[NCSG-PC] [council] Suggestion for membership criteria of proposed Expedited Policy Development Process
David Cake
dave at davecake.net
Tue Jun 19 05:09:10 EEST 2018
Excellent suggestion. If we are going to have a small focussed team, we should support them, and wheel reinvention is of limited value when solid commercial products are available.
David
> On 18 Jun 2018, at 9:12 pm, Ayden Férdeline <icann at ferdeline.com> wrote:
>
> The sticker price for the IAPP course is USD 550 per participant; even if ICANN did not get a bulk discount, that is only $11k for 21 participants (I would only expect ICANN to fund the course for appointed members). Some people will already be able to demonstrate a knowledge of basic data protection principles, so it is likely to me that the ask from ICANN org is only going to be around $5k for this essential resource. A Review Team of 21 people has a budget of $750,000/year - provided the EPDP has a similar budget, if not a higher one given its importance and need for external legal advice (which RTs don't budget for), this is not an unreasonable expense in my opinion. We might have to cut down on printing ($10k budgeted for printing per RT/year), but it's okay by me to save some trees. And I really think it's due diligence. We've got two options: appoint privacy experts and upskill them in DNS matters, or appoint DNS experts and upskill them in data protection. Given the former could easily earn $2,000 a day doing some GDPR consulting, it's not reasonable to expect to get that expertise for free, so the latter is the only option on the table...
>
> Best wishes, Ayden
>
>
> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> On 18 June 2018 6:26 AM, Martin Pablo Silva Valent <mpsilvavalent at gmail.com> wrote:
>
>> +1 to David and Ayden.
>>
>> You all saw my specific proposal for training, is already there, done and waiting to be used. And fulfills almost all criteria to ve implemented if ICANN can get around a decent negotiation (which I think should be doable). We don't have the time nor the politics, nor policy, to develop a training in time for epdp on GDPR ourselves (as icann community). We know IPC is biased and has shown willing ignorance on the matter, and they don't trust our interpretation. And ICANN legal clearly has it's own game as we can see with the lawsuit they are handling.
>>
>> This is one of those things we just need to get done to start working, egos aside.
>>
>> Cheers,
>> Martin
>>
>> On Sun, Jun 17, 2018, 11:01 PM David Cake <dave at davecake.net <mailto:dave at davecake.net>> wrote:
>> I’ve argued this point with the IPC multiple times, that they are an advocacy group that does not have a monopoly on knowledge of intellectual property law, and that other groups in ICANN (including both NCSG and ICANN policy staff) contain some excellent and experienced experts in intellectual property law.
>>
>> David
>>
>>> On 14 Jun 2018, at 4:52 pm, Ayden Férdeline <icann at ferdeline.com <mailto:icann at ferdeline.com>> wrote:
>>>
>>> I have been consistently arguing that we want the training developed by a neutral third party (ie IAPP), not anyone from in the community, as that will inevitably lend itself to allegations of bias. I am sure the IPC would not be comfortable with us developing a course on trademark law. Even though some of our members have that expertise.
>>>
>>> Ayden
>>>
>>> Sent from ProtonMail Mobile
>>>
>>>
>>> On Thu, Jun 14, 2018 at 09:38, Arsène Tungali <arsenebaguma at gmail.com <mailto:arsenebaguma at gmail.com>> wrote:
>>>> I don’t have any strong opinion (for now) about who designs the courses (outsiders or insiders) as long as the material will have to get approval from the Council before they can be implemented. If not the council, maybe WG members will have to agree on the content. And we will be represented there. That’s my opinion.
>>>>
>>>> Also, if you don’t want IPC folks to design a course on privacy, you can volunteer to do so and have them design anything trademark or so. I was simply building around what was offered as part of the discussion, which is still ongoing. I was not suggesting they do it.
>>>>
>>>> But yes, we can agree as a group and advance our opinion there on this particular matter. But as Rafik said, it is not yet the urgency. There are more urgent matters to work on such as charter etc.
