[NCSG-PC] [gnso-rds-pdp-wg] @EXT: RE: IMPORTANT: Invitation for Poll from 9 January Meeting

Nick Shorey lists at nickshorey.com
Fri Jan 19 01:04:19 EET 2018 

Thanks Stephanie,

I will take a read of the 5EYES letter in the meantime.

Kind regards,

Nick

Nick Shorey
Phone: +44 (0) 7552 455 988
Email: lists at nickshorey.com
Skype: nick.shorey
Twitter: @nickshorey
LinkedIn: www.linkedin.com/in/nicklinkedin
Web: www.nickshorey.com




> On 16 Jan 2018, at 21:01, Stephanie Perrin <stephanie.perrin at mail.utoronto.ca> wrote:
> 
> Agreed, and the secondary purposes for processing should not be grounds for collection of data....there will be no end to the data desired by the IP community if we accede to that.  WHich is why I joined Steve Metalitz's little drafting group today, even though I am super busy.
> 
> I would draw your attention to the letter from the 5 Eyes law enforcement community in that report.  AS a former bureaucrat, you will recognize weasel words when you see them....most of the High Courts for the countries listed would not, and indeed have not, found in favour of these arguments for blanket data gathering for law enforcement purposes.  I would love to see the constitutional opinions sought, and am betting (based on those weasel words) that none were sought.This is not to say that further processing (release) to duly authorized agents, with due authority is not desireable and should not be accommodated.....it must.  But how to set this up is not a problem ICANN has tackled in good faith thus far, and it is high time.  In my opinion.
> 
> Stephanie
> 
> On 2018-01-16 11:51 AM, Nick Shorey wrote:
>> Hi Stephanie,
>> 
>> Thanks for sharing. For me there's an important distinction between primary and secondary purposes, which now become more important distinctions with regards to GDPR. IMHO LEA access is a legitimate secondary purpose, and I have some thoughts / ideas on how that should translate to access. I support a discussion on this and how we might approach the debate.
>> 
>> Kind regards,
>> 
>> Nick
>> 
>> Nick Shorey
>> Phone: +44 (0) 7552 455 988
>> Email: lists at nickshorey.com <mailto:lists at nickshorey.com>
>> Skype: nick.shorey
>> Twitter: @nickshorey
>> LinkedIn: www.linkedin.com/in/nicklinkedin <http://www.linkedin.com/in/nicklinkedin>
>> Web: www.nickshorey.com <http://www.nickshorey.com/>
>> 
>> 
>> 
>> 
>>> On 15 Jan 2018, at 15:32, Stephanie Perrin <stephanie.perrin at mail.utoronto.ca <mailto:stephanie.perrin at mail.utoronto.ca>> wrote:
>>> 
>>> Normally I would not pester the PC with every twitch and stumble of the RDS working group...but we are now in some important discussions as to whether law enforcement investigation is a valid reason for the collection of information in the RDS.  We just actually got a consensus agreement it was NOT....which surprised me.  However, EUROPOL, who was the driving force behind the dreadful 2007 LE demand for data, is coming out of their corner, and the IP lawyers will be quick to support.  A discussion at our next policy meeting might be good....I attach the letter from report which contains the 2009 LEA communications  for your perusal, see page 129 .
>>> Steph
>>> 
>>> -------- Forwarded Message --------
>>> Subject:	[gnso-rds-pdp-wg] @EXT: RE: IMPORTANT: Invitation for Poll from 9 January Meeting
>>> Date:	Mon, 15 Jan 2018 13:30:04 +0000
>>> From:	Mounier, Grégory <gregory.mounier at europol.europa.eu> <mailto:gregory.mounier at europol.europa.eu>
>>> To:	'Chuck' <consult at cgomes.com> <mailto:consult at cgomes.com>, 'gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>' <gnso-rds-pdp-wg at icann.org> <mailto:gnso-rds-pdp-wg at icann.org>
>>> 
>>> Dear all,
>>> 
>>> I will not be able to join the call tomorrow so I thought that I should drop an email to the list to explain why I voted against the proposed possible WG Agreement according to which “Criminal Activity/DNS Abuse – Investigation is NOT a legitimate purpose for requiring collection of registration data, but maybe a legitimate purpose of using some data collected for other purposes.”
>>> 
>>> I think that there are a number of rationales/grounds - including in ICANN’s Bylaws - to argue that in fact, investigating criminal activity and DNS Abuse IS a legitimate purpose for requiring the collection of registration data.
>>> 
>>> Some of these rationales have been mentioned during the discussion on the mailing list and during the call on 9th January. Unfortunately, I think that the proposed possible WG agreement does not take into consideration these rationales. I specifically disagree with the assumption that we should make a distinction between 1) the purpose of collecting the data and 2) the purpose for using the data collected for other purposes (manage domain registrations).
>>> 
>>> The reason why I disagree with making this distinction is that it leads to artificially reduce the importance of a valid and legitimate purpose of the WHOIS system, acknowledged by ICANN Bylaws: addressing malicious abuse of the DNS and providing a framework to address appropriate law enforcement needs. (ICANN’s mandate is to “ensure the stable and secure operation of the internet’s unique identifier systems”[1] <x-msg://3/#_ftn1> + WHOIS data is essential for “the legitimate needs of law enforcement” and for “promoting consumer trust.”[2] <x-msg://3/#_ftn2> ). In its document on the three compliance models issued last Friday[3] <x-msg://3/#_ftn3>, ICANN has explicitly included: addressing the needs of law enforcement, investigation of cybercrime and DNS abuse as legitimate purposes of the WHOIS system.
