyBsYXJnZWx5IG1lYW5pbmdsZXNzDQogY29uc2VudCByZXF1aXJlbWVudHMgdGhhdCBkbyBu byBvbmUgYW55IGdvb2QuPC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1h bCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDph dXRvIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxp YnJpJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+Jm5ic3A7PC9zcGFuPjxvOnA+PC9v OnA+PC9wPg0KPC9kaXY+DQo8ZGl2Pg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1t YXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj48c3BhbiBzdHls ZT0iY29sb3I6IzFGNDk3RCI+Jmd0Ozwvc3Bhbj5UaGUgY29uZnVzaW9uIGNvbWVzIGZyb20mbmJz cDtSZWNpdGFsIDE0IG9mIHRoZSBHRFBSIHdoaWNoIHN0YXRlcyB0aGF0IGl0IG9ubHkgYXBwbGll cyB0byBuYXR1cmFsIHBlcnNvbnMgYW5kIGRvZXMgbm90IGNvdmVyIHRoZSBwcm9jZXNzaW5nIG9m IHBlcnNvbmFsDQogZGF0YSBjb25jZXJuaW5nIGxlZ2FsIHBlcnNvbnMsIGluIHBhcnRpY3VsYXIg dW5kZXJ0YWtpbmdzIGVzdGFibGlzaGVkIGFzIGxlZ2FsIHBlcnNvbnMgb3IgbGVnYWwgZW50aXRp ZXMuIFRoaXMgYWxzbyBpbmNsdWRlcyB0aGUgbmFtZSBvZiB0aGUgbGVnYWwgcGVyc29uLCB0aGUg Zm9ybSwgYW5kIHRoZSBjb250YWN0IGRldGFpbHMgb2YgdGhlIGxlZ2FsIHBlcnNvbi48c3BhbiBz dHlsZT0iY29sb3I6IzFGNDk3RCI+DQo8L3NwYW4+QnV0IHRoZSBzZWNvbmQgeW91IHN0YXJ0IGFk ZGluZyBpZGVudGlmaWVycyB0byB0aGVzZSBkZXRhaWxzLCBpdCBzdG9wcyBiZWNvbWluZyB0aGUg ZGF0YSBvZiBhICdsZWdhbCBwZXJzb24nIGFuZCBzdGFydHMgYmVjb21pbmcgcGVyc29uYWwgZGF0 YS4mbmJzcDs8bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28t bWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+PHNwYW4gc3R5 bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5z LXNlcmlmO2NvbG9yOiMxRjQ5N0QiPiZuYnNwOzwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjxwIGNs YXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2lu LWJvdHRvbS1hbHQ6YXV0byI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1p bHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0QiPlllcywgaW5k ZWVkLCB0aGUgR0RQUiBpcyBjb25mdXNlZCBvbiB0aGlzIHNjb3JlLiBVbmZvcnR1bmF0ZWx5LCB5 b3UgZG9u4oCZdCBlc2NhcGUgdGhhdCBjb25mdXNpb24gYnkNCiBzYXlpbmcg4oCcYWRkaW5nIGlk ZW50aWZpZXJz4oCdIGlzIHRoZSBwcm9ibGVtLiBZb3VyIGFyZ3VtZW50IGZhaWxzIGJlY2F1c2Ug bmFtZXMgb2YgbGVnYWwgcGVyc29ucyBhbmQgY29udGFjdCBkZXRhaWxzIEFSRSDigJxpZGVudGlm aWVycyzigJ0gdGhleSBhcmUganVzdCBpZGVudGlmaWVycyBvZiBsZWdhbCBwZXJzb25zLiBBcyBJ IHBvaW50ZWQgb3V0IHRoZXkgY2FuIGVhc2lseSBvdmVybGFwIHdpdGgsIG9yIGJlIHVzZWQgdG8g aWRlbnRpZnksIG5hdHVyYWwNCiBwZXJzb25zLiAmbmJzcDs8L3NwYW4+PG86cD48L286cD48L3A+ DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNv LW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPjxzcGFuIHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2Zv bnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDssc2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj4m bmJzcDs8L3NwYW4+PG86cD48L286cD48L3A+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0i bXNvLW1hcmdpbi10b3AtYWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPjxzcGFu IHN0eWxlPSJmb250LXNpemU6MTEuMHB0O2ZvbnQtZmFtaWx5OiZxdW90O0NhbGlicmkmcXVvdDss c2Fucy1zZXJpZjtjb2xvcjojMUY0OTdEIj5TbyBteSBiYXNpYyBwb2ludCBpcyB0aGF0IHdlIGRv IG5vdCBzb2x2ZSB0aGlzIHByb2JsZW0gYnkgcmVmZXJlbmNlIHRvIEdEUFIgZGVmaW5pdGlvbnMu IEluIGZhY3QgaWYNCiBHRFBSIGlzIHRha2VuIGxpdGVyYWxseSBubyBvbmUgY2FuIGV2ZXIgcHVi bGlzaCBhbmQgc2hhcmUgYW55IGtpbmQgb2YgaW5mb3JtYXRpb24gd2l0aG91dCBhYnN1cmQgb3Zl cmhlYWQgYW5kIGxlZ2FsIGJ1cmVhdWNyYWN5LCBiZWNhdXNlIEFMTCBvZiBpdCBjYW4gYmUgdXNl ZCB0byBpZGVudGlmeSB5b3UgaW4gc29tZSB3YXkuIFRoZXNlIGtpbmRzIG9mIGludGVycHJldGF0 aW9ucyBhY3R1YWxseSBkaXNjcmVkaXQgcHJpdmFjeSBsYXdzIGFuZCBwcm90ZWN0aW9ucywNCiBi eSB0YWtpbmcgdGhlbSB0byBjb3VudGVycHJvZHVjdGl2ZSBsZW5ndGhzLiBXZSBoYXZlIHRvIG1h a2UgY29tbW9uIHNlbnNlLWJhc2VkLCBwcmFjdGljYWwgZGlzdGluY3Rpb25zIGJldHdlZW4gd2hh dCBkYXRhIG5lZWRzIHByb3RlY3Rpb24sIHdoYXQgZGF0YSBjYW4gYmUgZWFzaWx5IHNoYXJlZCBh dCB0aGUgcmVnaXN0cmFudHPigJkgY2hvaWNlLjwvc3Bhbj48bzpwPjwvbzpwPjwvcD4NCjwvZGl2 Pg0KPGRpdj4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6 YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+Jm5ic3A7PG86cD48L286cD48L3A+DQo8 L2Rpdj4NCjxkaXY+DQo8cCBjbGFzcz0iTXNvTm9ybWFsIiBzdHlsZT0ibXNvLW1hcmdpbi10b3At YWx0OmF1dG87bXNvLW1hcmdpbi1ib3R0b20tYWx0OmF1dG8iPlNlY29uZGx5LCBJIGZpbmQgdGhp cyBzdGF0ZW1lbnQsICZxdW90O0kgdGhpbmsgaXQgaXMgc2ltcGxlc3QgdG8ganVzdCBzYXkgdG8g dGhlIHJlZ2lzdHJhbnQsIGlmIHlvdeKAmXJlIGEgY29tcGFueSBhbmQgZG9u4oCZdCBtaW5kIChv ciBldmVuIHdhbnQpIHlvdXIgZGF0YSB0byBiZSBwdWJsaXNoZWQsIGNoZWNrIHRoaXMgYm94Lg0K IElmIHlvdeKAmXJlIG5vdCwgb3IgeW91IGRvIG1pbmQsIGRvbuKAmXQgY2hlY2sgaXQuJnF1b3Q7 Jm5ic3A7IHRvIGJlIEJPVEggcGVycGxleGluZyBhbmQgaW5hY2N1cmF0ZS4mbmJzcDsmbmJzcDtX aGV0aGVyIHNvbWVvbmUgY2hlY2tzIHRoZSBib3gsIG9yIGRvZXMgbm90IGNoZWNrIHRoZSBib3gg aXMgY29tcGxldGVseSBpcnJlbGV2YW50IGZvciBkZXRlcm1pbmluZyB3aGV0aGVyIGl0IGlzIHBl cnNvbmFsIGRhdGEuIFdoZXRoZXIgc29tZW9uZSBjaGVja3MgdGhlIGJveCBpcyBhIHF1ZXN0aW9u DQogb2YgQ09OU0VOVCB0byBwcm9jZXNzaW5nIEFORCBwdWJsaWNhdGlvbiwgbm90IHdoZXRoZXIg dGhpcyBhbW91bnRzIHRvIHBlcnNvbmFsIGRhdGEuDQo8bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNz PSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2luLXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJv dHRvbS1hbHQ6YXV0byI+PHNwYW4gc3R5bGU9ImZvbnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6 JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlmO2NvbG9yOiMxRjQ5N0QiPiZuYnNwOzwvc3Bh bj48bzpwPjwvbzpwPjwvcD4NCjxwIGNsYXNzPSJNc29Ob3JtYWwiIHN0eWxlPSJtc28tbWFyZ2lu LXRvcC1hbHQ6YXV0bzttc28tbWFyZ2luLWJvdHRvbS1hbHQ6YXV0byI+PHNwYW4gc3R5bGU9ImZv bnQtc2l6ZToxMS4wcHQ7Zm9udC1mYW1pbHk6JnF1b3Q7Q2FsaWJyaSZxdW90OyxzYW5zLXNlcmlm O2NvbG9yOiMxRjQ5N0QiPldlIGFjdHVhbGx5IHNlZW0gdG8gYWdyZWUgaGVyZSwgbW9yZSB0aGFu IHlvdSB0aGluay4gSSBhbSBzYXlpbmcgdGhhdCB0aGUgdXNlciwgdGhlIHJlZ2lzdHJhbnQsIGdl dHMNCiB0byBkZWNpZGUgd2hhdCBpcyBwZXJzb25hbCBkYXRhIG9yIG5vdCwgYmVjYXVzZSBUSEVS RSBJUyBOTyBPQkpFQ1RJVkUsIENMRUFSIExFR0FMIERFRklOSVRJT04uIFNvIHRoZSB1c2VyIGNh biBkZWNpZGUgd2hldGhlciB0aGV5IHdhbnQgdG8gYmUgY2xhc3NpZmllZCBhcyBhIGxlZ2FsIHBl cnNvbiBhbmQg4oCcY29uc2VudOKAnSB0byBwdWJsaXNoaW5nIHRoZWlyIGRhdGEgb3Igbm90LiBB cyBhbiBleGFtcGxlLCB0aGF0IGlmIEkgZGVjaWRlIHRoYXQgcHVibGlzaGluZw0KIHRoZSBuYW1l IG9mIOKAnE1pbHRvbiBNdWVsbGVy4oCZcyBQb3JrYmVsbHkgRGluZXLigJ0gaXMgbm90IGEgdmlv bGF0aW9uIG9mIG15IHByaXZhY3ksIGl0IGlzbuKAmXQuIEl0IGRvZXNu4oCZdCBtYXR0ZXIgd2hh dCB0aGUgRXVyb3BlYW4gVW5pb24gc2F5cywgaXTigJlzIG15IGNob2ljZS4gJm5ic3A7Jm5ic3A7 PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xhc3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1t YXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4tYm90dG9tLWFsdDphdXRvIj48c3BhbiBzdHls ZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWlseTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMt c2VyaWY7Y29sb3I6IzFGNDk3RCI+Jm5ic3A7PC9zcGFuPjxvOnA+PC9vOnA+PC9wPg0KPHAgY2xh c3M9Ik1zb05vcm1hbCIgc3R5bGU9Im1zby1tYXJnaW4tdG9wLWFsdDphdXRvO21zby1tYXJnaW4t Ym90dG9tLWFsdDphdXRvIj48c3BhbiBzdHlsZT0iZm9udC1zaXplOjExLjBwdDtmb250LWZhbWls eTomcXVvdDtDYWxpYnJpJnF1b3Q7LHNhbnMtc2VyaWY7Y29sb3I6IzFGNDk3RCI+QW5kIGxldOKA mXMgbm90IG92ZXJsb29rIHRoZSBlbWJhcnJhc3NpbmcgZmFjdCB0aGF0IHRoZSBFdXJvcGVhbiBV bmlvbiBpcyBub3cgb25lIG9mIHRoZSBrZXkgcGxheWVycw0KIHB1c2hpbmcgaGFyZCBmb3IgcHVi bGljYXRpb24gb2YgbGVnYWwgcGVyc29uIGRhdGEuIEJ1dCBJ4oCZbGwgbGVhdmUgdGhhdCBvbmUg dG8gbGF0ZXIuDQo8L3NwYW4+PG86cD48L286cD48L3A+DQo8L2Rpdj4NCjwvZGl2Pg0KPC9kaXY+ DQo8L2Rpdj4NCjwvYmxvY2txdW90ZT4NCjwvZGl2Pg0KPC9ibG9ja3F1b3RlPg0KPC9kaXY+DQo8 L2Rpdj4NCjwvYmxvY2txdW90ZT4NCjwvZGl2Pg0KPC9ib2R5Pg0KPC9odG1sPg0K --_000_BN7PR07MB468972ABF9C9B637CBEC2CA6A15F9BN7PR07MB4689namp_-- ========================================================================= Date: Thu, 29 Apr 2021 15:35:53 +0100 Reply-To: Akinremi Peter Taiwo <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: Akinremi Peter Taiwo <[log in to unmask]> Subject: Fwd: [NCSG-PC] EPDP policy issues In-Reply-To: <[log in to unmask]> MIME-Version: 1.0 Content-Type: multipart/related; boundary="000000000000593f2205c11d6aec" Message-ID: <[log in to unmask]> --000000000000593f2205c11d6aec Content-Type: multipart/alternative; boundary="000000000000593f2105c11d6aeb" --000000000000593f2105c11d6aeb Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Just checking that I sent directly to Milton. Now sharing on the list ---------- Forwarded message --------- From: Akinremi Peter Taiwo <[log in to unmask]> Date: Tue, Apr 27, 2021 at 11:05 AM Subject: Re: [NCSG-PC] EPDP policy issues To: Mueller, Milton L <[log in to unmask]> Thanks to the EPDP team especially Milton and Stephanie for bringing this issue to the members attention. As said by Tatiana, we are all aware of natural and legal debate especially for those that have been following the EPDP conversations. While there is no one size fit answer to address the issues of natural vs legal privacy protection, NCSG should have a position that is driven by consensus. While thanking the EPDP team that represents NCSG, it is expected of the team to have discussed among themselves having a common approach feeding to the EPDP conversations rather than having our members openly disagreeing with each other. That could be done on our list to help us have a common ground, but not on other working groups where we are nominated to represent NCSG. Our position on the natural and legal persons privacy conversation should be driven by the core values of NCSG. We need long standing members of the NCSG to comment and other experts for us to determine NCSG position to the current EPDP discussions. PC should take this seriously and explore what is best for the people we represent and not what individuals think is best. Registrants=E2=80=99 information should be protected and any opportunity fo= r its exploitation should not be allowed nor granted. Whatever mechanism that is