[NCUC-DISCUSS] [Privacy] this is a space for privacy work

Rafik Dammak rafik.dammak at gmail.com
Sun Apr 6 08:44:46 CEST 2014


Hi Stephanie,

I am afraid that the focus on thing like ICANN collecting data about
volunteers and participants can divert the scarce resources we have ,
instead of working whois-related issues
more clarity about the strategy and scope would be helpful

Best Regards,

Rafik


2014-04-06 15:41 GMT+09:00 Stephanie Perrin <
stephanie.perrin at mail.utoronto.ca>:

> I am afraid I don’t understand the question Rafik..we offered to tell them
> what is wrong with their policy.  Item one, is the scope is too narrow.  A
> full policy covers everything.  This is what the law would demand, if they
> were in a jurisdiction with law.
>
> On Apr 6, 2014, at 2:18 AM, Rafik Dammak <rafik.dammak at gmail.com> wrote:
>
> Hi Stephanie,
>
> I read the document but I am somehow puzzled by the scope:
> - are we talking about privacy within ICANN in regard to the policies
> development there like in the case of RAA, Whois, new directory services?
> then providing a privacy framework for ICANN policies, systematic
> assessment of policy impact on privacy and data protection etc
> - or it is just about ICANN collecting personal data from the community ,
> staff etc
>
> the scope matters because the resources and the focus we can have at NCSG
> level. as you know we have already an existing group to discuss privacy
> within NCSG , with those involved in several working group around whois.
>
> Best Regards,
>
> Rafik
>
>
> 2014-04-02 20:07 GMT+09:00 Stephanie Perrin <
> stephanie.perrin at mail.utoronto.ca>:
>
>> Further to this note, there is an opening very draft preface to our
>> comments on the ICANN privacy policy, on the pad set up by Niels.  I attach
>> the word version here, for anyone who is interested in this project.  To
>> join the work group, contact Stefania
>> It is a conversation starter, no where near a final draft.
>>
>>
>> On Mar 30, 2014, at 2:45 PM, Stephanie Perrin <
>> stephanie.perrin at mail.utoronto.ca> wrote:
>>
>>  Further to Robin’s note, I am pasting in a thread that originated in
>>> NCUC following our meeting with the ICANN Board.
>>>
>>>
>> Numerous members of the NCUC have already volunteered to work on
>> developing a gap analysis of the existing ICANN privacy policies, with a
>> view to providing advice back to the Board as to what needs to be done to
>> bring ICANN privacy policies up to the expected levels.  Please join in, as
>> you can see from Bruce Tonkin’s note back to us, there is a rather poor web
>> policy, for which I promised to provide a critique.  I attach a few other
>> jobs that need to be done rather soon, if anyone would like to volunteer.
>>  Here is a snippet which I just sent out to the NCUC volunteers:
>>
>> OK, perhaps one group of folks would like to have a look at the policy
>> for new Gtlds, available here, and prepare a critique of what is missing
>> (gap analysis)
>>
>> gTLD Program is addressed in a separate personal data privacy statement
>> at http://newgtlds.icann.org/en/applicants/agb/program-privacy.
>> We could also use some help from someone on analysing the transparency
>> and accountability principles, where the disclosure stuff is apparently
>> buried.  One of the major criticisms of these policies is that it is very
>> difficult for a user/participant at ICANN to find out what is happening to
>> their data.
>> Another task where  I would love some help from an American Attorney, is
>> whether it is legally possible to declare  a total disclaimer to breach
>> liability in the state of California, where there are data breach
>> disclosure rules.  (see the following snippet of the policy which I am
>> dubbing a web policy):
>>
>> Due to the open communication nature of the Internet, ICANN cannot
>> represent, warrant or guarantee that communications stored on ICANN servers
>> will be free from unauthorized access by third parties, loss, misuse or
>> alterations. While ICANN will take reasonable and appropriate security
>> measures to protect against unauthorized access, disclosure, alteration or
>> destruction of personal information received, ICANN DISCLAIMS ANY AND ALL
>> LIABILITY FOR UNAUTHORIZED ACCESS OR USE OR COMPROMISE OF YOUR PERSONAL
>> INFORMATION. USERS ARE ADVISED THAT THEY SUBMIT SUCH PERSONAL INFORMATION
>> AT THEIR OWN RISK.
