<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

</head>

<body text="#000000" bgcolor="#FFFFFF">

<p><font size="+1"><font face="Lucida Grande">That recommendation was supposed to be to delete reference to the OECD Guidelines.  I will check the wording and add it to the google doc.</font></font></p>

<p><font size="+1"><font face="Lucida Grande">It would be great if you could comment separately as one of the former co chairs Kathy, we really needed you on the group to keep Susan honest about the WHOIS 1 report.  In my opinion anyway :-)</font></font></p>

<p><font size="+1"><font face="Lucida Grande"></font></font>cheers steph<br>

</p>

<div class="moz-cite-prefix">On 2018-11-15 13:59, Kathryn Kleiman wrote:<br>

</div>

<blockquote type="cite" cite="mid:568afa0b-ae93-48ea-d378-931c067b51f7@kathykleiman.com">

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr">Hi Rafik and All, I'm happy to submit my comment separately.  It will be hard to reconcile in under a day, and it may be good for noncommercial representatives to have multiple voices in

 this comment process. <br>

</p>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr"><br>

</p>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr"><b>One thing, though, that I am very, very worried about is BY.1, a proposed change to the ICANN Bylaws

<u>to delete </u><u>"safeguarding registrant data."</u></b>   If this change is made, when ICANN studies and reviews future RDS/WHO services, it will only look at how the RDS serves the "legitimate needs of law enforcement and promote consumer trust" ==> who

 mine our data, not how our data (and those of noncommercial registrants in all gTLDs) is being protected and safeguarded.  For a future RDS/WHOIS Review Team perspective, it completely changes the data they will ge. From a legal perspective, such a change

 to the Bylaws will haunt us for decades to come (as a sign that safeguarding registrants and our data no longer an ICANN priority.)<b><br>

</b></p>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr"><b><br>

</b></p>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr"><b></b>Feel free to use my language!  (which I've also added to Stephanie's comments...)</p>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr">Please let me know if you would like to sign on separately (more the merrier!)<br>

</p>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr">Best, Kathy<br>

</p>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr"><b style="font-weight:normal"><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:italic;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;"></span></b><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:700;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">----------------------------------------------------------------------------------------------------------------------------

 Kathy's Comment re: Opposing BY.1, RDS/WHOIS 2 Review Team Recomm to Change ICANN Bylaws ----

</span></p>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr"><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:700;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;"></span></p>

<p><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:700;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">I. We Strongly Oppose the Following

 Recommendations and Ask that They be Deleted or Significantly Modified in the Final Report</span><b style="font-weight:normal"><br>

</b></p>

<p><b style="font-weight:normal"><br>

</b></p>

<ol style="margin-top:0pt;margin-bottom:0pt;">

<b style="font-weight:normal">

<li style="list-style-type:upper-alpha;font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:italic;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;margin-left: 36pt;" dir="ltr">

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr"><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:italic;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">BY.1

 Should Be Removed </span></p>

</b></li></ol>

<b style="font-weight:normal"><br>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;text-indent:

          36pt;" dir="ltr">

<span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">We are deeply concerned about

 the deletion of protections for Registrants from New ICANN Bylaw Section 4.6(e)(ii) and ask that this recommendation be removed. It would eliminate “</span><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:italic;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">the

 reference to ‘safeguarding registrant data’ in ICANN Bylaws section 4.6(e(ii)...”

</span><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:700;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">We find this recommendation

 to be a dangerous and short-sighted. </span></p>

<br>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr"><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">The

 current ICANN Bylaw is a balanced one. Section (e)(ii) provides:</span></p>

<br>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;text-indent:

          36pt;" dir="ltr">

<span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">“e)</span><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">   

</span><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">Registration Directory

 Service Review</span><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">

</span><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">   

</span><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">* * * *

</span></p>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;margin-left:

          36pt;" dir="ltr">

<span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">(ii) The Board shall cause a periodic

 review to assess the effectiveness of the then current gTLD registry directory service and whether its implementation meets the legitimate needs of law enforcement, promoting consumer trust and safeguarding registrant data (“Directory Service Review”).”</span></p>

<br>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr"><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">The

 current Bylaw is fair and balanced -- with protection of the data subject as well as those who would have a legitimate and legal need to access their data. These New ICANN Bylaws were adopted pursuant to intensive discussions of the ICANN Community and are

 part of the balanced accountability processes and protections created. </span></p>

<br>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr"><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">To

 remove “safeguarding registrant data” will:</span></p>

<ol style="margin-top:0pt;margin-bottom:0pt;">

<li style="list-style-type:lower-alpha;font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;" dir="ltr">

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr"><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">Harm

 the trust of domain name registrants (who impart their individual and organizational data (personal and sensitive) to their registrars, registries and indirectly to ICANN) with clear expectations of it being safeguarded, and

</span></p>

</li></ol>

<br>

<ol style="margin-top:0pt;margin-bottom:0pt;" start="2">

<li style="list-style-type:lower-alpha;font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;" dir="ltr">

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr"><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">Go

 against the tide of modern society.  In the world of “big data,” governments and regulatory agencies everywhere are rushing to protect and “safeguard” the data of their citizens and customers.  Safeguarding registrant data is a way of building trust and loyalty.

