Greetings from the Office of the Ombudsman. The Ombuds team is available virtually and in person at this hybrid Policy Meeting. Our office is in Rio Grande 1 and our Zoom link for the virtual office is on the Main Meeting page in Conversations. Wear your masks, social distance, and ask permission before shaking hands or hugging. Stay safe and be kind.

Hello, my name is Gulten Tepe Oksuzoglu and I will be monitoring this chat room. In this role, I am the voice for the remote GAC participants.GAC Members who wish to submit a question or comment that you want to be read aloud on the mic, please type your question or comment in English and start with a <QUESTION> and end with a “</QUESTION>” or <COMMENT> </COMMENT>. Text outside these quotes will be considered as part of “chat” and will not be read out loud.Time permitting, we'd like to get to all comments and questions, but we will give priority to comments and questions from GAC members.Be assured that if we don't have time for reading all, the chat transcript is preserved in the meeting records.This session includes “live” interpretation in the 6 UN languages, plus Portuguese.All chat sessions are being archived and follow the ICANN Expected Standards ofBehavior: https://meetings.icann.org/en/expected-standards-behavior.

I don't think PSWG indicated that Org can not respond to accuracy complaints. Indeed this is a crucial obligation of ICANN Compliance.

For a review of impact of GDPR on ICANN Compliance ability to enforce WHOIS Accuracy obligations, please see https://www.icann.org/en/blogs/details/enforcement-of-registration-data-accuracy-obligations-before-and-after-gdpr-14-6-2021-en.

Dear ICANN, Can we get more clarification on Balancing act you are referring to.

as a multistakeholder community organization, inclusiveness is IMO at the hear of its model - that’s why we attach so much importance to it and to the need of operationalizing this notion. As Manal mentioned, the thinking goes into the direction of considering meaningful participation of all community groups as a key element.

The balancing test comes from GDPR which has to happen according to European law before data is given out. If a contracted would give out data without it (or doing it wrongly) they can be fined.

hi everyone Frank Anati from Ghana 🇬🇭

This is not an official answer, but see "Step 3: The Balancing Test” in https://www.gdprsummary.com/legitimate-interest-assessment-everything-you-need-to-know/

I had a question with regards to the legal grounds for processing in the SSAD, namely: even with accredited users, each WHOIS query would require to go through the balancing test to comply with the regulation. Will ICANN take up the role of centralised clearing house for WHOIS requests?

Think I need a further explanation to answer that question,

Can you come to the mike?

Mr. Martinelli, ICANN originally sought to be recognized by data protection authorities as the responsible decision-maker with respect to disclosure of redacted information.

Thank you for your answer. If I understand correctly, there would be a legitimate interest evaluation for each whois query? Or, would a generic purpose disclosure on behalf of all accredited users justify indiscriminate access to thick whois data in connection to any domain?

I think the concern expressed was that the timing requirements to respond to requests relating to cyber security threats were not properly prioritized.

Indeed, Velimira made very clear that point. +1 Laureen

Thank you Goran, Is there a link to the data protection board legal guidance?

You can find all correspondence on the correspondence page at ICANN.

https://www.icann.org/resources/pages/correspondence

Is the EC position that GDPR did not effect access to the WHOIS?

Thank you very much for your participation everyone

thanks all and bye!

Thank you all for this respectful and professional session. Stay safe and be kind