Logo

Julie Bisland's Personal Meeting Room - Shared screen with speaker view
James Bladel (RrSG)
28:41
Good morning/afternoon EPDP Pioneers!
Mark Svancarek (BC) (marksv)
29:06
It's the Oregon Trail of PDPs!
Berry Cobb
30:00
Open Action Items: https://community.icann.org/display/EOTSFGRD/Action+Items+-+Phase+2
Berry Cobb
30:41
Compilation of Early Input: https://docs.google.com/document/d/13ynT-XM5CDDyTDW0rsZdpt91ym7QrjUD/edit
Mark Svancarek (BC) (marksv)
30:43
Next week works for BC
Georgios Tselentis (GAC)
38:47
Sorry Caitlin for when is the briefing from B&B?
Amr Elsadr (NCSG)
40:53
@Janis: Of course. Hopefully, only positive minds.
Stephanie Perrin (NCSG)
41:17
apologies fr being late, zoom problems
Brian King (IPC)
43:33
I think we missed that, with apologies. Thank you, Caitlin.
Amr Elsadr (NCSG)
43:53
Thanks Caitlin. That’s very helpful.
Amr Elsadr (NCSG)
45:21
Won’t object, but just noting that there are holidays across the region here next week.
Brian King (IPC)
49:31
That is Alex
León Sanchez (ICANN Board Liaison)
50:14
I need to leave the call now as I have an overlapping call with the Board. Thanks everyone
Amr Elsadr (NCSG)
52:34
Anybody have the link to the google doc on the screen handy?
Berry Cobb
52:44
https://docs.google.com/document/d/1iK9ygUOo8ntLWC_7dx3bS195W2ivkqHH/edit
Amr Elsadr (NCSG)
52:55
Thanks Berry. Saw you copying it. :)
Sarah Wyld (RrSG)
53:07
Thanks Berry
Amr Elsadr (NCSG)
55:32
Do we get to react to Greg’s responses?
Farzaneh Badii (NCSG)
59:31
Responsibility to disclose is not a safeguard.
Tatiana Tropina (NCSG alternate)
01:00:09
+ 1 to Amr, are we able to respond to responses?
Farzaneh Badii (NCSG)
01:00:35
Can we respond?
Farzaneh Badii (NCSG)
01:00:49
I don’t feel our comments were actually addressed
Tatiana Tropina (NCSG alternate)
01:01:28
I do not believe they were, and when they were, IMO, this warrants some further clarification
Janis Karklins (Chair)
01:01:33
yes, Amr, you are in line
Tatiana Tropina (NCSG alternate)
01:01:33
to say the least
Amr Elsadr (NCSG)
01:01:44
Thanks, Janis.
Farzaneh Badii (NCSG)
01:04:58
There is a lot of speculation in this. (Probably malicious , probably innocent…)
Volker Greimann (RrSG)
01:07:49
can we get this in writing?
Farzaneh Badii (NCSG)
01:07:57
I didn’t know we had to go through these slides.
Margie Milam (BC)
01:09:14
this is really helpful & informative
Volker Greimann (RrSG)
01:09:25
Bit long though.
Mark Svancarek (BC) (marksv)
01:10:04
A lot of investigation happens before asking for contact info.
Alan Woods (RYSG)
01:11:42
So you want to build an actual case prior to requesting a 6(1)f and try and figure out those factor that tip the balance in favour for disclosure for a 6(1)f ..... on a case by case basis.
Alan Woods (RYSG)
01:11:47
yup
Farzaneh Badii (NCSG)
01:11:54
Why is attribution important in this case?
Farzaneh Badii (NCSG)
01:12:53
Courts have issued subpoenas without personal data in WHOIS. You can stop the attack without knowing who is behind it
Farzaneh Badii (NCSG)
01:13:54
if you want to help DoJ to issue indictments and name the attackers that’s another matter. That is not really cybersecurity that is attributing to punish the attacker which is far outside of SSAC mandate
Berry Cobb
01:14:37
That is the preference. Response in the goog doc. Thank you.
