Logo

Julie Bisland's Personal Meeting Room
Hadia Elminiawi
33:24
Hello all
Mark Svancarek (marksv)
35:15
Hi, Elena
Elena Plexida (ICANN Org Liaison)
35:28
Hello everyone
Margie Milam (BC)
37:31
Can elena provide an overview of the discussion from her point of view?
Becky Burr (ICANN Board Liaison)
40:33
I am a bit confused about the focus on the Belgian DPA. Didn’t he say that the office was not competent on the controller issue??
Volker Greimann
44:18
Before this meeting we were standing at the precipice but now we have taken a great step forward
Marc Anderson (Verisign / RySG)
44:45
thank you Elena
Amr Elsadr (NCSG)
44:52
Thanks, Elena.
Mark Svancarek (BC) (marksv)
45:39
@Volker - did we step forward over the precipice, or...
Amr Elsadr (NCSG)
46:28
@MarkSV: LoL!!
Amr Elsadr (NCSG)
46:40
Maybe we were all shoved fwd?
Volker Greimann (RrSG)
47:37
Not sure, do you feel the wind rushing past your face?
Thomas Rickert (ISPCP)
48:36
Here we go again: Detail detail detail
Brian King (IPC)
48:46
+1 Alan G
Thomas Rickert (ISPCP)
49:00
Let‘s settle on a model allocating roles and resonsibilities and flesh things out
Hadia Elminiawi (ALAC)
49:18
+1 Alan give them exact cases to test the water
Alan Woods (RYSG)
51:29
I personally am hearing is that they cannot pass judgment - unless of course they are 'investigating us' which is their actual power. Detail is key - but we must follow the actual legal process to engage the guidance role - Elena noted the path to the EDPB - that is helpful - we can use Art 36 'prior consultation' but again … I'm getting the clear message that we must follow the legal processes... and have we not been saying this for years now?
Milton Mueller (NCSG)
52:08
We have, Alan
Owen Smigelski (RrSG / Namecheap)
53:01
+1 Alan W.
Milton Mueller (NCSG)
54:00
I wonder how they got that idea?
Thomas Rickert (ISPCP)
54:19
The way I read the letter: The don‘t want questions, but a PROPOSAL on how we think things can work. They can then assess whether we are on the right track.
Alan Woods (RYSG)
55:57
That is a great question Margie. +1
Brian King (IPC)
56:36
+1 Margie and Alan W, let's follow whatever process we need to so we can get that guidance
Mark Svancarek (BC) (marksv)
58:40
+1 Thomas
Elena Plexida (ICANN Org Liaison)
58:59
Article 64 (2) of GDPR
Brian King (IPC)
59:29
Thanks, Georgios. That would be very helpful.
Milton Mueller (NCSG)
01:00:37
I guess Goran convinced them that he made policy ;-)
Mark Svancarek (BC) (marksv)
01:01:31
grr
Milton Mueller (NCSG)
01:02:30
amen, Janis!
Alan Woods (RYSG)
01:05:38
thanks Elena. I had actually completely forgotten that provision existed. Very interesting. Of course, that would be if the Commission feels like it can provide such a question on this matter. I don't know if we can presume. I mean we all know how important we are …. but we're biased! :D
Volker Greimann (RrSG)
01:06:53
Well obviously the board knows, that is why Becky is here.
Volker Greimann (RrSG)
01:07:09
Part of why, anyway
Volker Greimann (RrSG)
01:08:38
Thank you, that is reassuring
Janis Karklins (Chair)
01:10:56
Amen, Milton!
Elena Plexida (ICANN Org Liaison)
01:11:15
Yes, Alan, it is Commission that puts a question
Mark Svancarek (BC) (marksv)
01:12:03
Thanks Elena. We are a tough crowd
Amr Elsadr (NCSG)
01:12:06
Thanks for chatting with us, Elena.
Hadia Elminiawi (ALAC)
01:12:28
Thank you Elena
Brian King (IPC)
01:12:28
Thanks, Elena. And thanks as always Janis.