in discussion should have privacy by design and default. That should apply to either natural or legal persons. Registrants PII should not be published and should not fall into wrong hands and its usage. Registrants who are the data subjects (individual, employees) should be in control, have their privacy respected and preserved, and should decide how their data is processed. Registrars should not be given the privilege to decide for the registrants or influence data subjects' decisions on how their data is processed. Our concern should be that registrants=E2=80=99 information is not publicly published which is the current reflection of whois directory. Whois directory should not be abused. NCSG should not be cut in the web of these discussions but should have a firm positioned on the privacy rights of the registrants. Influence is on the increase on what the whois should contain and not. Why the growing interest by the CPs differentiating natural and legal persons? what will happen in the years to come if that is done? My thoughts ! On Sat, Apr 24, 2021 at 10:45 PM Mueller, Milton L <[log in to unmask]> wrote: > Dear Noncommercials, > > I am one of your representatives of the EPDP, and ICANN working group tha= t > is trying to bring ICANN=E2=80=99s Whois policy into compliance with priv= acy > principles. > > Just yesterday we received this statement from the current chair of the > group, Keith Drazek: > > The EPDP Team is a representative group =E2=80=93 you have all = been > appointed by your respective groups to represent them in this effort. As = a > result, any proposals and interventions you make are expected to be on > behalf of your group. We understand that this requires significant > coordination which is not always possible in real-time but it is importan= t > that we do not find ourselves in a situation where a specific proposal or > suggestion is debated to then find that other members of the same group d= o > not stand behind the proposal or suggestion. > > > > I suspect Keith found it necessary to say this because lately another NCS= G > representative on the EPDP, Stephanie, and I have been openly disagreeing= . > Let me explain what the disagreement is about. We will have to appeal to > the Policy Committee, and the membership, to help resolve it. > > > > Privacy protections under the GDPR only apply to natural persons, that is > to say living breathing humans, not to legal persons, i.e. corporations o= r > companies. And in most cases, we do not mind if company data is published > in their domain record. In many cases it can even help with economic and > legal accountability. However, we both recognize that there is a large gr= ay > area of small companies or home offices where the line between personal a= nd > legal is thin, blurry or nonexistent. A registrant that is formally a leg= al > person may want the privacy protection of a natural person. > > > > One of the issues we are dealing with in Phase 2 is whether and how > registrars should differentiate between those two types of registrants. > Under the current Phase 1 agreement, contracted parties are not required = to > differentiate between registrants who are legal or natural persons, but > they can do so if they wish to. I believe both Stephanie and I (and the > contracted parties) agree on NOT requiring them to differentiate. > > > > But if registrars DO choose to differentiate, we have to worry about HOW > they do it. Currently, the EPDP is working on a guidance document that wi= ll > set out ways to do it. I want to make sure that the guidance protects the > rights of registrants. > > > > My position is that registrants should be given a clear choice to > self-designate as a legal person or not. When given that choice, they mus= t > be clearly told that their data will be published, and if they don=E2=80= =99t want > the data published, they should not self-designate as a legal person. Und= er > my view, the registrant, and the registrant alone, should decide for > themselves whether to declare as legal person or not. > > > > Stephanie=E2=80=99s position is that registrants are not smart enough to = make this > choice for themselves. Worse, her belief that registrants cannot look out > for their own interests makes her in favor of the idea that REGISTRARS > should be able to make the choice for them. In other words, a commercial > registrar, based on their own information about you, could decide that yo= u > are registering a domain name on behalf of a company and classify you as = a > legal person without your participation or consent. > > > > In my view, this is a very bad idea, even a dangerous one. It makes the > registrar responsible for verifying certain aspects of your identity. We > already know that those who want more surveillance and control of > registrants want registrars to be more restrictive and take on a bigger > role vetting who is registering domains. This idea is also very bad for t= he > registrars, because if a registrar is making the decision about whether y= ou > are a legal or natural person, then the registrar will be legally liable > for the decision. Further down the road, those who want a more restrictiv= e > internet will love the precedent set, they will ask the registrars to do > more and more to vet and regulate their customers. > > > > I believe that Stephanie has good motives for her position; as I > understand it she thinks that if registrars have this ability to decide f= or > the registrant, they will err on the side of non-disclosure. But this is > very na=C3=AFve. Yes, some of the registrars we are dealing with in EPDP = are > sincere supporters of their customers privacy. But others are not. Furthe= r, > Stephanie is forgetting about the fact that many registrars are operating > in authoritarian countries where individual rights are not respected. I a= m > also deeply troubled by a position that registrants are children who cann= ot > take care of themselves. I think Stephanie=E2=80=99s position is also mot= ivated by > the view that we are better off if there is no differentiation at all. Th= is > may be true, but it is unrealistic. The default policy, ALREADY, is that > registrars will be able to differentiate if they want to. I am trying to > plan for the possibility that many of them will want to. If they do, we > want registrants to be in control of their status, not registrars or any > other third party allegedly acting on their behalf. > > > > My hope is that the membership and the PC will resolve this issue in favo= r > of the =E2=80=9Cregistrant in control=E2=80=9D position. > > > > Sorry for the long message > > > > Dr. Milton L Mueller > > Georgia Institute of Technology > > School of Public Policy > > [image: IGP_logo_gold block] > > > _______________________________________________ > NCSG-PC mailing list > [log in to unmask] > https://lists.ncsg.is/mailman/listinfo/ncsg-pc > --=20 Best regards *Taiwo Peter Akinremi* ------ ------ ------- ------ ------ ------- ------ ------ ------- ------ ------ ------- ------ ------ ------ IT Manager/Advisory *Phone*; +2348187476292, +2347063830177 *Skype*: akinremi.taiwo *Email:* [log in to unmask] *Website:* www.compsoftnet.com.ng ___________________________________________ --=20 Best regards *Taiwo Peter Akinremi* ------ ------ ------- ------ ------ ------- ------ ------ ------- ------ ------ ------- ------ ------ ------ IT Manager/Advisory *Phone*; +2348187476292, +2347063830177 *Skype*: akinremi.taiwo *Email:* [log in to unmask] *Website:* www.compsoftnet.com.ng ___________________________________________ --000000000000593f2105c11d6aeb Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div><br></div><div>Just checking that I sent directly to = Milton. Now sharing=C2=A0on the list=C2=A0</div><br><div class=3D"gmail_quo= te"><div dir=3D"ltr" class=3D"gmail_attr">---------- Forwarded message ----= -----<br>From: <strong class=3D"gmail_sendername" dir=3D"auto">Akinremi Pet= er Taiwo</strong> <span dir=3D"auto"><<a href=3D"mailto:compsoftnet@gmai= l.com">[log in to unmask]</a>></span><br>Date: Tue, Apr 27, 2021 at 1= 1:05 AM<br>Subject: Re: [NCSG-PC] EPDP policy issues<br>To: Mueller, Milton= L <<a href=3D"mailto:[log in to unmask]">[log in to unmask]</a>><br></= div><br><br><div dir=3D"ltr"><p class=3D"MsoNormal" style=3D"margin:0in;lin= e-height:normal;font-size:11pt;font-family:Calibri,sans-serif"><span style= =3D"font-size:12pt;font-family:"Times New Roman",serif"><br></spa= n></p><p class=3D"MsoNormal" style=3D"margin:0in;line-height:normal;font-si= ze:11pt;font-family:Calibri,sans-serif"><span style=3D"font-size:12pt;font-= family:"Times New Roman",serif">Thanks to the EPDP team especiall= y Milton and Stephanie for bringing this issue to the members attention. As said by Tatiana, we are al= l aware of natural and legal debate especially for those that have been follo= wing the EPDP conversations. While there is no one size fit answer to address th= e issues of natural vs legal privacy protection, NCSG should have a position = that is driven by consensus. </span></p> <p class=3D"MsoNormal" style=3D"margin:0in;line-height:normal;font-size:11p= t;font-family:Calibri,sans-serif"><span style=3D"font-size:12pt;font-family= :"Times New Roman",serif">While thanking the EPDP team that repre= sents NCSG, it is expected of the team to have discussed among themselves having a common approach feeding to the EPDP conversations rather than having our members openly disagreeing with each other. That could be done on our list to help = us have a common ground, but not on other working groups where we are nominated to = represent NCSG. </span></p> <p class=3D"MsoNormal" style=3D"margin:0in;line-height:normal;font-size:11p= t;font-family:Calibri,sans-serif"><span style=3D"font-size:12pt;font-family= :"Times New Roman",serif">=C2=A0</span></p> <p class=3D"MsoNormal" style=3D"margin:0in;line-height:normal;font-size:11p= t;font-family:Calibri,sans-serif"><span style=3D"font-size:12pt;font-family= :"Times New Roman",serif">Our position on the natural and legal p= ersons privacy conversation should be driven by the core values of NCSG. We need long standing members = of the NCSG to comment and other experts for us to determine NCSG position to = the current EPDP discussions. PC should take this seriously and explore what is best for the people we represent and not what individuals think is best.