Farzaneh Badii (NCSG)
01:14:38
So then this is not the final reading of SSAC use case
Volker Greimann (RrSG)
01:15:18
Still not getting it. When we see such incidents, the registration data between domains involved usually does not match
Ben Butler (SSAC)
01:15:58
We (SSAC) attempted to respond and incorporate comments on the google doc as of yesterday afternoon (PDT). Many of the NCSG comments were input later. We can take another pass at it.
Farzaneh Badii (NCSG)
01:16:22
that is true Ben and I am sorry about that. Appreciate a response
Amr Elsadr (NCSG)
01:16:25
@Ben: Would be very much appreciated. Apologies for the late input on our part. Doing what we can.
Volker Greimann (RrSG)
01:16:54
This seems to indicate that you find most of the relevant information without need for requesting personal information either
Sarah Wyld (RrSG)
01:17:04
+1 Tatiana
Farzaneh Badii (NCSG)
01:17:12
+1 Tatiana
Amr Elsadr (NCSG)
01:17:27
@Tatiana: +1!!
Alan Woods (RYSG)
01:17:34
+1
Tatiana Tropina (NCSG alternate)
01:19:38
when private parties have the info, totally, yes
Farzaneh Badii (NCSG)
01:19:40
What do you want to do with attribution?
Tatiana Tropina (NCSG alternate)
01:20:01
I was responding to the comments that private parties need to attribute to report to LEA
Farzaneh Badii (NCSG)
01:20:01
we co-authored that paper. Had 3 more authors on it Greg.
Farzaneh Badii (NCSG)
01:22:13
And in fact not all private investigators use whois data to do attribution. And when they do attribution they attribute it to a State. Not individuals.
Sarah Wyld (RrSG)
01:22:37
+1 James
Volker Greimann (RrSG)
01:25:05
and that’s the information you put into you 6, 1f request
Volker Greimann (RrSG)
01:25:43
And we will balance it approporiately
Amr Elsadr (NCSG)
01:26:08
@Margie: Sounds like you’re also proposing that balancing tests (which are required by law) cannot take place.
Brian King (IPC)
01:26:19
Well said, Margie
Amr Elsadr (NCSG)
01:27:08
Appreciate that private investigators have needs. So do data subjects. The needs of the former cannot supersede the needs of the latter.
Tatiana Tropina (NCSG)
01:27:45
I appreciate, too. But I was talking about particular responses to the comments to the doc (about attribution and reporting to LEA). Now it’s all over the place which wasn’t my intent
Margie Milam (BC)
01:28:22
@ Amp - some legal bases do not require balancing tests; some might require balancing, but we are getting legal advice to see if safeguards and certification can shift the balance so that there is no need for manual review of each request
James Bladel (RrSG)
01:28:25
Doesn’t sound like me, I LOVE anecdotes….
James Bladel (RrSG)
01:28:47
As long as they’re qualified as such, I suppose!
Mark Svancarek (BC) (marksv)
01:28:55
:-)
Volker Greimann (RrSG)
01:29:00
so a court order was still needed for that.
Farzaneh Badii (NCSG)
01:29:19
SSAC use case legal basis is 6(1)(f) . Nothing else. It needs balancing test.
Sarah Wyld (RrSG)
01:29:22
Isn't this exactly what Law Enforcement is for? I dont think individual citizens typically investigate illegal activiites they're a victim of...
Sarah Wyld (RrSG)
01:30:35
And even if the legal basis is not one that requires a balancing test specifically, for all requests we must ensure that there is a valid legal basis, the requestor is accredited, the requested data is minimized and releveant, etc. Ther's a lot that is hard to automate even for requests not under 61f
Volker Greimann (RrSG)
01:30:38
No, we can’t just rely on LEA. They need to be spoon-fed essential datas and even then manage to mess up the case
Amr Elsadr (NCSG)
01:30:39
@Margie: Yup. 6(1)f is the legal basis that requires a balancing test to be conducted. Appreciate that there is a legal question proposed to clarify the extent to which this is needed. Speaking for myself, agree with those who said that “of course it is” on-list.
