[NCUC-DISCUSS] ICANN privacy policy

[Amr Elsadr]

Hi Stephanie,

I think it is important to decide early on wether we are going to have separate discussions regarding ICANN’s privacy and data protection policies within their own corporate practices and within the policies developed through the GNSO impacting obligations imposed on contracted parties, or not.

The first group is focused more on privacy and data protection policies in place when using ICANN services (such as their website, email lists, etc…), the use of the online new gTLD application form and policies affecting their own human resources. The second group of is focused more on discussions relevant to domain name registration data services (whois), privacy/proxy services and data retention practices all of which are either specified, or will be specified, in the Registrar Accreditation Agreement (RAA).

I believe the EWG recommendations explore both, and I imagine that there are folks who would like to make contributions on both fronts. I bring this up because you said in your last email:

On Mar 27, 2014, at 11:04 AM, Stephanie Perrin <stephanie.perrin at mail.utoronto.ca> wrote:

> I don’t wish to stifle discussion, but the development of a privacy policy which is compliant to law is a matter which requires detailed knowledge of data protection law.  Our criticism was that the one they have does not comply, and I feel very comfortable making that assertion and going about proving it.  We should perhaps separate discussion of broader privacy issues, and the preparation of the draft.

I’m not clear on what you mean by this.

Thanks.

Amr