</s= pan></p><p class=3D"MsoNormal" style=3D"margin:0in;line-height:normal;font-= size:11pt;font-family:Calibri,sans-serif"><span style=3D"font-size:12pt;fon= t-family:"Times New Roman",serif"><br></span></p> <p class=3D"MsoNormal" style=3D"margin:0in;line-height:normal;font-size:11p= t;font-family:Calibri,sans-serif"><span style=3D"font-size:12pt;font-family= :"Times New Roman",serif">Registrants=E2=80=99 information should be protected and any opportunity for its exploitation sh= ould not be allowed nor granted. Whatever mechanism that is in discussion should have privacy by design and default. That should apply to either natural or legal persons. Registrants PII should not be published and should not fall = into wrong hands and its usage. Registrants who are the data subjects (individua= l, employees) should be in control, have their privacy respected and preserved= , and should decide how their data is processed. Registrars should not be giv= en the privilege to decide for the registrants or influence data subjects'= decisions on how their data is processed. </span></p> <p class=3D"MsoNormal" style=3D"margin:0in;line-height:normal;font-size:11p= t;font-family:Calibri,sans-serif"><span style=3D"font-size:12pt;font-family= :"Times New Roman",serif">=C2=A0</span></p> <p class=3D"MsoNormal" style=3D"margin:0in;line-height:normal;font-size:11p= t;font-family:Calibri,sans-serif"><span style=3D"font-size:12pt;font-family= :"Times New Roman",serif">Our concern should be that registrants=E2=80=99 information is not publicly published which is= the current reflection of whois directory. Whois directory should not be abused.=C2=A0 = NCSG should not be cut in the web of these discussions but should have a firm positioned on the privacy rights of the = registrants. Influence is on the increase on what the whois should contain and not. Why = the growing interest by the CPs differentiating natural and legal persons? what will happen in the years to come if that is done?=C2=A0</span></p><p class= =3D"MsoNormal" style=3D"margin:0in;line-height:normal;font-size:11pt;font-f= amily:Calibri,sans-serif"><span style=3D"font-size:12pt;font-family:"T= imes New Roman",serif"><br></span></p><p class=3D"MsoNormal" style=3D"= margin:0in;line-height:normal"><font face=3D"Times New Roman, serif"><span = style=3D"font-size:16px">My thoughts !</span></font></p><p class=3D"MsoNorm= al" style=3D"margin:0in;line-height:normal"><font face=3D"Times New Roman, = serif"><span style=3D"font-size:16px"><br></span></font></p><p class=3D"Mso= Normal" style=3D"margin:0in;line-height:normal"><font face=3D"Times New Rom= an, serif"><span style=3D"font-size:16px"><br></span></font></p></div><br><= div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Sat, Apr= 24, 2021 at 10:45 PM Mueller, Milton L <<a href=3D"mailto:milton@gatech= .edu" target=3D"_blank">[log in to unmask]</a>> wrote:<br></div><blockquo= te class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px = solid rgb(204,204,204);padding-left:1ex"> <div lang=3D"EN-US"> <div> <p class=3D"MsoNormal">Dear Noncommercials,<u></u><u></u></p> <p class=3D"MsoNormal">I am one of your representatives of the EPDP, and IC= ANN working group that is trying to bring ICANN=E2=80=99s Whois policy into= compliance with privacy principles. <u></u><u></u></p> <p class=3D"MsoNormal">Just yesterday we received this statement from the c= urrent chair of the group, Keith Drazek:<u></u><u></u></p> <p style=3D"margin-right:0in;margin-left:0.25in;margin-bottom:0.0001pt;vert= ical-align:baseline"> <span style=3D"font-size:7pt">=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 </span><= span style=3D"font-size:6pt;font-family:Calibri,sans-serif">=C2=A0=C2=A0 </span><span style=3D"font-size:11pt;font-family:Calibri,sans-serif">The EP= DP Team is a representative group =E2=80=93 you have all been appointed by = your respective groups to represent them in this effort. As a result, any p= roposals and interventions you make are expected to be on behalf of your group. We understand that this requires s= ignificant coordination which is not always possible in real-time but it is= important that we do not find ourselves in a situation where a specific pr= oposal or suggestion is debated to then find that other members of the same group do not stand behind the = proposal or suggestion.=C2=A0<u></u><u></u></span></p> <p class=3D"MsoNormal"><span style=3D"font-size:10pt"><u></u>=C2=A0<u></u><= /span></p> <p class=3D"MsoNormal">I suspect Keith found it necessary to say this becau= se lately another NCSG representative on the EPDP, Stephanie, and I have be= en openly disagreeing. Let me explain what the disagreement is about. We wi= ll have to appeal to the Policy Committee, and the membership, to help resolve it. <u></u><u></u></p> <p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p> <p class=3D"MsoNormal">Privacy protections under the GDPR only apply to nat= ural persons, that is to say living breathing humans, not to legal persons,= i.e. corporations or companies. And in most cases, we do not mind if compa= ny data is published in their domain record. In many cases it can even help with economic and legal accountabil= ity. However, we both recognize that there is a large gray area of small co= mpanies or home offices where the line between personal and legal is thin, = blurry or nonexistent. A registrant that is formally a legal person may want the privacy protection of a natur= al person.<u></u><u></u></p> <p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p> <p class=3D"MsoNormal">One of the issues we are dealing with in Phase 2 is = whether and how registrars =C2=A0should differentiate between those two typ= es of registrants. Under the current Phase 1 agreement, contracted parties = are not required to differentiate between registrants who are legal or natural persons, but they can do so if they w= ish to. I believe both Stephanie and I (and the contracted parties) agree o= n NOT requiring them to differentiate. <u></u><u></u></p> <p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p> <p class=3D"MsoNormal">But if registrars DO choose to differentiate, we hav= e to worry about HOW they do it. Currently, the EPDP is working on a guidan= ce document that will set out ways to do it. I want to make sure that the g= uidance protects the rights of registrants. <u></u><u></u></p> <p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p> <p class=3D"MsoNormal">My position is that registrants should be given a cl= ear choice to self-designate as a legal person or not. When given that choi= ce, they must be clearly told that their data will be published, and if the= y don=E2=80=99t want the data published, they should not self-designate as a legal person. Under my view, the registrant= , and the registrant alone, should decide for themselves whether to declare= as legal person or not. <u></u><u></u></p> <p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p> <p class=3D"MsoNormal">Stephanie=E2=80=99s position is that registrants are= not smart enough to make this choice for themselves. Worse, her belief tha= t registrants cannot look out for their own interests makes her in favor of= the idea that REGISTRARS should be able to make the choice for them. In other words, a commercial registrar, based on= their own information about you, could decide that you are registering a d= omain name on behalf of a company and classify you as a legal person withou= t your participation or consent.<u></u><u></u></p> <p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p> <p class=3D"MsoNormal">In my view, this is a very bad idea, even a dangerou= s one. It makes the registrar responsible for verifying certain aspects of = your identity. We already know that those who want more surveillance and co= ntrol of registrants want registrars to be more restrictive and take on a bigger role vetting who is registerin= g domains. This idea is also very bad for the registrars, because if a regi= strar is making the decision about whether you are a legal or natural perso= n, then the registrar will be legally liable for the decision. Further down the road, those who want a more rest= rictive internet will love the precedent set, they will ask the registrars = to do more and more to vet and regulate their customers. <u></u><u></u></p> <p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p> <p class=3D"MsoNormal">I believe that Stephanie has good motives for her po= sition; as I understand it she thinks that if registrars have this ability = to decide for the registrant, they will err on the side of non-disclosure. = But this is very na=C3=AFve. Yes, some of the registrars we are dealing with in EPDP are sincere supporters of th= eir customers privacy. But others are not. Further, Stephanie is forgetting= about the fact that many registrars are operating in authoritarian countri= es where individual rights are not respected. I am also deeply troubled by a position that registrants are ch= ildren who cannot take care of themselves. I think Stephanie=E2=80=99s posi= tion is also motivated by the view that we are better off if there is no di= fferentiation at all. This may be true, but it is unrealistic. The default policy, ALREADY, is that registrars wil= l be able to differentiate if they want to. I am trying to plan for the pos= sibility that many of them will want to. If they do, we want registrants to= be in control of their status, not registrars or any other third party allegedly acting on their behalf.