>>>>
>>>>
>>>> -----------------
>>>> Arsène Tungali,
>>>> about.me/ArseneTungali <http://about.me/ArseneTungali>
>>>> +243 993810967
>>>> GPG: 523644A0
>>>> Goma, Democratic Republic of Congo
>>>>
>>>> Sent from my iPhone (excuse typos)
>>>>
>>>> On Jun 14, 2018, at 12:25 AM, Ayden Férdeline <icann at ferdeline.com <mailto:icann at ferdeline.com>> wrote:
>>>>
>>>>> Sorry but I think we need to regroup.
>>>>>
>>>>> I’m not sure we have an NCSG consensus here.
>>>>>
>>>>> I’m not comfortable with this.
>>>>>
>>>>> Courses should be neutral and not designed by a constituency or stakeholder group.
>>>>>
>>>>> Really, the IPC design the data protection course? Respectfully that is not their area of expertise.
>>>>>
>>>>> -Ayden
>>>>>
>>>>> Sent from ProtonMail Mobile
>>>>>> ---------- Forwarded message ----------
>>>>>> From: Arsène Tungali<arsenebaguma at gmail.com <mailto:arsenebaguma at gmail.com>>
>>>>>> Date: On Wed, Jun 13, 2018 at 23:20
>>>>>> Subject: Fwd: Re: [council] Suggestion for membership criteria of proposed Expedited Policy Development Process
>>>>>> To: Austin, Donna <Donna.Austin at team.neustar <mailto:Donna.Austin at team.neustar>>
>>>>>> Cc: GNSO Council List <council at gnso.icann.org <mailto:council at gnso.icann.org>>
>>>>>> This one kinda summarises the whole discussion, thanks Donna. I agree with you. To clarify: WG members will be selected by their respective groups (based on their own criteria), then these selected members will undertake a course/training that some of our members have volunteered to design (including Paul), plus some people suggested by Rubens to help them have the same understanding of the scope of this WG. That's what I got from this discussion and which I find useful. Thanks, Arsene 2018-06-13 23:53 UTC+02:00, Austin, Donna via council : > I think Marie has identified an important point. Each SG/SO will have their > own process for selecting and appointing their representatives/members to > the WG and in this regard I don’t think the Council can or should prescribe > any part of that process. The Council can certainly provide guidance, as > Marie has suggested, but I don’t believe the Council will any authority to > reject any person from the WG that has been appointed by an SG/SO, because > they don’t have not undertaken training in GDPR. > > That being the case, it does seem that there is a lot of support for the > idea that training of some form about GDPR would be a helpful. Perhaps, > rather than having the training as a pre-requisite, the WG members will be > required to undertake a training course as a group early in their tenure. > Given the temporary specification is intended to find a way for contracted > parties to be compliant with the GDPR regulation in a manner that maintains > the integrity of the WHOIS to the greatest extent possible, it would make > sense that any training course be developed in that context. As Erika noted, > GDPR is a complex law, but it does appear that there are some elements that > are more relevant to our discussion than others, and some elements that have > no relevance at all. To that end, it would make more sense to have a > training session that is tailored to the scope of what we expect will be > dealt with in the ePDP discussions. I would argue that we don’t need people > who are experts in the GDPR regulation on the WG, but we do need people who > are knowledgeable about its applicability in the ICANN context. By way of > example, I believe the RySG and RrSG now have a lot more people that > understand GDPR and its impact on contracted parties than we did 12 months > ago and not because they took a course on GDPR, but because they have had to > develop "practical, hands-on experience" to use Marie’s words, of GDPR in > the ICANN context. > > While we are spending a lot of time discussing the need or not for this GDPR > specific training, perhaps we could also give some thought to other > knowledge and skillsets that we think would be beneficial for the ePDP WG so > that we can provide this feedback to the SG/SO for their respective > selection processes. > > Donna > From: council [mailto:council-bounces at gnso.icann.org <mailto:council-bounces at