 It is the law of the European Union, the basis of the dozens of signatories to Convention 108 (including EU, Russia, Turkey, Morocco, Senegal, Uruguay and Argentina), and the basis of NTIA’s just closed

</span><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:italic;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">Request for Comment

</span><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">on

</span><span style="font-size:11.5pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:italic;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">Developing the Administration’s

 Approach to Consumer Privacy. </span><span style="font-size:11.5pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">In

 NTIA’s Request for Comment, the organization wrote:  </span></p>

</li></ol>

<br>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;margin-left:

          72pt;" dir="ltr">

<span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">“Every day, individuals interact

 with an array of products and services, many of</span><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">   

</span><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">which have become integral

 to their daily lives. Often, especially in the digital environment, these products and services depend on the collection, retention, and use of personal data about their users. Users must therefore trust that organizations will respect their interests, understand

 what is happening with their personal data, and decide whether they are comfortable with this exchange. Trust is at the core of the United States’ privacy policy formation.”

</span></p>

<br>

<p style="line-height:1.38;margin-top:0pt;margin-bottom:0pt;" dir="ltr"><span style="font-size:11pt;font-family:Arial;color:#000000;background-color:transparent;font-weight:400;font-style:normal;font-variant:normal;text-decoration:none;vertical-align:baseline;white-space:pre;white-space:pre-wrap;">To

 remove or change this Bylaw protection would violate key promises made in the ICANN Transition, and fundamental commitments of the ICANN Community to its foundation of domain name registrants.  The publicity of such a change, alone, would undermine confidence

 in the DNS. </span></p>

<br>

</b>

<div class="moz-cite-prefix">On 11/15/2018 4:11 AM, Rafik Dammak wrote:<br>

</div>

<blockquote type="cite" cite="mid:CAH5sTh=QfBC3Z2J09BFVEvhY7PAAoJAh9Y-Tjs6N6tiuk7ZPuw@mail.gmail.com">

<div dir="ltr">Hi Kathy,

<div><br>

</div>

<div>Thanks for the draft comment. </div>

<div>we got to work on finalizing an NCSG response.</div>

<div><br>

</div>

<div>Best,</div>

<div><br>

</div>

<div>Rafik<br>

<br>

<div class="gmail_quote">

<div dir="ltr">Le mar. 13 nov. 2018 à 12:47, Kathryn Kleiman <<a href="mailto:kathy@kathykleiman.com" moz-do-not-send="true">kathy@kathykleiman.com</a>> a écrit :<br>

</div>

<blockquote class="gmail_quote" style="margin:0 0 0

                .8ex;border-left:1px #ccc solid;padding-left:1ex">

Hi All,<br>

<br>

The deadline is almost upon us for the Registration Directory Service <br>

(RDS)-WHOIS2 Review Draft Report comments.  I found the RDS/WHO2 Draft <br>

Report scary and fascinating -- it was supposed to stay within the "four <br>

corners" of the first Whois Review Team Report and it didn't. It <br>

proposes some truly dangerous changes.  I am also concerned by the long <br>

discussion I heard (participated in) in Barcelona with Alan, Katrin and <br>

Susan (officers of RDS-WHO2 from ALAC, GAC Public Safety Working Group <br>

and Facebook) saying that they might continue their work, do more <br>

surveys and make more recommendations -- even as the EPDP is in <br>

progress!  They should definitely stop!<br>

<br>

Huge thanks to Stephanie for being part of and surviving this Review Team!<br>

<br>

Knowing that things are crazy busy, I kicked off a draft comment from my <br>

vantage point as Vice-Chair of the first WHOIS Review Team (18 long <br>

months in 2010-2011).  Feel free to edit and expand!<br>

<br>

Posted at <br>

<a href="https://docs.google.com/document/d/1h8ykLx-8dhCWposUJpKkBYf3Rg-oAZEqwCN131n-Yoo/edit?usp=sharing" rel="noreferrer" target="_blank" moz-do-not-send="true">https://docs.google.com/document/d/1h8ykLx-8dhCWposUJpKkBYf3Rg-oAZEqwCN131n-Yoo/edit?usp=sharing</a><br>

<br>

Best, Kathy<br>

<br>

_______________________________________________<br>

NCSG-PC mailing list<br>

<a href="mailto:NCSG-PC@lists.ncsg.is" target="_blank" moz-do-not-send="true">NCSG-PC@lists.ncsg.is</a><br>

<a href="https://lists.ncsg.is/mailman/listinfo/ncsg-pc" rel="noreferrer" target="_blank" moz-do-not-send="true">https://lists.ncsg.is/mailman/listinfo/ncsg-pc</a><br>

</blockquote>

</div>

</div>

</div>

</blockquote>

<br>

<fieldset class="mimeAttachmentHeader"></fieldset>

<pre class="moz-quote-pre" wrap="">_______________________________________________

NCSG-PC mailing list

<a class="moz-txt-link-abbreviated" href="mailto:NCSG-PC@lists.ncsg.is">NCSG-PC@lists.ncsg.is</a>

<a class="moz-txt-link-freetext" href="https://lists.ncsg.is/mailman/listinfo/ncsg-pc">https://lists.ncsg.is/mailman/listinfo/ncsg-pc</a>

</pre>

</blockquote>

</body>

</html>