<= u></u><u></u></p> <p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p> <p class=3D"MsoNormal">My hope is that the membership and the PC will resol= ve this issue in favor of the =E2=80=9Cregistrant in control=E2=80=9D posit= ion.<u></u><u></u></p> <p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p> <p class=3D"MsoNormal">Sorry for the long message<u></u><u></u></p> <p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p> <p class=3D"MsoNormal">Dr. Milton L Mueller<u></u><u></u></p> <p class=3D"MsoNormal">Georgia Institute of Technology<u></u><u></u></p> <p class=3D"MsoNormal">School of Public Policy<u></u><u></u></p> <p class=3D"MsoNormal"><img width=3D"196" height=3D"79" style=3D"width:2.04= 16in;height:0.8194in" id=3D"m_1660625141626719061gmail-m_385947247480251414= 0Picture_x0020_1" src=3D"cid:17912c5a3585b16b21" alt=3D"IGP_logo_gold block= "><u></u><u></u></p> <p class=3D"MsoNormal"><u></u>=C2=A0<u></u></p> </div> </div> _______________________________________________<br> NCSG-PC mailing list<br> <a href=3D"mailto:[log in to unmask]" target=3D"_blank">[log in to unmask] sg.is</a><br> <a href=3D"https://lists.ncsg.is/mailman/listinfo/ncsg-pc" rel=3D"noreferre= r" target=3D"_blank">https://lists.ncsg.is/mailman/listinfo/ncsg-pc</a><br> </blockquote></div><br clear=3D"all"><div><br></div>-- <br><div dir=3D"ltr"= ><div dir=3D"ltr"><div><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><= div dir=3D"ltr"><div><font face=3D"arial, sans-serif" color=3D"#000000">Bes= t regards</font></div><div><font face=3D"arial, sans-serif" color=3D"#00000= 0"><br></font></div><div dir=3D"ltr"><font face=3D"arial, sans-serif" color= =3D"#666666"><b>Taiwo Peter Akinremi</b></font></div><div dir=3D"ltr"><font= color=3D"#999999" face=3D"arial, sans-serif">------ ------ -------=C2=A0= =C2=A0</font><span style=3D"color:rgb(153,153,153);font-family:arial,sans-s= erif">------ ------ -------=C2=A0=C2=A0</span><span style=3D"color:rgb(153,= 153,153);font-family:arial,sans-serif">------ ------ -------=C2=A0</span><s= pan style=3D"color:rgb(153,153,153);font-family:arial,sans-serif">------ --= ---- -------=C2=A0=C2=A0</span><span style=3D"color:rgb(153,153,153);font-f= amily:arial,sans-serif">------ ------ ------</span><font color=3D"#999999" = face=3D"arial, sans-serif"><br></font><div><font face=3D"arial, sans-serif"= size=3D"1">=C2=A0IT=C2=A0Manager/Advisory</font></div><div><font size=3D"1= "><span style=3D"font-family:arial,sans-serif"><b>Phone</b>; +2348187476292= , +2347063830177 <b>Skype</b>: <span><span><span>akinremi</span></span></sp= an><span><span><span>.</span></span></span><span><span><span>taiwo</span></= span></span></span><font face=3D"arial, sans-serif"><br></font></font></div= ><div><div><font face=3D"arial, sans-serif" size=3D"1"><b>Email:</b>=C2=A0<= a href=3D"mailto:[log in to unmask]" target=3D"_blank">info@compsoftne= t.com.ng</a>=C2=A0<b>Website:</b>=C2=A0</font><a href=3D"http://www.compsof= tnet.com.ng" style=3D"font-family:arial,sans-serif" target=3D"_blank"><font= size=3D"1">www.compsoftnet.com.ng</font></a></div><div>___________________= ________________________</div></div></div></div></div></div></div></div></d= iv></div> </div><br clear=3D"all"><div><br></div>-- <br><div dir=3D"ltr" class=3D"gma= il_signature" data-smartmail=3D"gmail_signature"><div dir=3D"ltr"><div><div= dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div><font = face=3D"arial, sans-serif" color=3D"#000000">Best regards</font></div><div>= <font face=3D"arial, sans-serif" color=3D"#000000"><br></font></div><div di= r=3D"ltr"><font face=3D"arial, sans-serif" color=3D"#666666"><b>Taiwo Peter= Akinremi</b></font></div><div dir=3D"ltr"><font color=3D"#999999" face=3D"= arial, sans-serif">------ ------ -------=C2=A0=C2=A0</font><span style=3D"c= olor:rgb(153,153,153);font-family:arial,sans-serif">------ ------ -------= =C2=A0=C2=A0</span><span style=3D"color:rgb(153,153,153);font-family:arial,= sans-serif">------ ------ -------=C2=A0</span><span style=3D"color:rgb(153,= 153,153);font-family:arial,sans-serif">------ ------ -------=C2=A0=C2=A0</s= pan><span style=3D"color:rgb(153,153,153);font-family:arial,sans-serif">---= --- ------ ------</span><font color=3D"#999999" face=3D"arial, sans-serif">= <br></font><div><font face=3D"arial, sans-serif" size=3D"1">=C2=A0IT=C2=A0M= anager/Advisory</font></div><div><font size=3D"1"><span style=3D"font-famil= y:arial,sans-serif"><b>Phone</b>; +2348187476292, +2347063830177 <b>Skype</= b>: <span><span><span>akinremi</span></span></span><span><span><span>.</spa= n></span></span><span><span><span>taiwo</span></span></span></span><font fa= ce=3D"arial, sans-serif"><br></font></font></div><div><div><font face=3D"ar= ial, sans-serif" size=3D"1"><b>Email:</b>=C2=A0<a href=3D"mailto:info@comps= oftnet.com.ng" target=3D"_blank">[log in to unmask]</a>=C2=A0<b>Websit= e:</b>=C2=A0</font><a href=3D"http://www.compsoftnet.com.ng" style=3D"font-= family:arial,sans-serif" target=3D"_blank"><font size=3D"1">www.compsoftnet= .com.ng</font></a></div><div>___________________________________________</d= iv></div></div></div></div></div></div></div></div></div></div> --000000000000593f2105c11d6aeb-- --000000000000593f2205c11d6aec Content-Type: image/png; name="image002.png" Content-Disposition: inline; filename="image002.png" Content-Transfer-Encoding: base64 Content-ID: <17912c5a3585b16b21> X-Attachment-Id: 17912c5a3585b16b21 iVBORw0KGgoAAAANSUhEUgAAASYAAAB2CAYAAABlPT6ZAAAAAXNSR0IArs4c6QAAAAlwSFlzAAAW JQAAFiUBSVIk8AAAABl0RVh0U29mdHdhcmUATWljcm9zb2Z0IE9mZmljZX/tNXEAAEGdSURBVHhe 7V0JmB1Fta7uvussyQzZE0JC2HfZBRVEQMHnggoC8khIBA2b7O4mBJ8iiMoDRISQEAIiPkBUVAQV ECHIGiBAgAAJAUIIWWcmd+vl/f+p7nvvzNxJZrmTWajiu8zkTnV19emuv8/yn1OxWbNmKdOMBIwE jAT6kwRi/WkyZi5GAkYCRgKUgAEm8xwYCRgJ9DsJGGDqd7fETMhIwEjAAJN5BowEjAT6nQQMMPW7 W2ImZCRgJGCAyTwDRgJGAv1OAgaY+t0tMRMyEjASMMBkngEjASOBficBA0z97paYCRkJGAkYYDLP gJGAkUC/k4ABpn53S8yEjASMBAwwmWfASMBIoN9JwABTv7slZkJGAkYCBpjMM2AkYCTQ7yRggKnf 3RIzISMBIwEDTOYZMBIwEuh3EjDA1O9uiZmQkYCRgAEm8wwYCRgJ9DsJGGDqd7fETMhIwEjAAJN5 BowEjAT6nQQMMPW7W2ImZCRgJGCAyTwDRgJGAv1OAgaY+t0tMRMyEjASMMBkngEjASOBficBA0z9 7paYCRkJGAkYYDLPgJGAkUC/k4ABpn53S8yEjASMBAwwmWfASMBIoN9JwABTv7slXZvQjBkzbXWv srt2lOltJFBlCTSp4JKXZnnVGtUAU7Uk2UfjrP3LuO831lmnrNvg99EMzGk/6BIYWmerJjf4F+Rw SrVkYYCpWpLsq3F8NUYlrW3TSauvZmDO+wGXgJWwVKCCZdUUgwGmakqzD8bCI5FXuUBl8DGtWhKA VN0NSvl5ZcXqlHLS+L2ggsI6hS+UFR/a5kS2CrwWpbyN+HM9/hYev6npODXKspMYc20HvWxlJRoV BtbnbdXwErLjem44l3wCdxPzw3wwNz2/8Hq8DA5prnxuzMvC+B3+PTrKqVUWZJOI8dkLctWSPscx wFRNaZqxBoEE8O4HICW3O105dTuq/Nt3K3fVA8qu3Vald/+R8tY/p3Jv3NgKnAKvSSVGHa1io45Q +eW34ficSk6cVpJFEJrZVskV6L73T+WueRxj/o/uZzmtZEdgzL70E2Wnx6kkzivNxnINML/sCjm2 sOohZQEoA8tSdnJkOL/nw/kNKY5H0IyP+hQ+R6r8O39Q7sp/qtjIQ1Ri3Jc0qJXNiwd5655RXsvr +PsXN3kNhRV/VoX3/oE+BMjqNgNM1ZWnGW0wSADAlBh3rIpttb/yml9ThXfuEe0lue1X5eqC/BqV f+v/8N1w/ks0kdiwD8vf3bVPQtNoAjBN3bQkAF7e+heLY7btTA0n+9KlykqO6rBP/u071canz8T5 M63nBy0sv/y3+G5EOL8MruVAGcdreUMVlv9JOUN263DcwoqRylr98GavIci+C9n8yQDTYHjmzTUM BAnQFGvSEwWAiLUEk0o+0Gxq9r5GeU2L8XkZphE1E5pyGelO86yw8veq6eGj0L+A7jWqZr+50GiG q43PnKXcdc/imFrltyxVdmqUBjqcq3nBl9F9vdaK5LwwzXyMGboOfYBA86NfFJMs1rC3qtnzp6Lx uNCaskuuCefniqlZ86GrlbfhJflos5OmnJ5f8Xp4XWje2qdVy1Nfg+0EcxX9+J/PecA0dNc+I9qf A3CsPWC+XHvLE5OBw2/h15TyM+9oc7MXmtGYekGoZsjBLQEu9tr9blRN//okFnq29cXStIJG5a5e IGAhPh24Adnc9Yvw/aP6O/isaKaFyATtaZEcR99RiHBithWRCUBBbYfaWW7Ns8oZuodK7Xi+chr2 0f3KXIxWfAjmNwfzO7L9/NrcGvqR3HULBSyjc9G/RPPO3bhcgCmomUD4lA/7ek2vCjARhJWd6JWb bYCpV8TatUHP3ue6vRpT2VcvefRceChN67cSgMZAYKE2ExtxCDST/4UGAZMt8iFplNEOcgEkt/WC h6OY3/MTuHCWF9GEzmwsRfqZ8FOUJDrGy53TAj7QiEINrqhtZVeGQEZcicH39BjwMKfiIw6FZneV anl8Spv5tZUufUz63Jb4mvAJwVEDKJzs0Pqixt/lGgBMIaqWwLOKN84AUxWF2d2hbMv6RrMbo4fz 9e6OYY7bMhIgWNCvM+QTC1Ri/PFwFC9UGxf9pEcnZySv/qN/Dk1FGybS26rlSfizygCP0S+CDU2y +MjDVWKbkySiR2c7/xY1At7Gp76O+T2qElsfp+f3/I87nJ/TuI8aesTjGpDgRHffexDX890w4tej y+rRwQaYeiS+6hyMd+EwGPnRK6g6g5pRekUCBBGveYlqeeZ0Vffh/5OoWmHVg7DMOgr7d2Ya8OzQ F0QgAjhYpCpox1ZJU4GPqu6gO4r/dlf9CwDyHW3elQGT5dSJw77laczvoDtVercfInL2IEAMZmKF ZlFDizfo80FjsmLUjvqeemKAqTPPTS/3sQI1qpDphZhrL8/7gzl8AIdvgyqARpB56Ucqvcv3VO3+ c+CEfrjb4iA1oOmhw8AEAng48NmIa4lAUaIQBPnVauPC86AFfUnFx34eQLhGeWuewFyGiR+o1KL5 /VFlXrxEpXedEc7vwYrzc9c8CUf90RqQQtqA5mL1bTPA1LfyVzN2memsU2NHqbi8qkwbIBKwElup 7OJLESHbU8XHfBacpx16MHNwk7x8CDDkPEFrasdr2ghO1Z2I+P1NDWn4kEqMPUZ5O38bc4AZWQFI rCTm9/JlmN9eAmRO3XaV5wctTYDNj6AA5xZ/V99CQ9+evQe3crAcuraxscbK0sB3S46CwXJxg/k6 6OCGg7qF/qZDd1Z2j4DJhq97hAoICFFUToiU75YkSDMLYfsgs1xtfO7bMCNvU+mdvysER5Iti9G7 6AiZXwom51lqSP0uyq7fsfLdQFTNTo0GDmm6gHzIcieTPeIq9MF9rDow3Tr71t18O7cTLqrRt1Qh