Elena Plexida (ICANN Org Liaison)
01:12:30
thank you all
Berry Cobb
01:16:29
Staff has started the process to investigate locations and duration for a possible F2F. As Janis noted, things are fluid regarding the Covid-19. We will need to seek approvals from the PCST, Org, & Board ultimately.
Julf Helsingius (NCSG)
01:16:58
May 11-15 is RIPE80
Amr Elsadr (NCSG)
01:17:05
I’m pretty sure that this kind of schedule will be impossible for me.
Berry Cobb
01:18:02
The schedule for Cancun was Priority 2 items.
Alan Woods (RYSG)
01:18:22
hey I still have non refundable tickets to cancun! :D all in a room .. staff can be remote..... :D
Berry Cobb
01:19:14
Correction, the schedule for Remote 67 sessions IS Priority 2 items.
Berry Cobb
01:19:38
We are losing an F2F, but total time spread over the 2 weeks is the same.
Hadia Elminiawi (ALAC)
01:19:39
@Alan w - go on a holiday for a couple of days
Brian King (IPC)
01:19:41
Thanks, Berry.
Marika Konings
01:20:24
17 and 19 March are also new meetings
Hadia Elminiawi (ALAC)
01:21:03
F2F meetings have a different nature that online calls do not substitute for
Milton Mueller (NCSG)
01:21:07
Let’s meet in Belgium!
Mark Svancarek (BC) (marksv)
01:21:19
@Milton that sounds great!
Berry Cobb
01:21:20
As noted, Staff is investigating options for F2F. Brussels is one possible option.
Alan Woods (RYSG)
01:21:32
@Hadia .. I would love to, but alas as my work bought the tickets - it would be a bit awkward! :(
Milton Mueller (NCSG)
01:21:39
we can have beers with the DPA. ;-)
Mark Svancarek (BC) (marksv)
01:21:51
:-) :-) :-)
Milton Mueller (NCSG)
01:21:56
Belgian beer is the best (sorry, UK)
Mark Svancarek (BC) (marksv)
01:22:07
also waffles
Milton Mueller (NCSG)
01:22:31
Naw, do Waffle House
Mark Svancarek (BC) (marksv)
01:22:37
:-(
Marika Konings
01:22:55
As Berry noted, staff is investigating F2F option but there are several factors that may impact a decision on that. As such, the group should also plan and prepare for how to get the work done if it is not possible to have another F2F.
Brian King (IPC)
01:23:10
Smothered and covered, Milton ;-)
Amr Elsadr (NCSG)
01:23:32
I’ve heard that the ICANN Brussels office has a new meeting room large enough to accommodate us. Is this true?
Volker Greimann (RrSG)
01:23:41
Lets try to cover all eventualities
Milton Mueller (NCSG)
01:23:52
Marika is correct, alas. So many travel-related uncertainties now
Brian King (IPC)
01:24:32
Thank you to staff for working hard on herding cats to bring us together.
Thomas Rickert (ISPCP)
01:24:34
Janis - Paris - Brussels is almost walking distance for you, right?
Berry Cobb
01:24:36
@ALL - staff is working the issues based on capacity requirements and costs and ability to even travel. Thank you for the options. We got it.
Chris Disspain (ICANN Board Liasion)
01:25:06
this may not matter but just to let you know there is currenlty a board workshop planned for Paris on 1 though 4 May
Laureen Kapin (GAC)
01:25:44
Vote against three hour conference calls. Efficiency and focus plummets after 2 hours.
Amr Elsadr (NCSG)
01:26:06
@Laureen: +1
Volker Greimann (RrSG)
01:26:23
Actually, it already drops off after 1 hour, but we are fighters
Berry Cobb
01:26:36
https://docs.google.com/document/d/1xlw1N7omlgPKjag_FnOy03NRvByol8IaJma5zNPkWaY/edit
Marc Anderson (Verisign / RySG)
01:26:41
agreed Laureen
Milton Mueller (NCSG)
01:26:53
I think efficiency was sacrificed before the multistakeholder god some time ago
Berry Cobb
01:27:32
https://mm.icann.org/pipermail/gnso-epdp-team/attachments/20191102/e8cd309e/15.1DataRetention_ReviewofICANNOrgProcesses-1nov19-0001.pdf
Laureen Kapin (GAC)
01:27:40
An enlightened dictatorship would be more efficient ;-) --
Amr Elsadr (NCSG)
01:28:32
@Berry: Thanks for the links. :-)
Milton Mueller (NCSG)
01:28:53
I volunteer to be dictator, Laureen
Thomas Rickert (ISPCP)
01:28:56
Milton - stakeholder has „hold“ in it, not „run“
Milton Mueller (NCSG)
01:28:57
Am very enlightened
Alan Woods (RYSG)
01:29:17
OK by me.
