<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p><font size="+1"><font face="Lucida Grande">I will try to get the
revised comments on the models that have been submitted in
before I run for the plane at 2 EDT...but that may not
happen. The legal analysis will come next week, it is a lot
harder and more complex....but I want to get my questions on
the table. It will be a long time before this is over....</font></font></p>
<p><font size="+1"><font face="Lucida Grande">We need to endorse the
ECO model very strongly, in my view. While option 3 looks
good, it is rather unworkable.<br>
</font></font></p>
<p><font size="+1"><font face="Lucida Grande">cheers SP</font></font><br>
</p>
<div class="moz-cite-prefix">On 2018-01-27 14:09, Ayden Férdeline
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:ro7pP9V0lwUqclxEbpaIPDwgg_qsFmtI1hcMJxasmdLMLGRxwBlC7k-VKd0TGrHtBYUuZ5UsPuYi4sxAPJhRAZbhKfdP7xvZ_uAiqq0TTic=@ferdeline.com">
<div>Thanks Rafik</div>
<div> <br>
</div>
<div>I’m going to hold off on endorsing this for 24 hours until I
read the comments currently being drafted by Stephanie. </div>
<div> <br>
</div>
<div>To be clear, this is not to say that I do not endorse this
statement. It sounds logical to me and consistent with our
principles. But if Stephanie has a 15-page document coming I’d
like to make sure we’re being consistent in our messaging. </div>
<div> <br>
</div>
<div>Of course, being so close to the final day for
submissions, I’ll write again on-list tomorrow in the absence of
any other statements being on the table, as we cannot miss this
submission deadline. </div>
<div> <br>
</div>
<div>Sincere thanks to Milton for drafting this. </div>
<div> <br>
</div>
<div>Best wishes, Ayden</div>
<div> <br>
</div>
<div id="protonmail_mobile_signature_block">Sent from ProtonMail
Mobile</div>
<div> <br>
<div>
<div> <br>
</div>
On Sat, Jan 27, 2018 at 10:50, Rafik Dammak <<a
href="mailto:rafik.dammak@gmail.com" class=""
moz-do-not-send="true">rafik.dammak@gmail.com</a>> wrote:</div>
<blockquote class="protonmail_quote" type="cite">
<div dir="auto">
<div>Hi all,
<div dir="auto"> <br>
</div>
<div dir="auto">We got a comment for the GDPR compliance
model. The deadline for submission ins the 29th Jan,
which is the coming monday. We need act quickly within
this weekend .</div>
<div dir="auto"> <br>
</div>
<div dir="auto">Best,</div>
<div dir="auto"> <br>
</div>
<div dir="auto">Rafik </div>
<br>
<div class="gmail_quote">---------- Forwarded message
---------- <br>
From: "Mueller, Milton L" <<a
href="mailto:milton@gatech.edu" moz-do-not-send="true">milton@gatech.edu</a>>
<br>
Date: Jan 26, 2018 6:05 PM <br>
Subject: [NCSG-Discuss] Comments on the Whois compliance
models <br>
To: <<a href="mailto:NCSG-DISCUSS@listserv.syr.edu"
moz-do-not-send="true">NCSG-DISCUSS@listserv.syr.edu</a>>
<br>
Cc: <br>
<br type="attribution">
<blockquote class="quote" style="margin: 0px 0px 0px
0.8ex; border-left-width: 1px; border-left-style:
solid; border-left-color: rgb(204, 204, 204);">
<div link="#0563C1" vlink="#954F72" lang="EN-US">
<div class="m_-2216294355849967392WordSection1">
<p class="MsoNormal">I offer the following as a
first draft of the NCSG position on the 12
January 2018 call for comments released by ICANN
org. </p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Principles </p>
<p class="MsoNormal">Our evaluation of the models
offered by ICANN are based on three fundamental
principles. No model that fails to conform to
all three is acceptable to the NCSG. </p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">1. The purpose of whois must
be strictly tied to ICANN's mission. That is,
the data that is collected and the data that are
published must directly and demonstrably
contribute to ICANN's mission as defined in
Article 1 of its new bylaws. We reject any
definition of Whois purpose that is based on the
way people happen to make use of data that can
be accessed indiscriminately in a public
directory. The fact that certain people
currently use Whois for any purpose does not
mean that the purpose of Whois is to provide
thick data about the domain and its registrant
to anyone who wants it for any reason. </p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">2. Whois service, like the
DNS itself, should be globally uniform and not
vary by jurisdiction. ICANN was created to
provide globalized governance of the DNS so that
it would continue to be globally compatible and
coordinated. Any solution that involves
fragmenting the policies and practices of Whois
along jurisdictional lines is not desirable. </p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">3. No tiered access solution
that involves establishing new criteria for
access can feasibly be created in the next 3
months. We would strongly resist throwing the
community into a hopeless rush to come up with
entirely new policies, standards and practices
involving tiered access to data, and we do not
want ICANN staff to invent a policy that is not
subject to community review and approval. </p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Based on these three
principles, we believe that Model 3 is the only
viable option available. Model 3 minimizes the
data publicly displayed to that which is
required for maintaining the stability, security
and resiliency of the DNS. Model 3 could be
applied across the board, and would be
presumptively legal regardless of which
jurisdiction the registrar, registry or
registrant are in. And Model 3 relies on
established legal due process for gaining access
to additional information. </p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">There is room for discussion
about how much data could be publicly displayed
under Model 3 consistent with ICANN's mission.
E.g., it may be within ICANN's mission to
include additional data in the public record,
such as an email address for the technical
contact and even possibly the name of the
registrant. </p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">The process of gaining access
to additional data in Model 1 is completely
unacceptable. Self-certification by any third
party requestor is, we believe, not compliant
with GDPR nor does is such access justified by
the purpose of Whois or ICANN's mission. </p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Model 2 might possibly be
acceptable if an suitable set of criteria and
processes were devised, but it simply is not
feasible for such a certification program to be
developed in 3 months. A certification program
thrown together in a rush poses huge risks for
loopholes, poor procedures, and a legal
challenge to ICANN, either from DPAs or from
individuals affected. </p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Dr. Milton L. Mueller </p>
<p class="MsoNormal">Professor, School of Public
Policy </p>
<p class="MsoNormal">Georgia Institute of
Technology </p>
<p class="MsoNormal"> </p>
<p class="MsoNormal"> </p>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</blockquote>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
NCSG-PC mailing list
<a class="moz-txt-link-abbreviated" href="mailto:NCSG-PC@lists.ncsg.is">NCSG-PC@lists.ncsg.is</a>
<a class="moz-txt-link-freetext" href="https://lists.ncsg.is/mailman/listinfo/ncsg-pc">https://lists.ncsg.is/mailman/listinfo/ncsg-pc</a>
</pre>
</blockquote>
</body>
</html>