ZtvvxDKZF46fPn1FH1xf1U45b968bSCsBsRFVKxQKLyyfPnLs2bN6nHmbDrbWJtV2dUY1viYqna3 ejoQzCEJn6MxHC6mlWZt6+916Jy+HYb4m5+YpuoPuU87oSV8Xu6jof8oZGGLFhT9jdE7barRvzTk 8MdaHecj2rbh7/sWHeDavKKZ1ghS4+9V/s1bxQFeC47UhgcO1o5zmR9Z2OXzW6uan4zmB6U8up4w zB8bdqBqOHqJNh3DVnjvAfCqji3JgAAV0QJEDr3vg6oaMM2bO3cKoktnB3awj207cplyCbiGfDK1 Yf7cm/5me+6lJ5166jM9fWz64njL9y+3bOd4Bxfk2c7KxsbGbTGPkLXW/Rm5scwQy7Xeh5iMxtR9 MVb3SIbd3/+3EB99OJctxCUYjSusvB8cnpfKzBwABRzHHtjejIQlJvy38jcuLeP26Bw2zRzfSufF WRFPCXwnEBk5pgCKLPzI4Q2SIzlNJG4iT4596GPSUTqE9QE+mRdmyjzIhYoP+4jMS8/v5Qrzezqc 38nh9SQxz2Xo/3ft87bKwBQr19vwYsm/BSAKwNUqvPtXPR8XjJY2ZmZ1ha9H6zEwLViwIPbq4sXz Y7ZzQkAU4oW2x9QhAK3jglj883PnzDlp6rRppfBCb1xVL4yJa2uWD99aSvUkBNN2dkMw4Oq4sNpM 63sJQMOB5kPHthAkmdBKB3MGzGtoEcL3EV5PSfPh3/Pv/BGfu8V8irQb9g1gFrUAtETbIY9JImj6 dx8ERhmzYsM8Qoa47qP/LZqbBaAsbNCUAuFMaS2u4/lthbn9SfLkZH7p4aAFPASwua+DU5eu0QKQ EhybHztBAyjOpUG0d1uPgWnJS4uvijmxE1zPVQAf3q6VfuD/Gr8swtSHQp6fQYrh532Alm3bCVzy 7TCLtpsyZcrS8kvDd/UwkbZ24/G4ymTenzJ9+jubuvTbr7t9mBtrGu2quJVyUyuOn348zaFiI2C+ /vrroitPeuUV76BZs2iFqXnXzRsL3cTD+UNmmlKYEMZRo1ShsAEaHeKv6DdvXioWi4mpdtJJJ+WV 43wHf78Uj0WAObpr165tlU2NcbcGzAs/PxVXTeADv4tztKEFt7+inGsPwSTfK1jKOL9791nvwugE jsiyDl+zEkoPzbt2pkxk+onNJyBR3nQInq38b3yJl4/ZwfQq9sGxrC5glxJ1i8Alw7Q1tdrMjwqE HL+p5d/GHC1ee8nk64JAu9y1R8CExbsHwOh0D6BkhaAUeNZHJ596CozWYpt985ybfmrb1vGu53mO 5cQ93/s4/nqTAMDsefs5jn8+Lvcw34mNdiAPP5HMwPR7DgK+7uSpU6Vf1ObPnvtJvIjOCRLqQDwp w6Bcqry9cfUtc+f+B4dehf5/Y98lL718E+4pjG9LvTph27uWzJn3oGUFP4yl7e1d13saXQ69dfbs fQIn/kNoQR/Fv4cEtuPfPHfuPbhvj+C6zvDzBY9a0q233rq/8v2zVCx2nB9YgeV5K45Cw/eOn89/ B+c41koEOwB45WnOe4FrW+rt+XNuus93rO8DoN7r6M7YtqoPfB9/J7/ftP4jgUoLcHOLsqO/b+q4 zY1JiXR23M2N1fbvm+tffje60rfnd7FHwIQFeoLtxBTwRjnMrfG9q6e0BiWZ4eRpp1w0c+bMb+NX iYXuuOOOosnMmz33FCdm34DQaIyABMBaRiAAyO0GYDgQFPkDb75x7oGTvzr1dOk/Z85F6Hm5xA7w P8/XvmfHdkBQDD6NXz89b87cb02ZNvVyDDfRtuxtxbxUwSm4txc4Dmn3sKEtrx6AuLttxx4CYNYF Pt4oBFb0xVifw09+ou8K4ekmYj67SEmswML5mB2Q+008kTzWxzwoA/xEvoK0D+NdOAFzPa3gutvh 2o/s2FHu1zu2TeBq6PntHCwj8O2EJFamYIjwy6JVlS6RtYhgMlXuy7HkFpYiXm3HoO+G5xIzCeeS /pUcvNEY0ZhlA8mxfKzbLGBUKpDvK/lliuft4O/RPMTKbzNu8ViG9itUVub1sE+HxyLyJoROPKn0 exXHqHBtxcvchAyr/Oj1DJiUPV4nGvI2BgpROMYti23+3LmzAA5HAUDc7beZ6EocAqvQzeVpzv0J PvK5BAB8SKa4aPK0aT/nwbfOm3eo7wXwGAZ1WNzTAUh3wJRaDtC4XPux4BwM/Lsd3/se+/vKusSy rS9pYLEvgyZ0v7KdVfw3QQOazDD83FgouDdD/m8HlnrLsvwrbMepI6AAlLJe4J8R870H8Yjvgn/P hkU/RoNa6OAOgnw4V3r0m1555ZWx6DciXyg8DBBFpmNw1eRpU1kDggB6AUDsCmiI6GsdMmnMmDH4 +u2K985XtZ6tVmCirFHxAW9hVj8eBzs9BoEg4j+ej9wq5MoidE5/T9G/g75MoGXxM4TRndowUz/3 PvoiACx9dZSMPiDlZcPs/TZRM/3iwhha/PTd0FFdHqUq3hQ+q5K/xiJuQ1thBZ3CkoQrppeOoIl5 RRoAKxUwu18U6pJvCmn7mCOc4vybJAOXgQ/9W8zcp59KCsVFZqLMUl9XrBGyeV9WgHaql/m9OAfJ t8O5BeC1Gcnr4/d0mtvsA/n5mbfEqS3sc/rQkvhZqRWvvxJoV/fR7REwwaohShRnhMFa+UmgWXwk Ho8dgIiWAAR7AiSU5XtPw3w5EUCjZPHC+sFA6flz5pyPXnTjZNF3PXxTUoEKR3wl8IJ3LRwrABgE G5K53KmgIIhfCSB3quX5hwMoGngOz7an4WTyCpXb4QctgWN/AiaVACc0GHu7CRN/wTkByKjp3TFl 2rS54YW8Aa3rUse2rqJfrHKzkvA/rYTv6eP0RXmFwm4AzvE47tuY/A54HD9RPJYyiglJpHKzVTru +6uwFJ0TDrg18dvH4c/6gDZGrWLDDlbJ7c9EXthhxWJsXHz5FX9RudevRVQJ6YSIIpEtbae3Vqkd viEEQjtF7Me9lr73oBTI/yofZT/smomq/uC7EeapQcLttFJ2fyjjwF2PtJJLVRIRtdyym1Xu1asR +r9fO6rjWLjUdKKXL7g9G/5xgETF6j/6F+2nYdkTRq4QNWOCb/a1X0llAXEyA5TqD70fmLMSJUvg wGZULgRWRuQSEyarmt1/rLKv/kJlX/lZmBpCn3uLig3dS9V++HapJJl5YQaKv80tlhgJCs1S9K12 v+vFgd3y9NcxTTzpoVbGsVnULgG5MIm38P7D4jNjHh3z55KTTkN9pgO0dojGGlK5164TAqdTv7Oq /wjer0yNCatxRo9jkF+lNjwIhnoe19HLsZqeAVOgnoTHe3IEAFiMLIn3h+KFWMGtec9d5Ls+Xg2K Jf1QHZjNzuN9NyHUSPhFElG9/6EwIqWUoBFpKNDExmN9NxCU5OELgncjUOK/ATjrbp4z5x2IEn1k NmMleMZ7BeDBWC9PmXJKUZubNGnSMCAiwhliFPKzqhwLMIeiY7wiRsAa5DSgGX0PPrPTAyc2LgYz ked2XTE/RFujecgGIXf4inF8uOJjag3cdGpEk0tg/wACE54GLFrh5ezzK60l5N8HefCfYsY5YDon J06Wwm1NDyKRFWDiDNlFcsfsmm2kBC5zx6g5OI37ou8pYGP/l2p57HiExB8QAmJimxPle1ajLFZc xHEEt+S2eI8BbArvwj0Jh7Bds7U8F+6a/8hijljYAbUultultgJSIpuE+1mzCGVI4mBjx0YfrZr/ /WnQDQBOqLdkxbdCFuRYXNc1iGx9GUYATUaCHV7BjHBBKxIACHlIMqibQYLwl4X4KItjwikAzVv5 yIXPK35S24ImyOvyml9FUTksn1Drk7HjGJeaH/pJ2V1oRuk9L1Op7c6QMZnvR5C3oW3GGvdTsf1m gyaAeBXMRwt5eTKN1Y+gI01Rrkp9j3RNqt73N/UImDL53C01idQMmGvD6e+B+fLfWKyPvb5s2a/h U/GmTJ0qWghMuosJz0UgsqD/KLVUylJp306z6xY+jcmsRcSLUsgqz02qeLyGIii4XlPcdk6TvjTN lBo377rrxiFyJ+bRddddN7Y2kdqGt42RQUjvdQw8QaTLZlmttpVBtG7N9hMmvonxdoVJyGOOhfl3 AyJyL0EDGokhzupQWdKPxzo3l5uCaOT/cD5yo93C1dAMbwvi8RfhcPoSgPbGUGvapN7rQSdPxDau LbipQKUzBKZ1xXkP5F/EOifGavloP1HlMDMXDRd2LQqwcdHmoHUwXK/rYYMVjQVK8PA2LBbzjdpM 7b43CCgVVt6HAmzfEHNEm2QjdRG1rY+VmkTrQVLMLZ0tCzgO0GCJXDF/MBeaZYltviKg5KGAG8HN GQJucAgSLU+cAl7QkpAVHT1LABWAGRvNJIbsA1QDYFpI3QE3A5w+p5LbTAaoEgBx65nuAW2F507v 8n2VWfSDEEDwnEZgJD/Dxc5SKbjexNYoHJd7T7QtB4BMUCbAagIlhy5xe5kP561/VhWgVYrZyrFC /xz7BYUWaKFf16CE7zcuPEfl3rwtLKESB4h/GqbwJOEvOdDUZHhoXc2PnQjbBe9ogpu+iyFloUew 0amnukdnmD59+loA0XQ8KXeIesIoq+38EmbSmTfPmfsKfDk1SFDdC+bbqDLtiCpPGqbPtQCzS/VD a9XjTXWM61izoP00wTG9P8iMF2Ohj/MtuzZu29+CzXUVNJ9ziH44V62VTN6Gc8/ik1+bTF6M7+rE zPMBB45zI469rCgBoR6VGkETZteVccu6HmE3/mG8aztPInr4Eua7E/xake+pohCZ/41ToUKXaG+8 gAKu5aopp566BJG6BKZwQhs06pAhDm9ZLOWOWJ9RTX58UyZfp25n/+hEn4kN4iFLaui6RDDls+/o io/iCC73h2DO6J/c9lQBC1Zk3Pjs+WLy6Kx3LpJ1SEj9Yfj2D7CQjoYWtZf4nVqemi4LONoggGYG K0XGcG4biy054SSYStcKCdKBZkCAyL12rdYmcL7EeM3Pyb15iy7Y32qLPqrc0aOjFyW1plIjq5t+ mq2AP1rDIzApjh2Nw8JxrAgJcErt9C2pYFl4+6425ymNGBRQP3ybzwp45V6/XsCoFtoMNShJFI6A KTwkyK0UH1vtPtepDQ8dLsTJcveK1sxw7u3PliOyr/wcZu61unpmyKkqwPQtEBz54milDZVff1R5 oPe1Jc6zR8DEAeCbuRMAcRK0pl/Yjj0ydEDvigvctShuOqGD4B0A0Fj6mLCIRwCAlgEcvgYfz7X4 nvO4AI7oswBo6xGpG+kIxwKOItd9JJPPP0AQnD9n7ikwzWajP/hQzsdwLlBXBdj0qcAcwNinwWxb jL6jMB/9te9GBJTilBC5uwHzbsS8L8DjNTLu2DUYZ1+c7x3M4+/4/ZiwswxOHxjnTn8D/GLD8eu9 OP90mor4DvxIANuNc1/BlHdG9K8+MuU4V9exK6Zrz5g501r7p7GxSx4/KXf2PtfncO7wdVj27A+w X6X0K8yp2LCDpHws3/gW3rhiLsCvweL+ikXSijlhNDvq8bcPy5Xm3/qdSDuqMSTO2zDiRpNNirQN P0T6usgTo7YSmR7yLLAIG4Aqv+KvWIxnou+hSi2+GqbQLaoGc2ANpdwbc8REo4nIWt3CwAYBsaiN iMlky3xp6uk0DlSQJCO6lVWunck+/EssnZsYpx8ZDyZg1I++HRfla1k3qWavnwNAfqmaANDuGjJW 2i5yvuQc8XexkW3NY6klsowua4C33bkk/9ad+phJXxcAoxkp7OywMUGXAO0MwXLENeTfukOqI5Si hJEviQpcWZ1CLEn6+6RcCpnhmANL9YaB9V5/KnsMTJwhwOk3MIH+CfQ5BZd3NBbl9lARhmLJQirW G9AgfguN52aoMzcAoMbhdjyvjwM4zJ79NML20LqESwSHgRqOPu/6rvcCnOu/e33Z0hup4bD/ydOm zsd5nrcD/0zgwyHQbsbifPhhrcBz9BBMsmsw5kL2xXdP+B4tRml8olo1jNMQSyZ/AafQfb7n71vw xVm+Aef7I8w8Au0xNPNkKAn8WYtAZ/gPMRbzfxd8qT8gDedExDDOw3yRWg6tzwq2x23+I4DrPvQh 3RfqHaArCPgKbd/un5S0s8V9l3KYQd/Xm+jBI0dtIiaL/WDkcv0GWgRYEKIdQY5428dHfEwloaHk ls7T34lWwZA2HM1h7WjWkS5qVAAh+oq0r4VmUUHlpMi+FqeYb+38HXpxB9DQ2AhaVjINM+fPKtj1 YinKH2vcGybgg8VdQsjYllQSbEckN5x+Fmhstfvf1Eoa6+/bXaeG6E7apAQYUMuhBscKA9z9JLcU juooP45zwO851OV2hmpfGcvybvjHQdqUKmvUNGnSEkz9jW+KM91HRLKw4l4BvdjoT6o8ZVee+Q/Q 3PjMuTjmowKk6T0uVy3/ASM8AtAouic+og2Y/zpND9hMo3bIROGoERDX/203/ZLYApUHqgJMnDw0 IKZCs5TfT8jixs/aRCaTh5OaST9R+3xbecD8eQrfnYZImUWndCaTiafT6SaMx7hsu4bvF7I//zDv ynl1qtGyaP617QjulNZdO2oeCJOB+31oWGsBImuwRM73bfuxHSdN2hPm4AUEJUbsCgAjUANcgKNc W/lw8KH9Fv/+LeZRm0llhmDeayeX2N43b+beqxVrM7U1NdoJAwMnV4gPZPY32cXw40NT4g4i9A+1 retDvwtBJTbio+I01qF/ugDwsEfF8sVUoUhYCiQjda2pbUWNEbdonzWJiFVyBor5EmK8ZMk7stAZ deJOIXRSu6vhEEdtI7b8m7iNZf4vUeAxRnbJlQCG1ToFA9qEzhOLlgxD9I7MTft1qO39n0TBxKld vvhDCsHG53AtDXsAxPZW6b0ul40AWjWML1smAWwlN82HBxLA6uJ3AlNy/FdUvugED49E9I/aHyOO jCbSF+eu+qeOnLHRcR2ZnzTd6C/CW3hzjS+Z3Kv/q+kG3GNONijQvKct0aoGTK0WrAaKdmCxqQvC wqdmQlLGJtuVV16ZRgItq7i7yMd3kb5CusAwpLM4jHdEB5Mmp39PW27cXc3IXauB87m5fjJ1EsL+ O2MN4JUc3AuNTvboohlJf5Xn+Utijv2NcG6tDofDfQyAqA7n9VRjvGX6lK5XT0g1qpogE87TVi24 5QPXlGNxfZgL9LXI7hltfCGyRrBgWZgsjje/zrcKtRv4kNwNL6hE3fZSPpaZ8/QvEeg2PnM2NKax qgbROls2gMR9QblYNmoJ0WaUJdNQ72QSG/4x6UOntjiCYVJxSyMBptGfkr3TyOVx8ZN1si1oS9pZ z4lqTY5OeHF+i/OX3KWGkglE3xG0CNIH6DCuO/guAO5hYh4yukW6QKtGYj8oDi1PfBUUgr+Lz0fq h4eNZFLuDUenPRtNM9mbLoyI6ev9iNRXKqxmJYLikSInKaG78Bui5XGXFO1r4uFxYOqb4vCn9hhr 3F9oEUUtlJoUXwpRtDAaFtpclsCUI3+MvifYBuLzG8DA1PqOVPdfjUOGHATT6G/gJgVKgjy44R6Y 1+BElVvsURjOsT3L9vyZ6Niq8DEjegC5fYcNHToZy+MQINJ43KI6OMNzMA6XYQH8y3fsW06eMgWv ivYNDvdrYUN+JoiBdeB5i6Hx7VkJwCode/Y+18ChggOz6o3AsmU14CW2EU7+mrN3ubJB1aY+cfWT 0+khHTAtgMlgg3Sod6vtwEFKE0sIfwx34+1dBgR5LBbybkgZYEJsYQV8PgALl4sQ3Wv2+hnGhVkG cCvg78Fus/ROITtdqLKo1CjvJCpfmEdq+3NkEdO/Ij4YOtIBLi4qPvIT22o/lUKRNbb8svlaWysr uN9e6LwevKpgBmnNquz68O/8W7+H3+oGgN5psrVTM3YnCbh1U6uBqFGiLC/8VC3PnKnqDrxNTN5i A80ktvXH4Q+aKMm91O5Kfjb47YYfLGZoHDykwnsI47dpBB2azwTG1A7nohAmQJwNmpufXQWf259k n7jULt+BDBYAcOEOZWQSLxQJFMBc1ptXthtZX69E92AGhttB9faD2SsaUy9POonIX4yepahFnCe5 D+RC0SEdtpDEWdF3c+65sivJdeGnS9OGHy2BdBaqVlxnbV6Pmx7KV4ndsEQ/hkd9JvzzEuYBSaIF L+mUStcdbPsebYwBBUx8eAMXFe/SWqup2MjtYulYagGRQ5v3DCYZOUS5136NHXC/LoTI7Gu/VB5B CX0dOqHJV+Jx0HwY3dv47IXi32EIngvcZWkQ0MvicIzHx3xGTp9Z9H0BguLeZwQqABFD7yQS0tyh 76ldKVnOH1ozNRZqgMW0DgApndjFULyAIV6IiXqQIC/BJgFHyiJP7vRNlXkewCfbMxGeIoginWGY KgAss0N/UgTHSFZJUBfYCHKZ53+IcfVjFRSyMD8/peo/Bl8TgImEyxLvqQR/vE6WQ3GGgFM16vDi LaDMs4svk00M6AerP/RByOEmAOBbkOsEIVwScMSHFJl90Ph4L+RFIuYrzgNzlhUKFHZh6W2TbsAB U8z3l6GSwU3ApeLTj1+OgdO5Ub5i0Mz17gI+0UfF1LYWlAb8C03AMY2No4ACsVQmtbZtNYK2Cwn9 a9B/JPrTU7gOpmArEiYAkAm+ehFaFn1QMh8WlMOPJHxl7zOSWGmBQjNahyydfeMxtU0Bxij72Lbf jN9HO7Z/OMzJDlSOLmFn+87FnDJONSzfWqUSFjQZ6EDmwpQs/HBzyNIkaDKAr4S/ixOWqSTl2wLB 9Nv4/LcABCtE45HwdhjilsWJdI/c0pukqiNNnmgrbgJTfOQn5BM1mjEZlL3NIxIn5lfYCECFd+EE z88SsNJO72VFH5HuBtGHEcPUzsjPbtN4fKkom/aRsTSK1OR+7kIhfaZ3Bi1g1YNhbSSYgGWbBcgZ 4GcjT4u74cbHfla0PGfoTuLo59gClgD46Dgr7kt0jptsElATAF7ZlFIenPJaSsx5y2MXl+nib6L2 JdE3aItM02l+5BiQLC8HaB0h1IWo0STNvHix7M7ioFSwzBHHpHelodG6kTcmW09JDafeawMOmECC ZIRtarlIQODcm8Ak3wUqGzStnzb53HPp9USZk+u2cZLp7w4b2gAWuj+eBMxcMrNu/tx53Gb0WkT6 7igfC1HCPRAl/OawIQ0fR5WA0VhOuLNqPfq/CDbOPDi8r9fnAUsrhA/8yIOecBwA5SIw1PcQxksy BXrDTfcm8tnzylnqPLTgu002ANN3bcbIyQxkQ46FGg/H2LbQml+r7i2HGo63nF0zXsVAMCQgUIUn t8jH5oVierXlFnV1AlgAjCDRyUyuUH45wv54U2snsHZky/lJGQC5r11NH9YVwgLOLr4cx94uvhA7 