Margie Milam (BC)
01:30:58
@Farzi- we disagree that f is the only bases and the legal committee is asking input from B&B on the scope of the others
Tatiana Tropina (NCSG)
01:31:16
Chris, if there is such a need and it’s legitimate I would like to hear what legal basic for this one would be, because I am not aware of the requirement to attribute before reporting to LEA and certainly recital 50 is not the basis.
Amr Elsadr (NCSG)
01:31:24
Also…, not convinced that any of the legal bases in this use case are actually applicable, apart from 6(1)f, considering that this use case is about private investigators, and not a competent authority.
Sarah Wyld (RrSG)
01:31:39
Wasn't Farzaneh's point that this specific use case has indicated 61f is the basis, so that's the one we must consider here & now?
Farzaneh Badii (NCSG)
01:31:48
If you want to attribute to bring charges, law enforcement has to be involved! At least I think so. (With the caveat of good law enforcement, not the ones that violate human rights
Volker Greimann (RrSG)
01:31:49
that kind of anonymization likely won’t fly
Margie Milam (BC)
01:32:04
@Amr - legal advice will guide us - see the letters from the European Commission that note the other bases that apply
Ben Butler (SSAC)
01:32:12
In the specific phishing example, we completely agree. It is a 6(1)f.
Volker Greimann (RrSG)
01:32:17
Since it allows cross referencing, it must already be considered personal information, just like IP addresses
Sarah Wyld (RrSG)
01:32:45
Thank you @Ben. So, for 61f, balancing test is required
Ben Butler (SSAC)
01:32:51
Of course
Georgios Tselentis (GAC)
01:33:13
@Volker What kind of anonymization wont fly? and why?
Sarah Wyld (RrSG)
01:33:22
+1 Alan
Farzaneh Badii (NCSG)
01:33:29
Thanks Ben. But we believe 6(1)(f) all the requests by cybersec researchers .
Chris Lewis-Evans (GAC)
01:34:07
@Tatiana there is no requirement to attribute to a natural person but if you can attribute multiple domains to one malicious actor you will get a higher level of response.
Brian King (IPC)
01:34:48
6.1.f is not the only applicable legal basis for the disclosure here
Milton Mueller (NCSG)
01:34:56
It is, in fact
Ben Butler (SSAC)
01:35:00
Happy to talk through fringe examples where a different basis may apply, but in the interest of time on the calls, we can do so either offline or in LA
Volker Greimann (RrSG)
01:35:22
also, this is not the usual level of detail in the disclosure requests we get.
Volker Greimann (RrSG)
01:35:42
If it were, we’d be able to comply with more
Volker Greimann (RrSG)
01:36:02
most are just: string x matches string y, now give us the data
Farzaneh Badii (NCSG)
01:36:34
Yes the court did.
Amr Elsadr (NCSG)
01:36:37
@Hadia: Automation = no balancing test. That’s the short version of automation. Also, data subjects have the right to object to their data being processed in an automated manner.
Milton Mueller (NCSG)
01:36:45
right, Mark it would be a different use case in those instances
Alan Woods (RYSG)
01:37:23
+1 Amr ... not to mention the fact that that would very fundamentally change the processing arena for all parties - including closer nexus to necessity to DPO etc.
Sarah Wyld (RrSG)
01:37:24
That's an interesting point about the right to object to automated processing. Have we considered that yet? Probably sometign we should look inot
Farzaneh Badii (NCSG)
01:37:26
It is a very interesting case which Microsoft did. But it went to court and got permission for 3 months to divert the requests to its server. If that is what you are talking about Mark.
