[NCSG-PC] draft slides for tomorrow's webinar
Stephanie Perrin
stephanie.perrin at mail.utoronto.ca
Fri Mar 2 15:21:35 EET 2018
I did not comment on all the below, see inline
On 2018-03-02 08:09, farzaneh badii wrote:
> ok let me know we need to send it to ICANN staff before the meeting.
>
> Farzaneh
>
> On Fri, Mar 2, 2018 at 8:07 AM, Stephanie Perrin
> <stephanie.perrin at mail.utoronto.ca
> <mailto:stephanie.perrin at mail.utoronto.ca>> wrote:
>
> Looks fine. Sponsors are the accredited registrars, so will make
> "or" an "and" on that slide
>
> SP
>
> On 2018-03-01 22:45, farzaneh badii wrote:
>> I have made it a bit brief. here are the changes I made:
>>
>> I removed page 3 (relevant privacy laws). *(I think people need
>> to understand the landscape is bigger than GDPR) *
>
>> Page five, I just added a brief definition of WHOIS and deleted
>> the rest of what you had.
>
>> I am not sure about keeping slide 7. It is long and very
>> complicated.
>
I will not go through it, just want them to realize this is not new and
we have been fighting this fight a very long time. SOme need to know
history so as not to reinvent our position on this.....
>
>> If you think you can make a brief remark about the long struggle
>> then good idea. But going to thick whois and thin whois too much
>> will be confusing. I removed some of the principles or made them
>> shorter. Removed :
>> •Notice of data breach within 72 hours
>> •Right to be forgotten
>
These are important. I will mention but no time to put everything back in.
>> But you are the expert so correct me if I am wrong.
>>
>> Here:
>> •Tiered access means accreditation and authorization …no
>> self-certification, we need standards and independent audit
>> In the newest ICANN model there is no self certification but
>> reliance on GAC! We need to mention this.
>
Actually the GAC model will turn out to be self certification. Lawyers
check, cybercrime orgs check. LEAs Check of course...and this is the
only group they ought to be certifying, and that will turn out to be
self cert as well. There is no independent process, that is why the
Canadian govt (and even APWG) are starting to get interested in the
standards proposal
>
>>
>> In the following, Why are we jumping the queue about legitimate
>> purpose? "Cybercrime fighting is a legitimate reason to disclose
>> but it needs to be on an accredited basis, anonymized data
>> analytics, etc." Lets emphasize we have to first agree on the
>> purpose of WHOIS then we can get into legitimate interest etc.
>
I want to explain the battle that has been going on about legit purpose
for access vs for overall processing. Long hard battle in RDS group and
they still dont get it.....
>
>>
>> Also we should mention that we want data minimization (get rid of
>> Thick WHOIS as much as possible)
>
then leave thick WHOIS in the other slide, that is why it is in
there....but dont worry I will deal with it in a minute or two. We need
to question what is behind current endorsement of thick whois model
(transfer of all data to Verisign e.g.??)
>
>>
>> Thanks for doing this. we will have 45 minutes to go through your
>> slides and ask questions and then ICANN staff (Theresa and Akram)
>> will be with us and we can discuss the new ICANN model.
>>
>>
>> I also made your background less interesting. Sorry :)
>
I love that background but I guess yours is ok. I like the ink blots to
symbolize all the screwups....
>
>>
>>
>> Best
>>
>> Farzaneh
>>
>>
>>
>>
>>
>>
>> Farzaneh
>>
>> On Thu, Mar 1, 2018 at 7:38 PM, Stephanie Perrin
>> <stephanie.perrin at mail.utoronto.ca
>> <mailto:stephanie.perrin at mail.utoronto.ca>> wrote:
>>
>> first draft, tell me what you want....
>>
>> cheers Steph
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncsg.is/pipermail/ncsg-pc/attachments/20180302/c443cc8f/attachment.htm>
More information about the NCSG-PC
mailing list