gnso.icann.org>] On Behalf Of Marie > Pattullo > Sent: Wednesday, June 13, 2018 4:05 AM > To: Michele Neylon - Blacknight ; Rubens Kuhl > ; GNSO Council List > Subject: Re: [council] Suggestion for membership criteria of proposed > Expedited Policy Development Process > > I agree with all of that Michele. I’d also advance that as we will be asking > for the WG to be populated with reps of the SGs/SOs etc., in the call for > members we should specify that we are counting on those groups to put > forward reps with the requisite – practical, hands-on – experience. > Marie > > From: council > > On > Behalf Of Michele Neylon - Blacknight > Sent: Wednesday, June 13, 2018 12:25 PM > To: Rubens Kuhl >; GNSO Council List > > > Subject: Re: [council] Suggestion for membership criteria of proposed > Expedited Policy Development Process > > Rubens > > I agree. > > The key point that I think many of us agree on is that knowledge / training, > call it what you will, is highly beneficial in general. One of the issues we > ran into repeatedly in the RDS PDP was that people either were not familiar > with the subject matter beyond their own, specific narrow interest and / or > they had little to no familiarity with how ICANN’s processes in terms of > policy development work. > > In the case of this ePDP any member of the group that is eventually formed > will need to have a basic grounding in several key areas including privacy > and GDPR. > > While certification is "nice" I also agree that it should not be a > requirement and I would have issues with ICANN paying thousands of Euro to > give people this kind of training. If someone wants to get certified in > privacy / GDPR or anything else I’m sure that will help them further their > careers, but last time I checked neither ICANN as a whole nor the GNSO > specifically is a training camp for people. > > As for providing primers – I think it’s a good idea and if I can help I’d be > happy to. > > Regards > > Michele > > > -- > Mr Michele Neylon > Blacknight Solutions > Hosting, Colocation & Domains > https://www.blacknight.com/ <https://www.blacknight.com/> > http://blacknight.blog/ <http://blacknight.blog/> > Intl. +353 (0) 59 9183072 > Direct Dial: +353 (0)59 9183090 > Personal blog: > https://michele.blog/ <https://michele.blog/> > Some thoughts: > https://ceo.hosting/ <https://ceo.hosting/> > ------------------------------- > Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty > Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 > > From: council > > on > behalf of Rubens Kuhl > > Date: Wednesday 13 June 2018 at 02:11 > To: GNSO Council List > > > Subject: Re: [council] Suggestion for membership criteria of proposed > Expedited Policy Development Process > > I'll repeat a point I made in chat today: requiring and providing training > is not excluding, but requiring certification is. Actually, for who is > paying for the training, the actual knowledge is more important than the > certification, which only benefits the certified person. So while I would > find reasonable that someone that happens to have a certification to excuse > himself/herself from the training, I don't see us establishing a > certification as requisite. > > And if that changes the price, every certification (opposed to training) > should come on that person's dime, not GNSO's. And while I like IAPP because > it seems to have a more neutral tone instead of the Europe x World > Manichaeism, I believe we could look at other options. > > As for themes, I think that the other than GDPR could come from our internal > development efforts. For instance, picket fence, trademarks, abuse > investigation, registrar operations, RDAP... let me throw people under the > bus without consulting them just to indicate how we could provide primer > sessions on these angles making for a "Renaissance" WG: > Picket Fence - Becky Burr > Trademarks - Heather Forrest > Abuse investigation - Dave Piscitello > Registrar operations - Michele Neylon > RDAP - Scott Hollenbeck > > > Rubens > > > > > > On 12 Jun 2018, at 11:51, McGrady, Paul D. > > wrote: > > Thanks Carlos. > > Actually, you agree with me. I don’t think we should have any gatekeeping > barriers, such as IAPP