>> I have to say this is one of the paragraphs that really put me right over
>> the top….caps included.
>> Any volunteers for this task, I am working on the three pager and the
>> basic critique of the web policy.
>> cheers steph
>> PS I have still not found the alleged staff policy, if anyone knows where
>> it is please let me know
>>
>> Kind regards,
>> Stephanie Perrin
>>
>> On 26 Mar 2014, at 1:59 pm, Stephanie Perrin <
>>> stephanie.perrin at mail.utoronto.ca> wrote:
>>>
>>> I will certainly volunteer to provide the first draft of a commentary on
>>> the “privacy policy”.  I believe I am already on the hook for that, and if
>>> folks can self identify if they have an interest in this area, we can call
>>> it a group and I will send out the marked up copy.  If people prefer to use
>>> a platform (e.g. googledocs) let us know.
>>> cheers Stephanie Perirn
>>> On Mar 26, 2014, at 1:43 AM, William Drake <william.drake at uzh.ch> wrote:
>>>
>>> Hi
>>>
>>> We have a number of folks who work on privacy policy.  Would anyone be
>>> interested in organizing a group to provide an input to ICANN on its policy
>>> regarding the collection and use of personal data?
>>>
>>> Bill
>>>
>>> Begin forwarded message:
>>>
>>> *From: *Bruce Tonkin <Bruce.Tonkin at melbourneit.com.au>
>>> *Subject: **RE: ICANN privacy policy*
>>> *Date: *March 25, 2014 at 5:15:07 PM GMT+8
>>> *To: *William Drake <william.drake at uzh.ch>
>>> *Cc: *Rafik Dammak <rafik.dammak at gmail.com>, "marie-laure Lemineur (
>>> mllemineur at gmail.com)" <mllemineur at gmail.com>, David Cake <
>>> dave at difference.com.au>, Maria Farrell <maria.farrell at gmail.com>, "
>>> magaly.pazello at gmail.com" <magaly.pazello at gmail.com>, "
>>> kdrstoll at gmail.com" <kdrstoll at gmail.com>, "Amr Elsadr (
>>> aelsadr at egyptig.org)" <aelsadr at egyptig.org>, Fadi Chehade <
>>> fadi.chehade at icann.org>, John Jeffrey <john.jeffrey at icann.org>
>>>
>>> Yes indeed - your addresses were just ones that I had to hand.
>>>
>>> Regards,
>>> Bruce Tonkin
>>>
>>>
>>> -----Original Message-----
>>> From: William Drake [mailto:william.drake at uzh.ch <william.drake at uzh.ch>
>>> ]
>>> Sent: Tuesday, 25 March 2014 5:10 PM
>>> To: Bruce Tonkin
>>> Cc: Rafik Dammak; marie-laure Lemineur (mllemineur at gmail.com); David
>>> Cake; Maria Farrell; magaly.pazello at gmail.com; kdrstoll at gmail.com; Amr
>>> Elsadr (aelsadr at egyptig.org); Fadi Chehade; John Jeffrey
>>> Subject: Re: ICANN privacy policy
>>>
>>> Hi Bruce
>>>
>>> Thanks for this.  I assume this is an open invitation that we can share
>>> with our privacy mavens who are not not on the Cc, correct?
>>>
>>> Best
>>>
>>> Bill
>>>
>>> On Mar 25, 2014, at 4:33 PM, Bruce Tonkin <
>>> Bruce.Tonkin at melbourneit.com.au> wrote:
>>>
>>> Hello All,
>>>
>>> Regarding the discussion of ICANN's use of private information in the
>>> NCSG meeting with the Board today.
>>>
>>> With respect to ICANN's policy for collection and use of personal data,
>>> we do have a published privacy policy.
>>>
>>> See:  http://www.icann.org/en/help/privacy
>>>
>>> We would welcome a review of this policy to determine if it needs to be
>>> improved.   IT was last updated in Oct 2012.
>>>
>>> Also with respect to staff/HR information etc - I will see what
>>> information is available on internal policies.
>>>
>>> Regards,
>>> Bruce Tonkin
>>>
>>>
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Ncuc-discuss mailing list
>>> Ncuc-discuss at lists.ncuc.org
>>> http://lists.ncuc.org/cgi-bin/mailman/listinfo/ncuc-discuss
>>>
>>>
>>> _______________________________________________
>>> Ncuc-discuss mailing list
>>> Ncuc-discuss at lists.ncuc.org
>>> http://lists.ncuc.org/cgi-bin/mailman/listinfo/ncuc-discuss
>>>
>>>
>>> On Mar 30, 2014, at 2:34 PM, Robin Gross <robin at ipjustice.org> wrote:
>>
>> This is an open, archived list for those wishing to develop privacy
>> policy.
>>
>> Make the most of it!
>>
>> _______________________________________________
>> Privacy mailing list
>> Privacy at ipjustice.org
>> http://mailman.ipjustice.org/listinfo/privacy
>>
>>
>>
>>
>> _______________________________________________
>> Ncuc-discuss mailing list
>> Ncuc-discuss at lists.ncuc.org
>> http://lists.ncuc.org/cgi-bin/mailman/listinfo/ncuc-discuss
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20140406/aa8cd685/attachment-0002.html>


More information about the Ncuc-discuss mailing list