DQI/wJRvdm/9cxpEJAVE+zsKb/8eUbAHRAOypaY1WGHoQ3OtxG0qN7sAniQO/udESWFhKobeSVc3 MW0AMM3/OUkTQltRA0gEBn2NDnDWWHp8cvhvrVFIZUlE5Jr+jSgi5i0OfYTYWx4/WYfhi1kGPBGv FWVvF56t4qBH0KwiGLY8ear45yjDVmAmWVo4J/awI+PdQ3ldEh/5b+lbrPlNjRS7/OI+NC/4IsBu T60xEhhxH7yNbwj7nHQOgqLk0sGH5K59SvnN4CSDtkHg57W1byQ3IyVUAgCbj+p19fFp23/AAVOl C6bHovT4ATBSqQb0a2FVTYDS9YjZIxUGeSSetxJPUwam3kQoJYfhsMOQyvJTJA9/k+OC13Q0rMQ7 8HesXEku1u4Qx2nA7wfHLedg8KwOQ7LuiQAhj+cM2d27ICH4d1GFApqWaCNA1Dw5p5KMQevwT9RA Zgbp4An4wT4ODekqfl1ws4hephFDVqscx3qzpze2eLxQHuCOw9uYYWtu7eNnQUjEw+rU74ScrA+p PArcK9meumdvQY6ZRwQptd3piKadJz6LAFEtLroYTAi+jQvvIsZAQmQbLUI7wulg1ompeZIQI3az FGdD7llIuIwAQ295hAqR9I0wnUTQhRUeS+TMtnKkU1r7rQAcTC3hIou0O/rAAKD0YbUGpWgUTagM 3IKeH7UlyafTrgNeEytfSoE51nPCws8DPPWcyuMaNBXpG83I3zVwOOKcF9Aq1j4qzZ7zJoB5658v 9UcUUK6hbeE6MtkBWOJHkuJy+uUQ9RNf2/uhn4oyZ16g+KRIKWgKr63SExhdb+8o9OVnHBTA1E6E 6XQzTKqdIPK5uCEggSNxJAi+CY4TPKhIkZkz97MAFjL5UvBBXYS+f0Z07jGIfT7ApUYDS/As/ncu kn9XIDo3GVURvksDKBGPnwAAY791RZyBHQMu1D1AKeRJBCPg0P4Rbt0oVi5AOxIRvK1g1hVpEzbz 45T1FOpDwf6wpdOq10esHTmpZbfAVlfDl9+Bk6brcEXNKDHu8+IrkLA4H1AuQC56sqHxVmUougDi nbCaK5Xn6OxpJUxfJ/4gvskdRNksCfXTcYzNGRHqZsnY1gupwuBcbK1AUpueFZss+q7Rv2RsVIEU zYbhdlAbBKzlezw1ZRykyufkAgUoVmhto5Ed9dNAzD3dSuN03JcnCovXFQvYEW+iY9s+Lugr23dH qSTlfw/TSlQ7zrGcQ19/5Wvr7GNQjX6DE5jgP7R9fypAxwqrF9DBbIFpTm4TlacCTK4NABe8hunU 849zvVwdct+GEUxAriQz8pyTpkx5KBTy9wBmz4BZWcd6K8p33rQcXyopUEvCVyudZOJYVBsQxtz8 G+fubsecc0PNCcHcNJ+CIjA5VCFsfwWKzj3u+bZUQXh2zCuFI9SYxchQeRpG0YHVuLlUvRleZqOm oheNXuDRMmeOFd+qZFOTI9RekymfCX1qALRiwilNQGgLUVY7NIAE8q4IPCRR0nch4zGiwyiVlCKh Q7cTuCv+MCbMYnGJJiMxgvD47kpHl0qhGRdn1A7zo4ZkwTziT/qFtiRXp7tX8UE4btABE3UdlL11 tqofOtEvRe7SyP7/afk7l0nHUfUC2FUT8K7fg3abFJIDZVzl8q38PG19UTABa8U1o5fZ6giU9Oqx itx+6AqYUqY9o823XTi8kT6vt206Qk0aYgeZhb7lLgM0ahJOFZpdN0knfwqvpr3WISFscH3scV8Q npD2IbThqkh2eg5f43HB21T2rmdAktv8gJtD9Z+hfzs1QspxMO1EQCkyX6jVSAyhM007ybmdURxk zaL5BjBkFr34hej/6Y5mR64QHM+MTpHs6Wcii9kWoJK5MxF2k45dyFB8LeLCLDUxibT5phujlIi/ RJSIqCd3vqXp1W7+HBd7y9EfJcBP8GYUknXCKwV90Z/3hfWVWKJEtBxuFoB/gzFfqYlZJ/MLNVC8 LOQ62p4Pr1J5EZSltlQckCZzW75WZ25xJ/oMOmDikhoxYgQUoMJygkwIHOvcQvD5mCq0IMkBzuxC BheewO1LQWPBY+6vQ1gMjmg6OIXx7XiJxI4YKnJMK5TcvQxFdRvhf7Jc370XI4dhEbnNNpnrRR4T 0ogj2fPxoZ7R9l6g3iWqdbkLlZs4En+7F5UFdgfR4R2UqN+AMF0VjHjtCJWHlQXMNlHfWTY8hKkn RfcJMmXVDKWAGBczCIvkDdH8oakj5iCrTILbQt4NaxA5Q3cT/xCz9Msjbp14DotdJHKHyBNJmN5a kh+Rd8YUETLGsdUQzcMc8726zELmKyKn4g37CLlSO9JL5kwBycM0aZllz51ROqw3RI0L+7RpDhJN H95hvOTgcCZZ04cPT/xOYG2TyMl6UMV+WOwcm+Aq5VSKWy3R5bVWa3KIuNHBTd+R9IXPShzYNC/L HfLUQCET1nQiUEoYn/WW8IJhUm8EjsVHD/PkffFR7kQqK5CZT0LnqE9pRzjASO4j5EC5k7zqDDtA P70VUQ4vcPiqGJTojQ1+Bh0wUYaoiZSEO/wWaEQXyttEqcbA9g9TyfRPpmBjAfiUPgSn00ws2ZEo VVDrB84PkI5yZ+B5PwfwDKEmhejdL+E8Py/mee95dmwqNK6zeIuksFxg3QnOkZhg3W62AvF71Uvr rbESAsG4e2JMZklW754U4a0TplPbC5HSrIDxkYdJlM2pnSBhbQIPIzc+wUJ2EGGKycckGZYLNM+c NDjSu+WnCNnPBCVG9ZgLF6WtcMwckkjJjE4w6getrGQWahNT00W0s7/VghJzkyVkIdpwd5J2wMnX ExYmiYbUzDrS8AgoTLupQW2j9iJrwu63V4AxfaXILgUeUGxEicYQ9aeGSpKlB7a7REgB7onxJ6r0 bhfrpOGyRk01h6J3Gey4ayGUq8GJl4koK4CsBuF/Xi9TfBiNS+14obxAKjUyw3NkzUMWTH1J73aJ lIFp1XBfhScF0CYVY1Mt+/JPQyd6x3UQu7s+qrcIujuDKhwHf1EtKwmEZU9qkaYyBMzuZ6VGuA0T Thegm+Xl8hfCBFsPH9LWUf1vt1BYkMjnHkZIf928OfNOwnRuAzghRV3tDP3pr9hMQMAoKumbdwtX gTJwLygK50fVBpBw3NaTmIxInp4flBw7ZdcKP5NzyeOz3HP2vj7/zX3mjc76/phUSv02k61WWgpQ SVRxaE4oVia7unZQdVA7SskQXqE1K0askF+WAMGQwCSRL0SyqBWxYoCYKJLCoJ233H6aTGtG+WgO 8WWQf+suLG6WOCkqj5u906LRgOHMHDIBJQnlh6AK84pcKXJ8kttOldK7ogmGpo6YFPydeWr8UFuk ySmf8DtqHVh45OIUzZnirLTjt4Jy22be2uRio4aUWfQ9AWhqGMzrS4ORTgIogTUy93Jv3CgRNwJJ crvpom3V7o0qAw+DIY5rYE0okkXZGO3jNZLESI0lNQkRThA2ycfauPD8MsCnpqbzGySPLTTPouoD LO3C6paivYXNXb9IgJskzVrUjmLjluO8VzQBY9AmOT8H9yD7wsXyzNDPxxLH6d1RdgbyySyaUawY wRIumw0UbPauV+4wKIAJEbYnYIKtkXcmeEwqm5UnB1UPrkBtpwW2E5wBCcNhYW2NLoj3Bmvg5F6E gN3tS5YtlaJ2uv+Ue2bPnn1AyomfAyA6HKMhbKOcMNF3IdSEG0EViHhPixDrQ4wVvSxrWSvxWmoJ HN9P0k+Ox50EyjAJq/1N8B3/lYzKHYdKlrnLH52+5vwDZjcWfBYw6HmjWcoqheStSIpDBWBitI6c ISajenhwpbQFawdNQk7ZiEOEdJcDr4ghZgmDh3lTsohFg0L2O0CEwMX+TIwVcwKgxWJkWqvp4HJC R7psOlDcSbYeb+FHO4jcaS4NKQ9pLNbAh+NanONljzHnxPHoB4JDW/LAoOX4G1cDT2AuwXdFANUc pnDRyjygJddsK3WbOrvFn1TZRHkV0hPyb0GDwwuAoJkY+xlEQG8v3kDKtLACFXrwkiNnaMgRiIYi KGGlwAxH8dSaPbT2xZpTmRdnhteElyFyBt2V/1C1B/0O435N9oajqdWZKKS79gnM6Q8AtLJ3JqOd YKOTZMnGigdS+0o0Sjg6AFC5N+cLoJLmQUInfU0O2OEEXN5Hlk3RNIRwjzzjY+p4oU6eOvWEjv46 5dQpJGw8ggJuyaampq2QeBsHWGxol9QbDnAqqlji1+noH481NQ3PptN86tehakCrpGSUPcEdrdzg KP8l/sJP5QZPOzYgkDBT2lf3w8NzN1SVK/jvwirUVW0EoaAKTWoB4a2WgN+E6RIFZJ3z4dLkQVaY LEiKQgLFzegkT+10kewaS2BibpYHP0wWD6/f/AYWXQXFT7z/jGCSCwTbFlwiEv+YysCqiCQLSkUB 7qsmi587n+AdEKZ86Lraw0FMHi4mFM0KvoElDaJDeoBOZ/FBFiysXRg6oqEZMvtfivoDkKRuE7S+ 6HyRaUdgxfgETyFuAjAI3pxHYux/ieZB/k9lZ3OFGyIaI6rdsAYUtFMfxEdpYfmU6AgGDaQmd1jX Sb7nSwtkTvqhmOfGUrfZJVehy/CiZkvHP03jBMxW1pFiVUuXu+d2pkWezTLAp/+OGjBlzReOmIfU Ist2Dguk7EzEu8JKcRD0aEVpgH+R5YCLDvnQkd6ZOXWhz6DQmDpzvWHUDLZK5xr6057pdP/OjRr2 AsEybgX7nn/ANSszbgyPLOpX+dYwJPcemE4kJmbyQdWIJHRSswga/Tb0Y9D5yZrZNH0ECODjyKJw Gv0SibGf1qVAAkSH6NPB9zTdys2BDq8z5P+49GGAr5SCSUD+FLUwFlLjw8yIGB2zsgMKzBo7NVIc 7tQAhHXN9UryJStFMmG2XYkN7WhmLe08FqiUDRGiJsGWZlhIX5Cf/GCzAJ3pXWoALC72OJ27AGUx yyADgqgnVQaiqFon7ii1M5rLDJgMQapIWEaFFIzyJpUSuCtJejzy474jQEjNw29ermI77SNdqakp mshhranoeIIaTWgCU4xO8VZkyo7nmEQZ3Tgc2xFplpUSCu89qB3d4floRhbzCKOhKnKfOiGLKnf5 wABTleXWo+EQb/lXLG43bMwn9uVqwoJEJip+8xP7xmLcPcG9u0cnaLUq4OOhUxqakIPcKeZP0ZwR jQFmHv0hjK4xz42s4tR2X5PETvonvPVwzpb5KDozJ/bnQnLB8mbpEZYZET9FDRYmmdv09zBSyNA4 qQZwptMJ7GewgxVAkKVIYjAJSQbVO82WmYGMiCGSRCCTVIyQrdyZeRX7UGuBqSL5aFJelwTL9SHn iqDUeSuaJvCQwx4WDYMF8ggCLHlCDpcVKwEcKxlE1Qw4D1bTzLzwA4CMdsazibZXkd9FDVHSKUWz EQDeVEH68EJlFxR+wiYMdEQKqQ3L+YTu0I2gSJeE3f3OBpi6L7tuH4nHbHgtqhfhSXkfBo6U8gJ8 MFGFraY2YY+cOXPe6Inj/T3tuP2vzmw1vsnJhBwbRp08hsLDJvW3uQURF4jkgbEoGPKnWB9Jtvzp gvZQGlWuSN7OKIhm14P9TSCimcSdOehQhZPdz6yEsrIqBIUy7g40LvppmNAqO5BEtAAW6QegJrc/ A/l9L0sBN1tC6J13rusp0smtnfJCjUCKopijFblCm77F1DZJbSCWMZKnKyT8Kiz9UtLUeB301zAx mbLNwWSjySSJz1nZTwOK0MQK10INEdHP9ATpwzLFwieLR5ywCFjagymrG+QI7tz/TlJNoCUDLCUI gibROPE5tjXFesc06+piMcDUVYlVo7+v9sjmvT3h8fiHbJWHJ4eeFw6dzwfDkD/HGO77+NuHEWF8 Ab/rp7enjSDUAdFR6vI07CA8JSnpKrW6uxcGJqBRo5Fs9bptRYNwI38QOVNSkSEM34d5cMVLY11q LKjEOOw2gvpBUvCMO6MkRkjJEEbrYqgkkKI5hH7C3O7mPNubil0TcAHbGzUvOFY76uloF24SI4JM kgbghY27l2Sev1JANrXDORKBa3roCMy9RW8wAAuNFAQCOXlb4mciZODvNAMTW39B/s3KlBIxpfyE RBkCkiQM0/NQAij6r4Sr5SI+w78QhFiTajV4YWhRDXay3Slbmr4EPRlf7okkNvRZM8DUB6JP12Tv 890acCylxl2rBv7mkmQCxEtsbwWewvs7rthrZbenSB+IhLbpg2F+nGYUFyNr5QNj0XDnDCa1+i1w 4pbvc9blCdBUozMYwDR0V4nsiD+DjuLNPfBS1taVtz3Jjjb4U9waiVQGD450RsK8NU+hhtCp4iPK YicREhE1WbLzZliXL6niAbyBpMPqqFbJX9PaRBKwqkFdQDib46OPkvxE+poyKPPCom3kZJHcScDi Di+66iajhBOwISbKo4DQSW1Xtlyi/EIgYvkTNmrBUjeqXHskuMgnWuJ6gwcCH5OeyX7nziotKJHi glDJ58JB9YfUTt9GwORp+Bdv7D7gV0G4BpiqIMSuDnH5o+eiSr/CU9Zxm8XoLPb36OrYun9YZgT+ mBhC47omEU0eViGESUVTCCq91jTCxUwiKgAAey3otIaellBlZQZut43zcvNFvWg6CRzyxiYTGRny LVFmEKN/CHcjQkQHuwc+Detb16BmEH02sjkmtYLy+kTdE95mjiqRHGXLbzELuYzaXhv6RYnIBC0p xbsB4fkLsIvvPVJ9wV39b4mCZp49T/x+5ILVH/J38f1RexEGOO8azL6WJ6bg+2UCYFHo3hm6u/yd u+gWqyWEzusUyJNJ1rMqghU4SKAi0OnOffjqQEGgI5znk7IreIFF4/EFknuDvKoyU7GYVN3Je9hD 2Rtg6qEA+93hYcIst9hm/SNxcMOJTf6PMLURKiYJks5mcmL0wgodquT/sHWKaNiJKy9G1brJfujA 9JRUDvjDuEcaWeDceYSLmLWs6SfbrFbWial32IUAw2oELB/DnVU68nHhe2o57Cc7qxBsCaoAUBax SyJCygqZYjaDX9W84EuyUzApAXb9jsiQQv0k5gbCb8Vtx8XZH4fmBb+aRFNxLxk0kK29Uf6EYxPM qD1JeJ9lYrgzb7mjXPyJAHxosk3//oxsb8UUmChthsEPmse5pXM0l0rAln4uBEfgI5NrFfJt74OT AaaePKT97limYqDMyZjPysPEgmsakOjk1Mz4gECFDQFiKL0aRzifrF9xfDMhl/4a/id1j3oYsQEo MQrHcrcEEV0orVpNayPMl2Mtay5gFu9nikXu9V+HqR6sQ9QmGbkKpycwsFIDP4LhFU1Tap91UuY2 o2bqfiEXiNpr9uXLhdwo/CFSGmKarJp99SrRVGTXFZreoExIDXWpL0UnNlNP7lMb7t9b57vBPBYg ljItOCfAiGknm2qanIl7AX8YWdzZl3+mTVCa/TIe/VqlvDxqqaR7cDPNqHUvKNI14Rtg6pq8+nVv AgtrXtNkY1In0zLaLhyJwPEBR4mT+GjwlhD98uG3YUlcJsjS4Uq/jgazbkZohLRYIxqbKjTrWkfl 7OxqSZEOdFZHQLSPIMCNItMots8NCEiPkNB6MZu+WiflOHwBUAuMeFMdjB3l7UUcKw1R2oSmD08q W4ZRRWpUAhAkXq7V54i+k+NKL4piCkqohbU6e3TOSlMqzoPADkCMAAnsfX0tHfvJij7HLkdBuyd3 A0zdk1u/OQqKSC23Fm3gG09hF5GRCOituEPVNpYqK1aeLP6eAYt4u/OUGjYVDyWc5Nwk0m9R8cYd EKHbRsU9OMG7EUZX2JSgkN4TmfwTEWZcouJxhKgbusYR6pqAYdrRxFiFqsfWyyq+MzaVHL2ryrw8 Wznu+ypR0xuO8c7QFDalsXV0PI/Z3LLc1Lm7qiWyf2dK0mxi3Dr8rbl6pGDe+81JoGvPh+m9xSWA BOY7/TXeO+ubsl5i689sY2WSSHNauxzmGF6Bm/btBIVMkFyzYmy8Jt7grbx/cWb57/30DmfvlBh5 2L7euGlvNj99zgNWenQX6+1iK61C3q/b/qtH+skdhmdXPvVIbs0GzGcInRW9KB8uHNAUFv9RxVY3 WTV7XbZrbI99980tveHpljfvekKlhyWZjt2LE/jADl1XQO0OS71aTQEYYKqmNPtgrCufnv5XnJYf NeNzM8gkX37F3bWM+nWqzfjCjAZ03PXSa//5qFInqhlHnUHV5rJU/S6p1HZn/eaSSy5Z2qmByjrN mDGDeRbkYj1wxZ02amhc1NUhet7/oT8rzONz2BHkk+pAtRDXERYF7/nQZoTel4ABpt6X8ZY8A5l5 mtrb+UYg0ow+NCzgHBb0nfj1HHy+j9+vwnfPdXY49KeT62th/1KKfWcHqGI/zPuPmA8za88I53U1 vuuqfKo4IzNUZyVggKmzkhoY/Rjv7ypll2SmVrVYsXgfxkJmGcQT8bkgBKr78L0uvF2hoQ9DQwgH KrL+aDJdj/5krfdpwxyewdwuxCTOxOdy/M55/btPJ2VOvlkJGGDarIgGVAfQfxVCYV2y99m/nemH xXsHFjGB6Mv4wDuuPoJ/w9wT0ifDOAQz+p8IYGT6HYQPzTeONa8/LX7MZT3m9GOadgQo/OR85+D7 DutkDai7Pggna4BpcN3UlwkkWHiJziw69GN4h2BC061dwxj3oA9oweqL+OyFD6nITEtn9iuBieEc akrUutbh8w987sJxb/VHsYamHett0Uy9LDRT3+iPc/2gz8kA0yB6AmhqYbHRfKI5BebkZtt/occr OK7Nlh+l4/A3AtNPMO5O+AlmnwAZM0P57BCgGI1h3shT3XGUb3aGVe6AOb4amnanYegf4ff5+E6C B6b1HwkYYOo/96IqM8EiewqLbTg+qPim/oJ/h8V8SsPjb3R4H4WPi78/1pkTox+1MX4Y7eJzww+P b+Wf6sxYfd0n9JVdjetYhLl8NTTtfoXvm/t6bub8WgIGmAbhk4AF9jcstv1xaTTrwJpUjExxZwJW CeM2HPy8in4LunP5IRgNOEBqe624jgdCU5Wm3c/wO6N2BKsOG/qMxh8bwg5r0b/71R+6I/wPyDEG mAbpjcaCeQKL6HlcHiqZKdQOkZcQMzDpuF5QSZMapKLY5GVBDm9DTt9Bp5PxIT2CPjJuH9+q4ftD 8QX3GqTDPNKs6ujPw79pDiMj2rRqScAAU7Uk2Q/HCU2Whf1wav1qSpATC1XdFPrnTsdPFsa+Bt+v wu/0p3GzC0Yb7+Z35ZPH35HCrw7Bz9Px8zb8fV2/urgBOhkDTAP0xplpV18CoZZJR/5Z+NDhfyt+ 0un/CP5WkWQaAtWd6Lsn+p2Cn7ONr6rn98YAU89laEYYRBIAqGAXTXUJAOYL+HkqPj/enN+Jl0/g wjH04R2Dzy2DSCR9cikGmPpE7OakA0ACjFbWdQaUomtB38dpBuIzEb8vHQDX2G+naICp394aM7E+ lgCjmgwedLU9iwNIRjXA1FXJlfU3wNQD4ZlDB7UEWDKSNIuuNh6ji3Wb1m0JGGDqtujMgYNVAjDF WAeYicjtyKmduGYeM+A5Xp24zl7tYoCpV8VrBh+IEoB/KAA4sapdZ0o7tr1ErqnOlLcciKLZYnM2 wLTFRG1ONMAkQM2HLG9WJuhKY7UFEllN64EEDDD1QHjm0EEtASYnk5sk+YFdaDyGic+m9UACBph6 IDxz6KCWAAmVB8Gk2xqmXafKuKAva1sNx6diGZlBLa0qX5wBpioL1Aw3OCQAMPIBNH/B1TARmkXl 1m3qysLUlePQ5w4eOzik0HdXYYCp72RvztzPJQCAWQbA4SYGU/HzAfx7YaUp42+sU/VxfO5Fnzf7 +WUNiOkZYBoQt8lMsq8kAKB5AcDDxN2j8JOkS5p12PNb9snGlrlqHD4sQXwr+nZ6d5q+up6Bcl4D TAPlTpl59pkEQsC5GcDEiNskfBrCyXDLXFbuNDWZqnx3DDBVWaBmuMErgRCADAhtgVtsgGkLCNmc wkjASKBrEjDA1DV5md5GAkYCW0ACBpi2gJDNKYwEjAS6JgEDTF2Tl+ltJGAksAUkYIBpCwjZnMJI wEigaxIwwNQ1eZneRgJGAltAAgaYtoCQzSmMBIwEuiYBA0xdk5fpbSRgJLAFJGCAaQsI2ZzCSMBI oGsSMMDUNXmZ3kYCRgJbQAIGmLaAkM0pjASMBLomgf8Hd53aaJp254IAAAAASUVORK5CYII= --000000000000593f2205c11d6aec-- ========================================================================= Date: Sat, 1 May 2021 06:55:34 +1000 Reply-To: Tomslin Samme-Nlar <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: Tomslin Samme-Nlar <[log in to unmask]> Subject: Re: DRAFT COMMENT - GNSO Review of All Rights Protection Mechanisms in All gTLDs Policy Development Process Phase 1 Final Recommendations for ICANN Board Consideration X-To: ncsg-pc <[log in to unmask]> X-cc: =?UTF-8?Q?Pedro_de_Perdig=C3=A3o_Lana?