>>> 
>>> If one of the purpose of the WHOIS system is to support a framework to address issues involving domain name registrations, including investigation of cybercrime and DNS abuse, it can be argued that investigating criminal activity and DNS abuse IS a legitimate purpose for requiring the collection of registration data. Likewise, I think that requiring collection of registration data to prevent crime is NOT beyond ICANN's mandate because this data is essential for ICANN to fulfil its mandate.
>>> 
>>> I have attached a list of relevant references supporting this point of view taken from ICANN’s Bylaws and the GDPR.
>>> 
>>> I hope that you’ll find this contribution helpful and I’m looking forward to reading the transcript of the next call J.
>>> 
>>> Best,
>>> 
>>> Greg
>>> 
>>> 
>>> 
>>> Gregory Mounier
>>> Europol
>>> European Cybercrime Centre
>>> +31 6 55782743
>>> 
>>> From: gnso-rds-pdp-wg [mailto:gnso-rds-pdp-wg-bounces at icann.org <mailto:gnso-rds-pdp-wg-bounces at icann.org>] On Behalf Of Chuck
>>> Sent: 12 January 2018 15:21
>>> To: gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>>> Subject: [gnso-rds-pdp-wg] FW: IMPORTANT: Invitation for Poll from 9 January Meeting
>>> Importance: High
>>> 
>>> The response to this week’s poll is particularly low so I strongly encourage more members to respond so that we have enough data to help us in our meeting next week.  Thanks to those who have already responded.
>>> 
>>> Chuck
>>>   <>
>>> From: gnso-rds-pdp-wg [mailto:gnso-rds-pdp-wg-bounces at icann.org <mailto:gnso-rds-pdp-wg-bounces at icann.org>] On Behalf Of Marika Konings
>>> Sent: Wednesday, January 10, 2018 7:27 AM
>>> To: gnso-rds-pdp-wg at icann.org <mailto:gnso-rds-pdp-wg at icann.org>
>>> Subject: [gnso-rds-pdp-wg] IMPORTANT: Invitation for Poll from 9 January Meeting
>>> 
>>> Dear all,
>>> 
>>> In follow-up to this week’s WG meeting, all RDS PDP WG Members are encouraged to participate in the following poll:
>>> 
>>> https://www.surveymonkey.com/r/VM6S8YK <https://www.surveymonkey.com/r/VM6S8YK>
>>> 
>>> Responses should be submitted through the above URL. For offline reference, a PDF of poll questions can also be found at:
>>> 
>>>               https://community.icann.org/download/attachments/74580034/Poll-from-9January-Call.pdf?version=1&modificationDate=1515544361000&api=v2 <https://community.icann.org/download/attachments/74580034/Poll-from-9January-Call.pdf?version=1&modificationDate=1515544361000&api=v2>
>>> 
>>> This poll will close at COB Saturday 13 January.
>>> 
>>> Please note that you must be a WG Member to participate in polls. If you are a WG Observer wishing to participate in polls, you must first contact gnso-secs at icann.org <mailto:gnso-secs at icann.org> to upgrade to WG Member.
>>> 
>>> Best regards,
>>> 
>>> Marika
>>> 
>>> Marika Konings
>>> Vice President, Policy Development Support – GNSO, Internet Corporation for Assigned Names and Numbers (ICANN)
>>> Email: marika.konings at icann.org <mailto:marika.konings at icann.org>
>>> 
>>> Follow the GNSO via Twitter @ICANN_GNSO
>>> Find out more about the GNSO by taking our interactive courses <http://learn.icann.org/courses/gnso> and visiting the GNSO Newcomer pages <http://gnso.icann.org/sites/gnso.icann.org/files/gnso/presentations/policy-efforts.htm#newcomers>.
>>> 
>>> 
>>> [1] <x-msg://3/#_ftnref1> ICANN Bylaws Article One, Section 1.1, Mission.
>>> [2] <x-msg://3/#_ftnref2> ICANN Bylaws, Registration Directory Services Review, §4.6(e).
>>> [3] <x-msg://3/#_ftnref3> https://www.icann.org/en/system/files/files/interim-models-gdpr-compliance-12jan18-en.pdf <https://www.icann.org/en/system/files/files/interim-models-gdpr-compliance-12jan18-en.pdf>*******************
>>> 
>>> DISCLAIMER : This message is sent in confidence and is only intended for the named recipient. If you receive this message by mistake, you may not use, copy, distribute or forward this message, or any part of its contents or rely upon the information contained in it.
>>> Please notify the sender immediately by e-mail and delete the relevant e-mails from any computer. This message does not constitute a commitment by Europol unless otherwise indicated.
>>> 
>>> *******************
>>> <NGRDS_WG_criminal_investigation_is a legitimate_purpose_for_collection_of_registration_data.pdf><Attached Message Part.txt><raa-improvements-proposal-final-report-18oct10-en(1).pdf>_______________________________________________
>>> NCSG-PC mailing list
>>> NCSG-PC at lists.ncsg.is <mailto:NCSG-PC at lists.ncsg.is>
>>> https://lists.ncsg.is/mailman/listinfo/ncsg-pc <https://lists.ncsg.is/mailman/listinfo/ncsg-pc>
>> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncsg.is/pipermail/ncsg-pc/attachments/20180118/09f86a83/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.ncsg.is/pipermail/ncsg-pc/attachments/20180118/09f86a83/attachment.sig>

More information about the NCSG-PC mailing list