Mark Svancarek (BC) (marksv)
01:37:32
so many use cases! it's a challenge
James Bladel (RrSG)
01:37:34
QUestion for Hadia - When ALAC says that this is “important from an end-user perspective”, does ALAC have any data to support this assertion? I’d be especially interested in seeing how it is prioritized by various cohorts of end users versus online privacy. Thanks.
Sarah Wyld (RrSG)
01:37:48
Good question James
Mark Svancarek (BC) (marksv)
01:38:04
@Farzi, that is one example
Milton Mueller (NCSG)
01:38:11
hang on
Alan Woods (RYSG)
01:38:19
+1 James
Volker Greimann (RrSG)
01:38:27
Actually, over the presentation, I did not really have a chance to look at the changes
James Bladel (RrSG)
01:38:29
Alternatively, if this is one Member’s opinion of what is important to end-users, then I would ask that they qualify these claimns going forward. Thanks.
Ben Butler (SSAC)
01:38:30
@Amr… To clarify your last point… End to end automation (complete automation) = no balancing test. Some aspects that may be required in a balancing test (we think, pending legal advice) may be able to benefit from some automation
Farzaneh Badii (NCSG)
01:38:56
That is totally fine Mark. The court was involved. Microsoft proved that its request was legitimate! In a very clever way actually.
Amr Elsadr (NCSG)
01:38:57
@Ben: That sounds far more balanced to me (no pun intended). ;-)
Ben Butler (SSAC)
01:39:11
We are not attempting to advocate for end-to-end automation. :)
Brian King (IPC)
01:39:38
As we mentioned, automation and the balancing test can co-exist.
Amr Elsadr (NCSG)
01:39:43
Thanks, Ben. That’s very helpful.
Alan Woods (RYSG)
01:40:03
How Brian ... truly ..... based on what.
Hadia Elminiawi (ALAC)
01:40:04
@Amr why do you assume that having a balancing test eliminates the automation possibility also you could have some kind of human intervention at some point in the process and thus it would be GDPR compliant
Farzaneh Badii (NCSG)
01:40:07
Based on which arguments did you draw that conclusion Brian? I missed it
Alan Woods (RYSG)
01:40:25
I would be happy to see how it was possible. That's not a road block, its a I'm genuinely interested.
Brian King (IPC)
01:40:25
I based it on a publication by the WP-29 that said so.
Brian King (IPC)
01:40:44
We're seeking legal advice to flesh out the specifics.
Alan Woods (RYSG)
01:41:13
OK closer. And was that WP29 paper endorsed by the EDPB
Alan Woods (RYSG)
01:41:35
(again not saying no... genuinely interested)
Farzaneh Badii (NCSG)
01:43:42
Thank you Janis.
Brian King (IPC)
01:44:40
Alan I first read it in the one on Article 7 of the Directive from 2014. I'm sure there's more recent stuff to be found.
Volker Greimann (RrSG)
01:45:33
in Germany, private investigations into some of this material is illegal, and rightly so
Hadia Elminiawi (ALAC)
01:45:39
@James it is not either privacy or security. However, I would think that maybe putting together a survey in relation to your question could be beneficial. Personally, my experience is that all regular online users and consumers would like to have mechanisms that ensure that they are safe online.
Stephanie Perrin (NCSG)
01:45:58
which Art 29 Opinion?
Alan Woods (RYSG)
01:46:10
Ok thank you. I'll review again. Truly we are looking for legal basis here and persuaive authority, if I know what we are basing our arguments on, we can be informed and come up with the path forward. Thank you.
Sarah Wyld (RrSG)
01:46:13
+1 Volker
Brian King (IPC)
01:48:25
Steph & Alan one clue is here, top of p. 31: https://iapp.org/media/pdf/resource_center/wp217_legitimate-interests_04-2014.pdf
Sarah Wyld (RrSG)
01:48:30
+1 Amr.