= <[log in to unmask]> In-Reply-To: <[log in to unmask]> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="000000000000e69dfb05c136d52d" Message-ID: <[log in to unmask]> --000000000000e69dfb05c136d52d Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi all, This public comment proceeding has been extended by 21 days. There is therefore enough time now to review and make it better, if need be. Please consider reviewing the draft, which again can be found here: https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFelOAxyAK0THFb= j6io/edit?usp=3Dsharing Cheers, Tomslin On Thu, 29 Apr 2021 at 14:06, Tomslin Samme-Nlar <[log in to unmask]> wrote: > Dear members and PC, > > We have a draft comment on this proceeding which has been kindly drafted > by Pedro de Perdig=C3=A3o found here: > https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFelOAxyAK0TH= Fbj6io/edit?usp=3Dsharing > > Unfortunately, we have only 2 days to review/edit. So could members, > especially the PC please review? > > Cheers, > Tomslin > > > On Tue., 13 Apr. 2021, 21:36 Tomslin Samme-Nlar, <[log in to unmask]> > wrote: > >> Dear members, >> >> There is a running public proceeding seeking to obtain community input >> prior to the Board action on the Phase 1 final recommendations of the GN= SO >> Review of All Rights Protection Mechanisms (RPMs) in All gTLDs Policy >> Development Process (PDP) >> >> Please let me know off-list if you'd like to volunteer for the comment >> drafting. It'll be nice to have more than one volunteer. >> >> The comment period closes on 30 April 2021. >> >> More information on the public comment can be found here : >> https://www.icann.org/public-comments/gnso-rpm-pdp-phase-1-final-recomme= ndations-2021-04-07-en >> >> A draft Google doc for the comment can be found here: >> https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFelOAxyAK0T= HFbj6io/edit?usp=3Dsharing >> >> You can find previous NCSG comments here: >> https://community.icann.org/display/gnsononcomstake/Public+Comments+-+20= 21 >> >> Regards, >> Tomslin >> >> --000000000000e69dfb05c136d52d Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div dir=3D"ltr"><div>Hi all,</div><div><br></div><div>Thi= s public comment proceeding has been extended by 21 days. There is therefor= e enough time now to review and make it better, if need be.</div><div><br><= /div><div>Please consider reviewing the draft, which again can be found her= e:=20 <a href=3D"https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFel= OAxyAK0THFbj6io/edit?usp=3Dsharing" style=3D"font-family:sans-serif" target= =3D"_blank">https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFe= lOAxyAK0THFbj6io/edit?usp=3Dsharing</a> </div><div><div dir=3D"ltr" class=3D"gmail_signature" data-smartmail=3D"gma= il_signature"><div dir=3D"ltr"><div><div dir=3D"ltr"><div><div dir=3D"ltr">= <div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div di= r=3D"ltr"><div><br></div><div>Cheers,<br></div>Tomslin<div><span style=3D"c= olor:rgb(0,0,0);font-size:12.8px"><br></span></div></div></div></div></div>= </div></div></div></div></div></div></div></div><br></div><br><div class=3D= "gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Thu, 29 Apr 2021 at = 14:06, Tomslin Samme-Nlar <<a href=3D"mailto:[log in to unmask]">mesu= [log in to unmask]</a>> wrote:<br></div><blockquote class=3D"gmail_quote"= style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);p= adding-left:1ex"><div dir=3D"auto"><div>Dear members and PC,<div dir=3D"aut= o"><br></div><div dir=3D"auto">We have a draft comment on this proceeding w= hich has been kindly drafted by=C2=A0Pedro de Perdig=C3=A3o found here:=C2= =A0<a href=3D"https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRi= FelOAxyAK0THFbj6io/edit?usp=3Dsharing" style=3D"font-family:sans-serif" tar= get=3D"_blank">https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPR= iFelOAxyAK0THFbj6io/edit?usp=3Dsharing</a></div><div dir=3D"auto"><br></div= ><div dir=3D"auto">Unfortunately, we have only 2 days to review/edit. So co= uld members, especially the PC please review?</div><div dir=3D"auto"><br><d= iv dir=3D"auto">Cheers,<br>Tomslin<br>=C2=A0=C2=A0=C2=A0 </div></div><br><d= iv class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Tue., 13 = Apr. 2021, 21:36 Tomslin Samme-Nlar, <<a href=3D"mailto:mesumbeslin@gmai= l.com" rel=3D"noreferrer noreferrer" target=3D"_blank">[log in to unmask] m</a>> wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin= :0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"= ><div dir=3D"ltr"><div>Dear members,</div><div><br></div><div>There is a ru= nning public proceeding seeking to obtain community input prior to the Boar= d action on the Phase 1 final recommendations of the GNSO Review of All Rig= hts Protection Mechanisms (RPMs) in All gTLDs Policy Development Process (P= DP)</div><div><br></div><div>Please let me know off-list if you'd like = to volunteer for the comment drafting. It'll be nice to have more than = one volunteer.<br></div><div><br></div><div> The comment period closes on 30 April 2021. <br></div><div><br></div><div>M= ore information on the public comment can be found here : <a href=3D"https:= //www.icann.org/public-comments/gnso-rpm-pdp-phase-1-final-recommendations-= 2021-04-07-en" rel=3D"noreferrer noreferrer noreferrer" target=3D"_blank">h= ttps://www.icann.org/public-comments/gnso-rpm-pdp-phase-1-final-recommendat= ions-2021-04-07-en</a><br><br>A draft Google doc for the comment can be fou= nd here: <a href=3D"https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpS= FnpPRiFelOAxyAK0THFbj6io/edit?usp=3Dsharing" rel=3D"noreferrer noreferrer n= oreferrer" target=3D"_blank">https://docs.google.com/document/d/1sfowGrsBgw= wCieCaKpSFnpPRiFelOAxyAK0THFbj6io/edit?usp=3Dsharing</a><br><br>You can fin= d previous NCSG comments here: <a href=3D"https://community.icann.org/displ= ay/gnsononcomstake/Public+Comments+-+2021" rel=3D"noreferrer noreferrer nor= eferrer" target=3D"_blank">https://community.icann.org/display/gnsononcomst= ake/Public+Comments+-+2021</a><br><br></div><div><div dir=3D"ltr"><div dir= =3D"ltr"><div><div dir=3D"ltr"><div><div dir=3D"ltr"><div dir=3D"ltr"><div = dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div>Regards= ,<br></div>Tomslin<div><span style=3D"color:rgb(0,0,0);font-size:12.8px"><b= r></span></div></div></div></div></div></div></div></div></div></div></div>= </div></div></div> </blockquote></div></div></div> </blockquote></div></div> --000000000000e69dfb05c136d52d-- ========================================================================= Date: Fri, 30 Apr 2021 18:19:37 -0300 Reply-To: =?UTF-8?Q?Pedro_de_Perdig=C3=A3o_Lana?= <[log in to unmask]> Sender: NCSG-Discuss <[log in to unmask]> From: =?UTF-8?Q?Pedro_de_Perdig=C3=A3o_Lana?