Logo

Marika Konings' Personal Meeting Room - Shared screen with speaker view
Chris Lewis-Evans(GAC)
59:47
+1
Milton Mueller (NCSG)
01:02:39
Related to Marika's statement about work on accreditation, Alex should work directly with me to propose something that can serve as the next step
Alan Woods (RySG)
01:10:41
The safeguards require attestation by the Requestor that it has a legal basis for its collection of personal data via the SSAD. Our conclusion above is that CPs will most likely be viewed as controllers for this processing. Accordingly, the main concern for CPs will be that they (rather than a Requestor) have a legal basis for the processing. Where multiple different controllers are involved, the challenge is greater.21 (3.9 Memo on legal basis ) - thanks @matt for finding this
James Bladel (RrSG)
01:19:47
Can we get out of the habit of referring to legal bases by their GDPR designation (“6.1.c” or “6.1.f”). We’re trying to make agnostic policy that will (presumably) map to equivalent legal bases in other laws that may have different numerical addresses. thanks!
Matt Serlin (RrSG)
01:20:29
+1 to James
Alan Woods (RySG)
01:26:21
Not to contradict James... but to further Stepanie's point, regarding consent, I think that 2.2 of the 2nd Bird n Bird memo is equally applicable to this .... "Consent2.2 Under Art 6(1)(a), personal data may be published where the data subject hasconsented to the processing. In the context of a disclosure to a law enforcementauthority, the ground is not appropriate as, should the data subject refuse orwithdraw their consent, the processing could not be carried out."
Terri Agnew
01:26:33
15 minutes for caucus (silence until we return)
Farzaneh Badii
01:52:35
Is someone talking? What are we recording?
Andrea Glandon
01:52:45
They have not started yet
Terri Agnew
01:52:49
Nothing is speaking yet, almost ready t start.
Terri Agnew
01:52:53
**no one
Milton Mueller (NCSG)
01:53:59
Nothing is speaking? who is nothing? I wish he would be quiet
Terri Agnew
01:54:10
Almost ready to start.
Terri Agnew
01:54:58
Sorry, typo.
Terri Agnew
01:55:15
We are starting
Chris Lewis-Evans(GAC)
02:03:14
Suggested text ….at a minimum its function of processing which requires the disclosure of personal data.
stephanieperrin
02:04:51
sounds good, although you will need additional data points to support that
Alan Woods (RySG)
02:09:47
for reference the Stephanie's points are well investigated in thelegal memo on legal basis - from 2.8
Marc Anderson (RySG)
02:22:14
In relation to Recommendation #1, Purpose 2, everyone appears to agree that this is firmlywithin the scope of the EPDP Team to address as part of its phase 2 deliberations as the originallanguage was already flagged as a placeholder pending further consideration during phase 2.As such, the Council does not expect it will need to take further action in the context of AnnexA-1 Section 6 of the ICANN Bylaws and would accept the Board’s non-adoption, but the Councilwill consult with the EPDP Team to ensure it prioritizes and carefully considers the Board’srationale for the non-adoption of purpose 2 as part of its deliberations and subsequent work onthis purpose. After such consideration, the EPDP should report back to the Council with itsupdated language.
Alan Woods (RySG)
02:25:00
It's a 'backstop'.
Alan Woods (RySG)
02:25:06
(sorry Chris)
Farzaneh Badii (NCSG)
02:30:29
Ha? Sound gone
zzzJennifer Gore (IPC Alternate)
02:30:31
I lost sound
Andrea Glandon
02:30:38
Checking on the sound
zzzJennifer Gore (IPC Alternate)
02:31:09
Thank you
Farzaneh Badii (NCSG)
02:31:40
thank you
Terri Agnew
02:37:03
15 min to work on proposal, will be silence during this time.
Terri Agnew
03:01:43
Almost ready to begin.
Matt Serlin (RrSG)
03:06:24
back
Farzaneh Badii (NCSG)
03:07:28
Audio faint
Terri Agnew
03:07:59
Will adjust, one moment
Farzaneh Badii (NCSG)
03:08:18
might just be Mark’s mic
Terri Agnew
03:09:17
@Farzaneh, any better?