Brian King (IPC)
01:48:43
we can chat offline so as not to be a distraction here
Stephanie Perrin (NCSG)
01:49:23
Amr is correct. And I hate to be repetitive but Jacob Kohnstamm has pointed this out to us. So did Buttarelli in Copenhagen, as I recall
Margie Milam (BC)
01:49:28
There is no need to limit the legal bases now while waiting for the legal advice.....
Ben Butler (SSAC)
01:49:29
@Volker and Sarah, definitely an “in the weeds” point, but 3rd party investigations into those areas are sometimes illegal (like in Germany), but not everywhere. (Speaking as someone who has had to do them on behalf of a 3rd party) Not something we need to go into here though
Milton Mueller (NCSG)
01:49:42
different use case, different use case, different use case...
Sarah Wyld (RrSG)
01:50:00
Ben - Yes, not everywhere. But for this use case on the whole, it seems to me that the info publicly availble should be turned over to LEA who have proper authority to get non-public data for an investigation.
Amr Elsadr (NCSG)
01:50:05
@Margie: Discussing this use case is what we’re doing today, right? We’re just providing our reactions.
Stephanie Perrin (NCSG)
01:50:14
Legal obligations under contract does not turn an independent researcher into a law enforcement body. If they want that status they have to get a delegated authority.
Amr Elsadr (NCSG)
01:50:29
@Stephanie: +1
Milton Mueller (NCSG)
01:50:29
I am representing NCSG obviously. But I am definitely a professor at Georgia Tech
Margie Milam (BC)
01:50:54
just pointing out that we won't resolve it today - we understand there are different views on the legal bases
Stephanie Perrin (NCSG)
01:51:06
And a very fine one, too!
Amr Elsadr (NCSG)
01:51:11
@Margie: Thanks for the clarification. I’m personally fine with that.
Amr Elsadr (NCSG)
01:51:26
No need (or desire) to wrap this use case up today.
Farzaneh Badii (NCSG)
01:51:43
don’t understand why that point was made about Georgia Tech.
Stephanie Perrin (NCSG)
01:52:13
You mean about Milton being a fine prof? Just me being silly, apologies.
Farzaneh Badii (NCSG)
01:52:23
I have a comment
Volker Greimann (RrSG)
01:52:29
Farzaneh, me neither
Farzaneh Badii (NCSG)
01:54:35
No I meant Greg’s comment Steph.
James Bladel (RrSG)
01:55:29
Agree, it was a non-sequitur.
Sarah Wyld (RrSG)
01:58:55
@Berry - Can we please have the link to the doc again
Berry Cobb
01:59:14
https://docs.google.com/document/d/1DBPBL_nIwE8tjaahM1uS3hvIA8FSzPiN/edit#
Hadia Elminiawi (ALAC)
01:59:20
yes we can
Volker Greimann (RrSG)
01:59:49
Do we have to?
Volker Greimann (RrSG)
02:00:04
the icon community has done this discussion to death over and over\
Volker Greimann (RrSG)
02:00:10
icann
Volker Greimann (RrSG)
02:00:42
Let’s not waste time on this again and again. Let’s stick to the settled decision
Farzaneh Badii (NCSG)
02:01:10
In total agreement with Volker.
Sarah Wyld (RrSG)
02:01:27
+1 Volker
Volker Greimann (RrSG)
02:03:08
put it on the website
Amr Elsadr (NCSG)
02:03:09
Is the comment about enhancing trust in the marketplace based on empirical evidence?
Alan Woods (RYSG)
02:03:18
I personally think that from the POV of the utilty of 'Use Cases' - this is a 6(1)f - so the process is the same -
Volker Greimann (RrSG)
02:03:18
Business is done on the website, not the domain
Amr Elsadr (NCSG)
02:03:28
@Volker: +1
Sarah Wyld (RrSG)
02:04:03
So, it's not happened yet - that means no crime has occurred. We're policing potential crimes now?