= <[log in to unmask]> Subject: Re: DRAFT COMMENT - GNSO Review of All Rights Protection Mechanisms in All gTLDs Policy Development Process Phase 1 Final Recommendations for ICANN Board Consideration X-To: Tomslin Samme-Nlar <[log in to unmask]> X-cc: ncsg-pc <[log in to unmask]> In-Reply-To: <[log in to unmask]> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="00000000000000a13905c1372c0c" Message-ID: <[log in to unmask]> --00000000000000a13905c1372c0c Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Great news! I did not have the time to work on it the way I'd like, but now I can add a few more things and write an adequate background :) It also would be great if more experienced people could add a few more substantive topics since it's very basic for now. Cordially, *Pedro de Perdig=C3=A3o Lana* Lawyer, OAB/PR 90.600, Faria Santos Advocacia <https://cutt.ly/RfkTFrK> LLM in Commercial Law at UCoimbra (PT), Researcher at GEDAI/UFPR <https://www.gedai.com.br/> Board member of Youth SIG <https://youthsig.org/> (Internet Society) and Creative Commons Brazil <https://br.creativecommons.net/> The information available in this email is restricted to the sender and the intended recipient(s). Em sex., 30 de abr. de 2021 =C3=A0s 17:55, Tomslin Samme-Nlar < [log in to unmask]> escreveu: > Hi all, > > This public comment proceeding has been extended by 21 days. There is > therefore enough time now to review and make it better, if need be. > > Please consider reviewing the draft, which again can be found here: > https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFelOAxyAK0TH= Fbj6io/edit?usp=3Dsharing > > Cheers, > Tomslin > > > > On Thu, 29 Apr 2021 at 14:06, Tomslin Samme-Nlar <[log in to unmask]> > wrote: > >> Dear members and PC, >> >> We have a draft comment on this proceeding which has been kindly drafted >> by Pedro de Perdig=C3=A3o found here: >> https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFelOAxyAK0T= HFbj6io/edit?usp=3Dsharing >> >> Unfortunately, we have only 2 days to review/edit. So could members, >> especially the PC please review? >> >> Cheers, >> Tomslin >> >> >> On Tue., 13 Apr. 2021, 21:36 Tomslin Samme-Nlar, <[log in to unmask]> >> wrote: >> >>> Dear members, >>> >>> There is a running public proceeding seeking to obtain community input >>> prior to the Board action on the Phase 1 final recommendations of the G= NSO >>> Review of All Rights Protection Mechanisms (RPMs) in All gTLDs Policy >>> Development Process (PDP) >>> >>> Please let me know off-list if you'd like to volunteer for the comment >>> drafting. It'll be nice to have more than one volunteer. >>> >>> The comment period closes on 30 April 2021. >>> >>> More information on the public comment can be found here : >>> https://www.icann.org/public-comments/gnso-rpm-pdp-phase-1-final-recomm= endations-2021-04-07-en >>> >>> A draft Google doc for the comment can be found here: >>> https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFelOAxyAK0= THFbj6io/edit?usp=3Dsharing >>> >>> You can find previous NCSG comments here: >>> https://community.icann.org/display/gnsononcomstake/Public+Comments+-+2= 021 >>> >>> Regards, >>> Tomslin >>> >>> --00000000000000a13905c1372c0c Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div>Great news! I did not have the time to work on it the= way I'd like, but now I can add a few more things and write an adequat= e background :)<br></div><div><br></div><div>It also would be great if more= experienced people could add a few more substantive topics since it's = very basic for now.<br></div><div><br></div>Cordially,<br clear=3D"all"><di= v><div><br clear=3D"all"><div><div dir=3D"ltr" class=3D"gmail_signature" da= ta-smartmail=3D"gmail_signature"><div dir=3D"ltr"><div><b><font size=3D"2">= <span style=3D"font-family:garamond,times new roman,serif">Pedro de Perdig= =C3=A3o Lana<br></span></font></b></div><div><a href=3D"https://cutt.ly/Rfk= TFrK" target=3D"_blank"><span style=3D"color:rgb(0,0,0)"><font size=3D"2"><= span style=3D"font-family:garamond,times new roman,serif">Lawyer, OAB/PR 90= .600, </span></font></span><span style=3D"color:rgb(0,0,0)"><font size=3D"2= "><span style=3D"font-family:garamond,times new roman,serif"><span style=3D= "color:rgb(7,55,99)"><font size=3D"2"><span style=3D"font-family:garamond,t= imes new roman,serif"><font size=3D"2"><span style=3D"font-family:garamond,= times new roman,serif"><span style=3D"color:rgb(0,0,0)">Faria Santos Advoca= cia</span></span></font></span></font></span></span></font></span></a></div= ><div><span style=3D"color:rgb(0,0,0)"><font size=3D"2"><span style=3D"font= -family:garamond,times new roman,serif">LLM in Commercial Law at UCoimbra (= PT), </span></font></span><span style=3D"color:rgb(0,0,0)"><font size=3D"2"= ><span style=3D"font-family:garamond,times new roman,serif"><span style=3D"= color:rgb(7,55,99)"><font size=3D"2"><span style=3D"font-family:garamond,ti= mes new roman,serif"><font size=3D"2"><span style=3D"font-family:garamond,t= imes new roman,serif"><span style=3D"color:rgb(0,0,0)"> Researcher at <a hr= ef=3D"https://www.gedai.com.br/" target=3D"_blank">GEDAI/UFPR</a></span></s= pan></font></span></font></span></span></font></span><span style=3D"color:r= gb(7,55,99)"><font size=3D"2"><span style=3D"font-family:garamond,times new= roman,serif"><font size=3D"2"><span style=3D"font-family:garamond,times ne= w roman,serif"><span style=3D"color:rgb(0,0,0)"></span><br></span></font></= span></font></span></div><div><font size=3D"2"><span style=3D"font-family:g= aramond,times new roman,serif"><span style=3D"color:rgb(7,55,99)">Board mem= ber of <a href=3D"https://youthsig.org/" target=3D"_blank">Youth SIG</a> (I= nternet Society) and <a href=3D"https://br.creativecommons.net/" target=3D"= _blank">Creative Commons Brazil</a><br></span></span></font></div><font siz= e=3D"1"><span style=3D"font-family:garamond,times new roman,serif">The info= rmation available in this email is restricted to the sender and the intende= d recipient(s). </span></font></div></div></div><br></div></div></div><br><= div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">Em sex., 30= de abr. de 2021 =C3=A0s 17:55, Tomslin Samme-Nlar <<a href=3D"mailto:me= [log in to unmask]">[log in to unmask]</a>> escreveu:<br></div><bloc= kquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:= 1px solid rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr"><div dir=3D"l= tr"><div>Hi all,</div><div><br></div><div>This public comment proceeding ha= s been extended by 21 days. There is therefore enough time now to review an= d make it better, if need be.</div><div><br></div><div>Please consider revi= ewing the draft, which again can be found here:=20 <a href=3D"https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFel= OAxyAK0THFbj6io/edit?usp=3Dsharing" style=3D"font-family:sans-serif" target= =3D"_blank">https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpSFnpPRiFe= lOAxyAK0THFbj6io/edit?usp=3Dsharing</a> </div><div><div dir=3D"ltr"><div dir=3D"ltr"><div><div dir=3D"ltr"><div><di= v dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir= =3D"ltr"><div dir=3D"ltr"><div><br></div><div>Cheers,<br></div>Tomslin<div>= <span style=3D"color:rgb(0,0,0);font-size:12.8px"><br></span></div></div></= div></div></div></div></div></div></div></div></div></div></div><br></div><= br><div class=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Thu,= 29 Apr 2021 at 14:06, Tomslin Samme-Nlar <<a href=3D"mailto:mesumbeslin= @gmail.com" target=3D"_blank">[log in to unmask]</a>> wrote:<br></div= ><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border= -left:1px solid rgb(204,204,204);padding-left:1ex"><div dir=3D"auto"><div>D= ear members and PC,<div dir=3D"auto"><br></div><div dir=3D"auto">We have a = draft comment on this proceeding which has been kindly drafted by=C2=A0Pedr= o de Perdig=C3=A3o found here:=C2=A0<a href=3D"https://docs.google.com/docu= ment/d/1sfowGrsBgwwCieCaKpSFnpPRiFelOAxyAK0THFbj6io/edit?usp=3Dsharing" sty= le=3D"font-family:sans-serif" target=3D"_blank">https://docs.google.com/doc= ument/d/1sfowGrsBgwwCieCaKpSFnpPRiFelOAxyAK0THFbj6io/edit?usp=3Dsharing</a>= </div><div dir=3D"auto"><br></div><div dir=3D"auto">Unfortunately, we have = only 2 days to review/edit. So could members, especially the PC please revi= ew?</div><div dir=3D"auto"><br><div dir=3D"auto">Cheers,<br>Tomslin<br>=C2= =A0=C2=A0=C2=A0 </div></div><br><div class=3D"gmail_quote"><div dir=3D"ltr"= class=3D"gmail_attr">On Tue., 13 Apr. 2021, 21:36 Tomslin Samme-Nlar, <= <a href=3D"mailto:[log in to unmask]" rel=3D"noreferrer noreferrer" targ= et=3D"_blank">[log in to unmask]</a>> wrote:<br></div><blockquote cla= ss=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid = rgb(204,204,204);padding-left:1ex"><div dir=3D"ltr"><div>Dear members,</div= ><div><br></div><div>There is a running public proceeding seeking to obtain= community input prior to the Board action on the Phase 1 final recommendat= ions of the GNSO Review of All Rights Protection Mechanisms (RPMs) in All g= TLDs Policy Development Process (PDP)</div><div><br></div><div>Please let m= e know off-list if you'd like to volunteer for the comment drafting. It= 'll be nice to have more than one volunteer.<br></div><div><br></div><d= iv> The comment period closes on 30 April 2021. <br></div><div><br></div><div>M= ore information on the public comment can be found here : <a href=3D"https:= //www.icann.org/public-comments/gnso-rpm-pdp-phase-1-final-recommendations-= 2021-04-07-en" rel=3D"noreferrer noreferrer noreferrer" target=3D"_blank">h= ttps://www.icann.org/public-comments/gnso-rpm-pdp-phase-1-final-recommendat= ions-2021-04-07-en</a><br><br>A draft Google doc for the comment can be fou= nd here: <a href=3D"https://docs.google.com/document/d/1sfowGrsBgwwCieCaKpS= FnpPRiFelOAxyAK0THFbj6io/edit?usp=3Dsharing" rel=3D"noreferrer noreferrer n= oreferrer" target=3D"_blank">https://docs.google.com/document/d/1sfowGrsBgw= wCieCaKpSFnpPRiFelOAxyAK0THFbj6io/edit?usp=3Dsharing</a><br><br>You can fin= d previous NCSG comments here: <a href=3D"https://community.icann.org/displ= ay/gnsononcomstake/Public+Comments+-+2021" rel=3D"noreferrer noreferrer nor= eferrer" target=3D"_blank">https://community.icann.org/display/gnsononcomst= ake/Public+Comments+-+2021</a><br><br></div><div><div dir=3D"ltr"><div dir= =3D"ltr"><div><div dir=3D"ltr"><div><div dir=3D"ltr"><div dir=3D"ltr"><div = dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div dir=3D"ltr"><div>Regards= ,<br></div>Tomslin<div><span style=3D"color:rgb(0,0,0);font-size:12.8px"><b= r></span></div></div></div></div></div></div></div></div></div></div></div>= </div></div></div> </blockquote></div></div></div> </blockquote></div></div> </blockquote></div> --00000000000000a13905c1372c0c--