Volker Greimann (RrSG)
01:29:32
no
Owen Smigelski (RrSG / Namecheap)
01:29:35
No
Amr Elsadr (NCSG)
01:29:49
Don’t see any reason to think differently on this.
Hadia Elminiawi (ALAC)
01:30:06
Lets go ahead and confirm the recommendation
Volker Greimann (RrSG)
01:30:13
Can we do the rest of our work with this speed too?
Amr Elsadr (NCSG)
01:30:15
Hahaha.
Marc Anderson (Verisign / RySG)
01:32:07
sorry, if I missed this, but are we skipping agenda item 6?
Marc Anderson (Verisign / RySG)
01:32:11
6. Feasibility of unique contacts (priority 2) (30 minutes)a) EPDP Team to review Legal Committee proposalb) Confirm next steps
Marika Konings
01:32:27
That item has been deferred to the next meeting as we are still awaiting the legal committee proposal
Amr Elsadr (NCSG)
01:34:10
@Janis: What you were told is correct, and I’m getting a panic attack recalling them!! :)
Brian King (IPC)
01:34:30
IPC may be one of the main culprits responsible for the length of that discussion, I admit.
Milton Mueller (NCSG)
01:34:54
thank you for your admission, Brian :)
Brian King (IPC)
01:35:32
:-)
Brian King (IPC)
01:36:02
Can't hear Volker
Marika Konings
01:36:05
Volker, you need to unmute
Amr Elsadr (NCSG)
01:36:51
@Volker: +1
Brian King (IPC)
01:37:09
For clarity, this is nearly identical to the language used in the .eu Regulation (SSR)
Mark Svancarek (BC) (marksv)
01:38:21
I am bracing for 1000 hours of discussion as we each propose specificity
Milton Mueller (NCSG)
01:38:39
yep
Brian King (IPC)
01:39:05
it's tough to get specificity without conflation
Amr Elsadr (NCSG)
01:39:17
@MarkVS: Right!! Which explains my panic attack!!
Brian King (IPC)
01:40:43
Thanks, Alan W. Just noting that it's the same Purpose.
Stephanie Perrin (NCSG)
01:41:00
+1000 Mark SV
Volker Greimann (RrSG)
01:41:03
We should probably do that on list
Alan Woods (RYSG)
01:41:48
again for the record my suggestion was to rely on the purposes already as stated … what was missing?
Volker Greimann (RrSG)
01:41:50
Amr bringing balance to the EPDP
Thomas Rickert (ISPCP)
01:41:58
the EDPB explicitly said we must not have language like „including...“
Brian King (IPC)
01:42:40
"The Registry shall set up and manage, with due diligence, a WHOIS database facility for the _purpose_ of ensuring the security, stability and resilience of the .eu TLD by providing accurate and up-to-date registration information about the domain names under the .eu TLD."
Brian King (IPC)
01:42:44
https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019R0517&from=EN
Milton Mueller (NCSG)
01:42:58
it would be good for Brian to answer AlanW’s question: what is missing from existing purposes?
Hadia Elminiawi (ALAC)
01:43:12
Janis this is what I was going to suggest
Marika Konings
01:43:20
As a reminder, there is already purpose 3: “Enable communication with the Registered Name Holder on matters relating to the Registered Name;”
Alan Woods (RYSG)
01:43:23
note Brian that is also relating to a registry .. not ICANN
Amr Elsadr (NCSG)
01:44:30
I would say that Emily’s suggestion is a little more specific than what purpose 3 offers. Speaks specifically to SSR, which to me, is a legitimate ICANN purpose.