Farzaneh Badii (NCSG)
03:09:40
I think so yes
Farzaneh Badii (NCSG)
03:22:15
security researchers are not always dealing with criminals
Farzaneh Badii (NCSG)
03:22:55
As we said a number of times, registrants domain name might have been hijacked etc.
Farzaneh Badii (NCSG)
03:25:45
no you can’t frame this as we are all benefiting from disclosure in all the instances.
Farzaneh Badii (NCSG)
03:27:03
Also charging the requestor make them be more accountable in their requests and make them think for a moment before asking for personal data.
Alan Woods (RySG)
03:29:56
apologies @markSV - it was Alan G who said that ... right direction ... wrong person.
Farzaneh Badii (NCSG)
03:30:44
The harm to the structure of the system is done by one bad actor. we should not punish all the domain name registrants and have access for free because of ONE bad actor we are fighting with.
Farzaneh Badii (NCSG)
03:31:33
Our policies are going to be general and going to apply to bad actors and good actors.
Farzaneh Badii (NCSG)
03:33:24
Audio back
Farzaneh Badii (NCSG)
03:35:07
We can’t punish the innocent give free access to their data because there are bad actors out there
Farzaneh Badii (NCSG)
03:38:00
there are actual businesses that profit from access to such data and make money out of it. That has nothing to do with “public good” . Even if they are “security firms”
Farzaneh Badii (NCSG)
03:38:55
Alan G, outrageous was when we made domain name registrants pay for their privacy.
Volker Greimann (RrSG)
03:40:06
Actually, privacy services usually provide a service that goes far beyond the simple hiding of their data that is well worth the fees we charge for it
Farzaneh Badii (NCSG)
03:40:52
I meant the redaction part. Many don’t know about proxy privacy services.
Farzaneh Badii (NCSG)
03:44:29
Some Trademark owners have been exerting costs on the public for a LONG TIME! Can point you to some good research done on this.
Ashley Heineman (GAC)
03:44:33
I feel like we are often in agreement, when we don't use inflamatory language.
Ashley Heineman (GAC)
03:45:18
Let's not use "cost causers"
Farzaneh Badii (NCSG)
03:45:33
It gets inflamed when domain name registrants are bracketed as “bad actors” and we are talking about disclosing the potential trademark violator who should be afforded due process.
Farzaneh Badii (NCSG)
03:45:50
as the cost causer
Farzaneh Badii (NCSG)
03:46:21
Yes exactly +1 Milton. It doesn’t mean they are guilty. it means you have a claim and you make allegations
Farzaneh Badii (NCSG)
03:48:58
Some actually make profit by having access to this data. IT’s not all about happy secure world. It’s about their profit as well. So .. why shouldn’t they pay.
Milton Mueller (NCSG)
03:50:02
Cost causer is an economic science term. How this gets framed as inflammatory is beyond me
Milton Mueller (NCSG)
03:50:21
it's a;lso commonly used in the accounting discipline
Milton Mueller (NCSG)
03:51:07
I do like the idea of inflammatory accountants, however, lends interest to a field that is often written off as boring
Farzaneh Badii (NCSG)
03:53:53
well no one said that registrars must recover all their costs ...
Farzaneh Badii (NCSG)
03:53:59
I didn’t hear it at least.
Milton Mueller (NCSG)
04:01:19
Thomas is correct; CALEA in the US requires fairly large payments from LEAs to telecom companies for lawful intercepts. And of course, the system is usage-sensitive in that every intercept incurs a new cost
Milton Mueller (NCSG)
04:02:08
No way in heck that this disclosure system would be as expensive as CALEA intercepts, however but the principle is the same
Milton Mueller (NCSG)
04:03:45
I also think registering in the Trademark Cleaninghouse costs money
Milton Mueller (NCSG)
04:04:35
I'd be ok with splitting the capital costs off from the other 4 costs we identified
Terri Agnew
04:06:50
Lunch break - back in one hour.