Logo

Julie Bisland's Personal Meeting Room - Shared screen with speaker view
Thomas Rickert (ISPCP)
38:54
Hi all!
León Sanchez
39:01
Welcome Thomas!
Matthew Crossman (RySG)
39:22
Hi folks - just as an FYI I am taking over for Kristina Rosette on this team
Matthew Crossman (RySG)
39:29
Looking forward to working with all of you!
Andrea Glandon
39:46
Thank you, Matthew
caitlin.tubergen
40:12
The agenda now includes the questions submitted as homework. Thank you to Brian, Volker, and Margie!
Brian King (IPC)
40:45
happy to help. Kudos to Volker who shouldered most of the work
Volker Greimann (RrSG)
43:09
It was nothing, really.
Andrea Glandon
43:57
Tatiana is an apology, Stephanie is taking her place
Tara Whalen (SSAC)
51:44
+1 on clarifying opt-out
Volker Greimann (RrSG)
53:05
but that rabbit hole is essential to this discussion
Tara Whalen (SSAC)
55:14
Yes, I agree with Stephanie that it’s not reasonable to enumerate all possible steps here (especially technical safeguards)
Volker Greimann (RrSG)
56:15
Oh, you can demand, but any “consent” thus given is invalid as it is not freely given
Stephanie Perrin (NCSG)
58:20
I am just worried that we are going into an endless loop with counsel re the risks.
Brian King (IPC)
59:23
Good concern, Dan. Noted. I'd be happy to fine-tune that sentence to alleviate that concern.
Daniel Halloran (ICANN Org)
59:35
Thank you Brian
Stephanie Perrin (NCSG)
01:02:28
I donate see how they can estimate the risk level.
Stephanie Perrin (NCSG)
01:03:46
Better to ask about what kind of techniques would best mitigate the risk. Accept requests from a rogue regime, all risk estimates go out the window. This is my principal objection to ICANN running this thing, how do they tell Iran to go awayÉ
Margie Milam (BC)
01:04:47
I think B&B should have read the Phase 1 Reporty
Margie Milam (BC)
01:04:52
that seems like overkill
Thomas Rickert (ISPCP)
01:04:55
You are right, Brian. They should know
Stephanie Perrin (NCSG)
01:05:19
websites run by registrants can indicate political, sexual, and religious preferences, all protected under the European Charter
Brian King (IPC)
01:07:13
I'm happy to add that to my homework
Thomas Rickert (ISPCP)
01:07:17
As I said I am not objecting to sending the question, just cautioning that we might not get the desired repsond.
Thomas Rickert (ISPCP)
01:07:24
I am happy to work with Brian on this!!!
Stephanie Perrin (NCSG)
01:07:30
no matter what you do with this question, you are going to get an it depends answer
Thomas Rickert (ISPCP)
01:07:42
Agreed, Stephanie
Brian King (IPC)
01:08:09
If Caitlin is helping me remember my homework, that's in addition to working on the "opt-out" sentence. For my notes and hers :-)
caitlin.tubergen
01:08:23
Got it, Brian - thanks!
Thomas Rickert (ISPCP)
01:09:33
on Q 4a) Legal literature is clear that 6 I c only works where there is a European legal basis.
Thomas Rickert (ISPCP)
01:09:43
We can still ask to get that confirmed, though.
Volker Greimann (RrSG)
01:10:27
@Thomas: I tried to open it up to non-GDPR cases
Volker Greimann (RrSG)
01:10:54
Makes sense
Stephanie Perrin (NCSG)
01:11:03
I would note that Canadian legal authorities need a legal basis as well.
Thomas Rickert (ISPCP)
01:11:34
@Understood, Volker!
Brian King (IPC)
01:11:36
Yep, that's exactly what we're trying to capture, Stephanie
Thomas Rickert (ISPCP)
01:12:17
Happy to. I hope all the AIs are being noted.
Stephanie Perrin (NCSG)
01:13:06
Surely after umpteen years of the jurisdiction project, Bertrand de la Chapelle would have a handy list of countries which require specific legal authorities and those who do not….I hate to pay for this
Brian King (IPC)
01:18:51
I'm not sure that's the intended distinction, Thomas.
Thomas Rickert (ISPCP)
01:19:40
Sorry if I got that wrong, Brian.