Alan Woods (RYSG)
01:45:03
Hadia... I couldn't possibly quantify what it means … and I have to write those policies!
Alan Woods (RYSG)
01:45:25
so we need to be careful with not just 'passing the buck' that is exactly what we need to avoid.
Hadia Elminiawi (ALAC)
01:47:00
@Marc No what I am proposing is listing the possible processing activities associated with this purpose. I am not talking about others purposes - again I am talking about the Processing activity associated with the process
Alan Greenberg (ALAC)
01:47:27
I HAD MY HAND UP AND IT GOT TAKEN DOWN!
Becky Burr (ICANN Board Liaison)
01:48:40
Is ICANN access for compliance purposes covered by another purpose?
Milton Mueller (NCSG)
01:48:50
yes
Amr Elsadr (NCSG)
01:48:56
@Becky: It is.
Marika Konings
01:48:57
Purpose 5: i) Handle contractual compliance monitoring requests and audit activities consistent with the terms of the Registry agreement and the Registrar accreditation agreements and any applicable data processing agreements, by processing specific data only as necessary;ii) Handle compliance complaints initiated by ICANN, or third parties consistent with the terms of the Registry agreement and the Registrar accreditation agreements.
Marc Anderson (Verisign / RySG)
01:48:59
@Becky yes
Becky Burr (ICANN Board Liaison)
01:49:06
thanks.
Milton Mueller (NCSG)
01:50:56
no, it was a product of them understanding very well how we work
Volker Greimann (RrSG)
01:51:16
Yes Alamn, but how.
Amr Elsadr (NCSG)
01:51:36
@AlanG: I believe it was the EC, not the EDPB, that provided feedback on this. The EC is represented on this team, is it not?
Franck Journoud (IPC)
01:51:57
Janis: welcome back to the 1000 hours you missed...
Alan Woods (RYSG)
01:51:59
purposes are supposed to be specific - if we after a year of deliberations could not come up with additional ones then I worry that we are back to an all you can eat buffet - which is anathema to purpose limitation.
Milton Mueller (NCSG)
01:52:09
LOL Franck.
Thomas Rickert (ISPCP)
01:52:26
AlanG, yiu need to be specific. if you like it or not, it’s the law
Alan Greenberg (ALAC)
01:52:34
@aMR, THAT MAY BE CORRECT, BUT MY POINT STILL STANDS.
Alan Greenberg (ALAC)
01:52:45
Oops - sorry for caps.
Marc Anderson (Verisign / RySG)
01:52:49
Hadia's audio is cutting out for me... I'm having a hard time hearing what she's saying.
Milton Mueller (NCSG)
01:52:57
I’m afraid AlanW is right. We are back to the reason we couldn’t pass purpose 2 in the first place
Alan Woods (RYSG)
01:52:57
...that the law should be disregarded?
Amr Elsadr (NCSG)
01:53:09
@AlanG: I don’t see why the EC has the limited understanding of our work, which you suggest. No worries about the caps. :-)
Hadia Elminiawi (ALAC)
01:54:34
This is one of the very few times where we actually got an actual advice and solution from the EU commission
Amr Elsadr (NCSG)
01:56:25
Just citing SSR is too vague and possibly broad. How is ICANN supposed to implement that? Specifically? If we’re not going to have that conversation here, then we might as well just drop this purpose altogether.
Milton Mueller (NCSG)
01:57:36
by “as is,” Georgios do you mean the old purpose 2?
Brian King (IPC)
01:57:41
"To exercise its role as data controller in contributing to the SSR..."
Margie Milam (BC)
01:59:47
+1 Georgios & Brian
Chris Lewis-Evans(GAC)
02:00:09
"through the operation and processing of data within the SSAD"
Chris Lewis-Evans(GAC)
02:00:11
?
Brian King (IPC)
02:01:21
"To exercise its role as data controller in the SSAD, contributing to the security, stability, and resiliency of the Domain Name System in accordance with ICANN's mission"
Amr Elsadr (NCSG)
02:01:44
If we do recommend this, we’re basically punting this discussion off to the IRT, which will find itself in a position of needing to either develop policy, or refer this back to the GNSO.