Sarah Wyld (RrSG)
02:04:10
I've seen that scifi movie
Alan Woods (RYSG)
02:04:17
Minority Report was a great film tho!
Milton Mueller (NCSG)
02:04:22
no it doesn’t Hadia
Milton Mueller (NCSG)
02:04:47
GDPR does not call for what you said it does
Amr Elsadr (NCSG)
02:04:48
It was…, and I think they reached the conclusion that policing potential crimes is not a good thing. ;-)
Amr Elsadr (NCSG)
02:04:57
Referring to the movie.
James Bladel (RrSG)
02:05:04
@Sarah - Tom Cruise doesn’t work here.
Farzaneh Badii (NCSG)
02:05:31
well… there are a wide variety of trust tools. Like trust mark , badge of honor etc
James Bladel (RrSG)
02:05:43
Sorry, but the scenario Hadia is describing is entirely out of scope for our work.
Volker Greimann (RrSG)
02:05:44
If you buy your tickets on a fake site, whois would not have helped yopu
Farzaneh Badii (NCSG)
02:05:50
Whois is just not the necessary tool …
Sarah Wyld (RrSG)
02:05:50
Couldn't a lot of this consumer trust be gained by the RNH consenting to publish their data? If they don want to dislcose it, they shouldn't be obligated to do so
Alan Woods (RYSG)
02:06:01
So are we to supplant the function of the police ?
Farzaneh Badii (NCSG)
02:06:42
goodness. What a consumer —
Farzaneh Badii (NCSG)
02:07:00
Yes verifying through turstmark, BBB, searching on google about reviews
Mark Svancarek (BC) (marksv)
02:07:04
@Sarah - agree that a reputation service might upvote a domain name where the contact data is unredacted and not privacy obscured.
James Bladel (RrSG)
02:07:43
And we continue to say “website” but RDS is associated with domain names.
Sarah Wyld (RrSG)
02:07:51
+1 James!
Amr Elsadr (NCSG)
02:08:17
@Hadia: Verification and validation of contact info, so far as they are requirements in ICANN/CPs contracts are done by Registrars, aren’t they?
Milton Mueller (NCSG)
02:08:41
let’s tap the brakes on this monologue
Farzaneh Badii (NCSG)
02:09:47
how does verification of who is behind a domain name can verify they are selling fake bags or not? is the consumer going to knock on the seller’s door?
Milton Mueller (NCSG)
02:10:32
if the registrant’s name is “evil fraud” then maybe...
Brian King (IPC)
02:11:07
This seems to be a basic and easily articulated use case. Users of the DNS should be able to confirm that the owner of a domain is who they say they are before doing business or interacting with the domain. The 6.1.f test can weigh all the factors, including whether the data is personal data.
Amr Elsadr (NCSG)
02:11:41
@James: +1 on the scope.
Alan Woods (RYSG)
02:11:49
+1 James
Farzaneh Badii (NCSG)
02:12:23
There are a myriad of ways to verify the integrity of the website. since GDPR says disclosure should happen when “necessary” … and when there is no alternative to carry out that purpose. In this use case I can give you at least three more tools to verify the integrity
Amr Elsadr (NCSG)
02:12:51
@Farzaneh: +1
Sarah Wyld (RrSG)
02:13:55
Well said James, thank you
Amr Elsadr (NCSG)
02:14:02
@Sarah: +1
Farzaneh Badii (NCSG)
02:14:23
Pissedconsumers.com website is another to go to
Sarah Wyld (RrSG)
02:15:52
+1 Stephanie!
Farzaneh Badii (NCSG)
02:15:59
+1 Stephanie
Amr Elsadr (NCSG)
02:16:12
Also +1 Stephanie.
Volker Greimann (RrSG)
02:16:18
could not agree more, Stephanie
Brian King (IPC)
02:18:00
Farzaneh, I don't mean to pick, but "necessary" does not mean that there are no alternatives. That is simply not the correct standard.