Brian King (IPC)
01:21:22
It was my misunderstanding :-)
Volker Greimann (RrSG)
01:22:05
…without legal basis
Stephanie Perrin (NCSG)
01:23:47
How well have they been briefed on this systemÉ
Stephanie Perrin (NCSG)
01:24:06
In my experience dealing with the Berlin group, there are always surprises
Volker Greimann (RrSG)
01:24:32
we need to limit the ability of abuse as much as possible
Stephanie Perrin (NCSG)
01:24:37
I am aware that systems are never perfect (hey, I worked in government)
Volker Greimann (RrSG)
01:24:47
Because if you open a door for it, people will go through it
Brian King (IPC)
01:25:36
Agreed we should limit the potential for abuse, for the record. And let's be realistic.
Stephanie Perrin (NCSG)
01:25:54
And I think that some requestors (e.g. duly authorized cybercrime investigators) could be automated more easily than others, partly because of the high volume s and the lack of sensitivity of some of the data they are requesting.
Stephanie Perrin (NCSG)
01:26:29
I have to dash at 11 so you will be free of my interruptions soon!
León Sanchez
01:27:01
No interruptions Stephanie! You’re interventions are valuable and very welcome!
Tara Whalen (SSAC)
01:27:32
+1 to that! (to being welcome, not to dashing away)
León Sanchez
01:27:40
Your* not you’re. Autocorrect
Stephanie Perrin (NCSG)
01:27:41
agree with Thomas here….need to have different scenarios
Margie Milam (BC)
01:30:04
agree
Brian King (IPC)
01:30:12
I'd like to move quickly to get these to the plenary for endorsement
Hadia Elminiawi(ALAC)
01:30:13
+1 Leon
Brian King (IPC)
01:33:22
Looks good, thanks
Volker Greimann (RrSG)
01:33:55
i think the question is too open
Stephanie Perrin (NCSG)
01:35:38
agree with Volker. We fought this one out on the RDS group for ages….need to have criteria, sorry to sound like a regulator, need dedicated authority
Stephanie Perrin (NCSG)
01:35:48
Cannot have just any dude in a basement
Volker Greimann (RrSG)
01:36:35
anyone who has ever been successfully sued for unlawful data disclosure should also be automatically excluded from any form of accreditation
Stephanie Perrin (NCSG)
01:36:41
Still need to know that the properly accredited security professionals are working for someone.
Stephanie Perrin (NCSG)
01:36:53
Not just free styling for headlines
Volker Greimann (RrSG)
01:37:20
If they are government-authorised, maybe
Volker Greimann (RrSG)
01:37:48
mr “I am a security practitioner now!”, probably not
Stephanie Perrin (NCSG)
01:40:19
Have to run, thanks all!
Hadia Elminiawi(ALAC)
01:42:42
My suggestion in relation to question 9 Assuming that there is a policy that allows accredited parties to access non-public WHOIS data through an SSAD (and requires the accredited party to commit to certain reasonable safeguards similar to a code of conduct), is it legally permissible under Article 6(1)(f) to:(1)define specific categories of requests from accredited parties (e.g. rapid response to a malware attack or contacting a non-responsive IP infringer), for which there can be automated submissions for non-public WHOIS data, without having to manually verify the qualifications of the accredited parties for each individual disclosure request(2)Automate the balancing test required under Article 6(1) f(3)Automate disclosures of such data, without requiring a manual review by the controller or processor of each individual disclosure request.In addition, if it is not possible to automate any of these steps, please provide guidance in relation to the preferable process
Brian King (IPC)
01:43:01
I don't object to batches
Hadia Elminiawi(ALAC)
01:43:18
I agree to batches as well
Brian King (IPC)
01:43:40
All together might be best. Batches could work if the plenary knows which other batches are coming.
Janis Karklins (EPDP Chair)
01:44:20
list will be proposed for approval in coming team meeting on a Thursday 22 August
Tara Whalen (SSAC)
01:45:01
Next Tuesday is fine for me.
Volker Greimann (RrSG)
01:45:16
Three weeks break after that?
Brian King (IPC)
01:45:35
More time is better. We need advice ASAP
Brian King (IPC)
01:45:45
(more time for B&B)
Tara Whalen (SSAC)
01:47:19
Okay — let’s try to get text done on the email list *quickly* ahead of the call?
Brian King (IPC)
01:47:29
+1 Tara
Andrea Glandon
01:47:53
Yes, I will get invites sent for 27 August
Brian King (IPC)
01:48:00
thanks, Andrea!
Brian King (IPC)
01:48:03
thanks all
Andrea Glandon
01:48:07
You’re welcome!
Hadia Elminiawi(ALAC)
01:48:17
Thank you all bye