Amr Elsadr (NCSG)
02:03:22
@Marc: +1
Georgios Tselentis (GAC)
02:03:25
@ Amr I agree we need to further develop what the exact role of ICANN in SSAD.. I would not let this for the IRT because I believe it is policy
Stephanie Perrin (NCSG)
02:03:29
We cannot punt something this complex and poorly understood to the IRT
Mark Svancarek (BC) (marksv)
02:03:55
Agree it's our job to do it, not IRT
Mark Svancarek (BC) (marksv)
02:04:36
Could Giorgios provide his suggestion in writing?
Amr Elsadr (NCSG)
02:05:40
What does “SSR of the DNS in accordance with ICANN’s mission” mean?
Amr Elsadr (NCSG)
02:06:15
One of the problems we had in phase 1 was that we disagreed on this.
Amr Elsadr (NCSG)
02:06:36
“this” being the answer to that question. IIRC, Kurt didn’t want us to get bogged down in answering it.
Alan Greenberg (ALAC)
02:06:37
Some 3rd party interests ARE in support of ICANN's purpose of protecting the DNS.
Hadia’s iPhone
02:06:55
+ 1 Milton the disclosure is not the purpose - we do not need to have this in the purpose
Brian King (IPC)
02:07:26
The disclosure itself may not be the purpose, but providing the mechanism to facilitate it is.
Amr Elsadr (NCSG)
02:07:50
@Brian: How is that any different? Do you mind expanding on that?
Alan Woods (RYSG)
02:07:52
Alan - that still does not make their purposes are ICANN's purposes.
Laureen Kapin (GAC)
02:08:44
+1 Margie and support Brian's proposal.
Milton Mueller (NCSG)
02:08:51
no one has explained what is missing from existing purposes
Stephanie Perrin (NCSG)
02:08:52
Is that .eu language taken directly from recent trade agreements? Just checking....
Brian King (IPC)
02:09:51
@Amr it makes my brain hurt trying to elaborate in chat, but it's within ICANN's SSR remit to require whois/SSAD, even if the disclosure of the data itself is not its purpose.
Margie Milam (BC)
02:09:55
that's because we knew we were going to revisit purposes later
Milton Mueller (NCSG)
02:10:09
we were told in phase one that we had to have this conflated purpose because IPC/BC and a few others didn’t trust us to create a SSAD without it. Well, we are full-on creating an SSAD, so why is this purpose needed?
Amr Elsadr (NCSG)
02:10:52
@Brian: The problem is nailing down what is within scope of SSR in an ICANN context. I totally get why this might hurt you head. Hurts mine too. :-)
Amr Elsadr (NCSG)
02:11:15
@Milton: +1
Amr Elsadr (NCSG)
02:11:23
@AlanW: +1
Margie Milam (BC)
02:11:25
Not all ICANN's purposes are covered otherwise
Amr Elsadr (NCSG)
02:11:41
@Margie: Which ones aren’t?
Brian King (IPC)
02:12:08
The big question is: how can we be sure ICANN can "do SSAD" if it's not covered by a purpose? We can't risk having the SSAD being on legally shaky grounds.
Mark Svancarek (BC) (marksv)
02:12:09
999 hours and not a minute more
Margie Milam (BC)
02:12:27
research, helping coordinate responses for cyber attacks etc.
Alan Woods (RYSG)
02:13:05
Brian … because our legal advice and our agreement has said so.
Milton Mueller (NCSG)
02:13:14
do you want to finish creating an SSAD so you can get disclosure, or would you prefer to spend our remaining time debating a purpose about disclosure?
Brian King (IPC)
02:14:26
@Milton that's a false choice. The concern is that we don't establish a purpose and we create an SSAD which someone later attacks, alleging that ICANN has no purpose to do it, and then it goes away.