certifications, designed to exclude anyone. But, if > we are going to go down the path of exclusion, and I hope we don’t, it > shouldn’t just be for one privacy skill set which would result in an > unbalanced ePDP WG. I think some 101 in both GDPR and Trademarks is more > than sufficient to ensure everyone on the ePDP WG has a common vocabulary. > I’m surprised by the resistance on the call today to the idea and the > steadfast holding to the notion of gatekeeping IAPP certification which will > result in exclusions from the team and undermine its outcomes from Day 1. > > Best, > Paul > > > > From: Carlos Raul Gutierrez [mailto:crg at isoc-cr.org <mailto:crg at isoc-cr.org>] > Sent: Tuesday, June 12, 2018 9:32 AM > To: McGrady, Paul D. > > Cc: Ayden Férdeline >; GNSO > Council List > > Subject: Re: [council] Suggestion for membership criteria of proposed > Expedited Policy Development Process > > It was a very interesting Council call today, of which I could only follow > the initial 2/3 or so. > After the call I went back to this ideas of Ayden and Paul, and I found > myself in disagreement with both of you. > Maybe because I'm an economist that doesn't want to become a pseudo lawyer > in either trademark law or in data protection, my needs t o follow the ePDP > in case i'm not qualified to participate (only to vote...) are different: > My question is to what degree does WHOIS have a bias for or against both, > trademark law and GDPR. As some might know, we economist are all about > efficiency and efficiency loses. And my understanding is that any change in > WHOIS, either planned or imposed, creates great efficiency losses to our > members of the CPH. And in some cases, those efficiency loses cost a lot of > money! > The Bonner Landesgericht put an interesting efficiency concept on the table: > Datensparsamkeit. (something like be stingy with data -collection-). > So from my personal perspective, and I repeat, independently if I'm > qualified or not to be a member of the ePDP, my basic question is and would > remain until we vote on the policy proposal, is how a new regulation that > looks for collecting LESS data, can be an operational, or even financial > burden to the members of the CPH. > For that I don't need more knowledge on either Trademark and/or Privacy Law. > What I need are hard facts, best expressed by numbers of dollars. > With that SOI, I express my interest to be part of the ePDP, either as > member, or else as unqualified bystander with a vote on the final decision. > > Carlos Raúl Gutiérrez > ISOC Costa Rica Chapter > skype carlos.raulg > +506 8837 7176 > ________ > Apartado 1571-1000 > COSTA RICA > > On Thu, Jun 7, 2018 at 2:28 PM, McGrady, Paul D. > > wrote: > Thanks Ayden. > > Tricky though, since those of us representing consumers that are protected > by intellectual property laws from confusing misuses of marks often feel > that those participating in WG’s don’t understand the fundamentals of > trademark laws either. Certainly in the case of this EPDP we would want > people to have the basics of trademark law as well. Perhaps instead of > using these useful skills sets as gatekeepers, we ask staff to develop > curriculum for the first session or two hitting these two issues and setting > forth some basic vocabulary. I’d be happy to participate with staff in the > effort from the trademark side if you would be happy to participate with > staff in the effort from the data protection side. > > Best, > Paul > > > Paul D. McGrady > > Partner > > > Winston & Strawn LLP > 35 W. Wacker Drive > Chicago, IL 60601-9703 > > D: +1 312-558-5963 > > F: +1 312-558-5700 > > Bio > | > VCard > | Email | > winston.com <http://winston.com/> > > > > > From: council > [mailto:council-bounces at gnso.icann.org <mailto:council-bounces at gnso.icann.org> ] > On Behalf Of Ayden Férdeline > Sent: Thursday, June 07, 2018 3:12 PM > To: GNSO Council List > > > Subject: [council] Suggestion for membership criteria of proposed Expedited > Policy Development Process > > Dear all, > > I have just finished reviewing the proposed agenda for our meeting next week > along with the mindmap that Council leadership and staff have developed > (thanks for doing