Amr Elsadr (NCSG)
02:18:35
@Brian: It’s one of the standards for a balancing test when requesting disclosure of personal data of a natural person.
Amr Elsadr (NCSG)
02:18:53
Not the only one, but one of them.
James Bladel (RrSG)
02:18:55
@Margie - “Consumer Choice” and “competition” refers to the Domain Name industry. Not the online economy as a whole.
Amr Elsadr (NCSG)
02:19:11
@James: Yes.
James Bladel (RrSG)
02:19:14
ICANN doesn’t handle online commercial disputes or vendor reputations, for example.
Farzaneh Badii (NCSG)
02:19:35
Also consider that a lot of transactions are consumer to consumer on eBay! And how is eBay involved! eBay is just a platform
Brian King (IPC)
02:19:59
@Amr yes
Alan Woods (RYSG)
02:20:44
Why? it's a 6(1)f ...... again why are we straining the use case. What are the procedural steps in considering a 6(1)f - are there comanalities - the premise of this I think is exceptionally remote... but the process is the same as Greg's review earlier, and any ot her 6(1)f request.
Alan Woods (RYSG)
02:20:54
*commonalities
Stephanie Perrin (NCSG)
02:21:27
My point is precisely that….it is NOT in the global public interest to claim that WHOIS will guide you to an accurate determination of the trustworthiness of a website
James Bladel (RrSG)
02:22:13
As someone (Alan G?) has already mentioned, the RDS does not distinguish between natural and legal.
Amr Elsadr (NCSG)
02:22:17
It isn’t really an over-application of the law, unless we divine a way to ensure that personal data of natural persons will not be included in registration data of legal persons.
Milton Mueller (NCSG)
02:22:47
Greg’s comments about “the public interest” are based on an inaccurate understanding of the bylaws.
Stephanie Perrin (NCSG)
02:23:49
Alan, who is the controller here, ICANN or the registrar? If the registrar, then is it wrt the WHOIS data or the rest of their relationship with the registrant
Stephanie Perrin (NCSG)
02:23:56
which is outside the remit of ICANN
Milton Mueller (NCSG)
02:24:11
In the process of reforming ICANN’s bylaws during the transition (a process Greg was not involved in) we were careful to narrowly define ICANN’s mission precisely so that GPI could not be used to rationalize any thing and everything
Sarah Wyld (RrSG)
02:24:22
+1 Stephanie
Mark Svancarek (BC) (marksv)
02:25:13
Extracting grains felt like extracting teeth
Milton Mueller (NCSG)
02:25:52
;-)
Hadia Elminiawi (ALAC)
02:26:47
This case is limited to legal persons, hence there is no violation to data subjects rights. The EDPB acknowledged that ICANN bylaws go beyond the technical aspects and referred to consumer protection in their July 5th 2018 letter to ICANN. Finally we are not envisioning any sort of automation.
Ben Butler (SSAC)
02:26:52
Have to drop. Thank you all for the comments and discussion.
James Bladel (RrSG)
02:27:00
Sorry, I have a hard stop. Thanks, Janis and colleagues!
Brian King (IPC)
02:27:03
+1 Hadia
Sarah Wyld (RrSG)
02:27:04
Thanks team
Brian King (IPC)
02:27:09
I have to drop too. Thanks all.
Amr Elsadr (NCSG)
02:27:50
Consumers in ICANN-land are registrants, not consumers of websites.
Amr Elsadr (NCSG)
02:28:09
or web-based services.
Farzaneh Badii (NCSG)
02:28:20
Thank you
Hadia Elminiawi (ALAC)
02:28:27
Thank you all bye
Rafik Dammak (GNSO Council Liaison)
02:28:28
Thanks all
Amr Elsadr (NCSG)
02:28:31
Thanks all. Bye.
Chris Lewis-Evans (GAC)
02:28:31
thank you all