Amr Elsadr (NCSG)
02:14:52
@Volker: +1
Mark Svancarek (BC) (marksv)
02:15:02
Can we move to the list? After listening I think I have an idea
Mark Svancarek (BC) (marksv)
02:15:09
to develop and share on list
Milton Mueller (NCSG)
02:16:07
it’s not going to go away, Brian, although its methods and rationales for disclosure will be subject to legal challenge
Milton Mueller (NCSG)
02:16:25
so we are all committed to creating an SSAD
Milton Mueller (NCSG)
02:17:07
it is perfectly lawful to disclosure the data to LEAs, third parties with legitimate interests, etc, we don’t need a broad, overreaching purpose to do that
Amr Elsadr (NCSG)
02:17:29
@Stephanie: +1
Matthew Crossman (RySG)
02:17:40
Flagging the ICO guidance on formulating purposes and the importance of purpose limitation for us to consider: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/principles/purpose-limitation/
Margie Milam (BC)
02:17:42
this isn't a third party purpose discussion - its an ICANN one
Margie Milam (BC)
02:17:54
other examples: implementing policies
Brian King (IPC)
02:18:01
If the argument against it is "we don't need it" and we think we do need it, why not just include it?
Alan Woods (RYSG)
02:18:16
+1 Stephanie! very wonderfully put
Milton Mueller (NCSG)
02:18:37
because as several people have pointed out, the purpose definition offered conflates icann purposes with third party purposes, which is illegal
Brian King (IPC)
02:18:59
We removed the conflating language as the EC suggested.
Milton Mueller (NCSG)
02:19:04
nope
Thomas Rickert (ISPCP)
02:19:05
well said, Stephanie
Margie Milam (BC)
02:19:24
move it to the legal committee for advice - don't assume its illegal Milton
Milton Mueller (NCSG)
02:19:42
we have a clear statement on that already
Margie Milam (BC)
02:19:47
no we dont
Volker Greimann (RrSG)
02:20:37
Berry +1
Volker Greimann (RrSG)
02:22:42
I like it
Margie Milam (BC)
02:23:24
Please don't assume our intention Milton
Margie Milam (BC)
02:23:30
you misunderstand us
Hadia Elminiawi (ALAC)
02:23:45
+1 Berry
Margie Milam (BC)
02:24:00
I haven't said that
Thomas Rickert (ISPCP)
02:24:27
Doesn‘t the mere fact that this big group of bright people
Thomas Rickert (ISPCP)
02:25:12
has such a hard time coming up with a meaningful purpose indicate that there just might not be one :-)???
Milton Mueller (NCSG)
02:25:21
compliance is covered by an existing purpose
Thomas Rickert (ISPCP)
02:25:49
Engineering purposes is not really what we should be doing.
Milton Mueller (NCSG)
02:26:36
all of what Margie said are covered by existing purposes
Brian King (IPC)
02:26:42
@Thomas, to be fair, that was specifically requested of me on this call
Thomas Rickert (ISPCP)
02:27:06
Yes, Brian, and I am not against trying and understanding what is missing.
Margie Milam (BC)
02:27:09
please cite exactly where its covered
Thomas Rickert (ISPCP)
02:27:28
HOwever, the more we talk about it, we do not seem to be able to land on purposes that are not yet covered elsewhere.
Milton Mueller (NCSG)
02:27:54
there’s a compliance purpose. There’s a udrp/contract purpose
Thomas Rickert (ISPCP)
02:27:54
...and I thank you for driving this, Brian
Brian King (IPC)
02:28:26
@Thomas, my pleasure :-)
Berry Cobb
02:28:48
I will stop sharing my screen to prep for the next call.
Brian King (IPC)
02:31:10
SSAD is not covered by an existing purpose
Franck Journoud (IPC)
02:32:08
I have to jump off. Talk to y'all soon.
Margie Milam (BC)
02:32:23
I have to jump off
Brian King (IPC)
02:32:24
I'm happy to work with Volker, thanks.
Hadia Elminiawi (ALAC)
02:32:49
- bye all
Volker Greimann (RrSG)
02:32:52
The team is back togethr
Brian King (IPC)
02:33:13
woohoo
Georgios Tselentis (GAC)
02:33:15
thank you bye
Amr Elsadr (NCSG)
02:33:15
Thanks all. Bye.