this!). > > I would like to put forward a suggestion for the Expedited Policy > Development Process (EPDP) team criteria. While the scope of the EPDP > remains unclear at present, what I took away from the call between the Board > and the Council on Tuesday was that compliance with the law is crucial. As > such I think it is imperative that *all* members be able to demonstrate that > they have a basic understanding of the principles and legal terms of data > protection. > > I would like to request that any community member who is appointed to the > EPDP, or staff member supporting the EPDP, be able to demonstrate they have > completed at least 3 hours of data protection training. I do not think this > would be a huge burden, but I think it would make work easier, as there > should be a common understanding of essential terms. > > There are short half-day 'Data Protection 101' classes run by institutions > like the policy neutral International Association of Privacy Professionals, > whose courses only use definitions of terms that have been defined in law > for over 20 years. > > For those who don't hold this certification, I would like to request that > ICANN reimburse the members of the EPDP for their modest and reasonable > costs in obtaining it. > > I would like to hear your thoughts here, however I would also like to ask > that this suggestion please be given serious consideration. Thank you. > > Best wishes, > Ayden Férdeline > > ________________________________ > The contents of this message may be privileged and confidential. If this > message has been received in error, please delete it without reading it. > Your receipt of this message is not intended to waive any applicable > privilege. Please do not disseminate this message without the permission of > the author. Any tax advice contained in this email was not intended to be > used, and cannot be used, by you (or any other taxpayer) to avoid penalties > under applicable tax laws and regulations. > > _______________________________________________ > council mailing list > council at gnso.icann.org <mailto:council at gnso.icann.org> > https://mm.icann.org/mailman/listinfo/council <https://mm.icann.org/mailman/listinfo/council> > > _______________________________________________ > council mailing list > council at gnso.icann.org <mailto:council at gnso.icann.org> > https://mm.icann.org/mailman/listinfo/council <https://mm.icann.org/mailman/listinfo/council> > > -- ------------------------ **Arsène Tungali* * Co-Founder & Executive Director, *Rudi international *, CEO,* Smart Services Sarl *, *Mabingwa Forum * Tel: +243 993810967 GPG: 523644A0 *Goma, Democratic Republic of Congo* 2015 Mandela Washington Felllow (YALI) - ISOC Ambassador (IGF Brazil & Mexico ) - AFRISIG 2016 - Blogger - ICANN's GNSO Council Member. AFRINIC Fellow ( Mauritius )* - *IGFSA Member - Internet Governance - Internet Freedom. Check the *2016 State of Internet Freedom in DRC* report (English ) and (French ) _______________________________________________ council mailing list council at gnso.icann.org <mailto:council at gnso.icann.org> https://mm.icann.org/mailman/listinfo/council <https://mm.icann.org/mailman/listinfo/council>
>>>>> _______________________________________________
>>>>> NCSG-PC mailing list
>>>>> NCSG-PC at lists.ncsg.is <mailto:NCSG-PC at lists.ncsg.is>
>>>>> https://lists.ncsg.is/mailman/listinfo/ncsg-pc <https://lists.ncsg.is/mailman/listinfo/ncsg-pc>
>>>
>>> _______________________________________________
>>> NCSG-PC mailing list
>>> NCSG-PC at lists.ncsg.is <mailto:NCSG-PC at lists.ncsg.is>
>>> https://lists.ncsg.is/mailman/listinfo/ncsg-pc <https://lists.ncsg.is/mailman/listinfo/ncsg-pc>
>>
>>
>> _______________________________________________
>> NCSG-PC mailing list
>> NCSG-PC at lists.ncsg.is <mailto:NCSG-PC at lists.ncsg.is>
>> https://lists.ncsg.is/mailman/listinfo/ncsg-pc <https://lists.ncsg.is/mailman/listinfo/ncsg-pc>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncsg.is/pipermail/ncsg-pc/attachments/20180619/33f365b6/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.ncsg.is/pipermail/ncsg-pc/attachments/20180619/33f365b6/attachment.sig>
More information about the NCSG-PC
mailing list