[NCUC-DISCUSS] Data Protection and Privacy Update - ICANN Blog by Akram Atallah, Theresa Swinehart
farzaneh badii
farzaneh.badii at gmail.com
Thu Oct 19 03:15:14 CEST 2017
Farzaneh
https://www.icann.org/news/blog/data-protection-and-privacy-update
*Data Protection and Privacy Update*
[image: ata protection privacy update 753x425 18oct17 en]
There has been a lot of activity since our last update
<https://www.icann.org/news/blog/data-protection-and-privacy-progress-update-and-next-steps>
on 11 September. Here's a brief recap on where we are and a look-ahead at
upcoming activities.
On 4 October we held a webinar to discuss data protection/privacy
activities related to the European Union's General Data Protection
Regulation (GDPR)
<http://ec.europa.eu/justice/data-protection/reform/index_en.htm>. If you
missed it, we have published the presentation, audio recordings and
transcripts in multiple languages, and responses to unanswered questions on
our data protection/privacy page
<https://www.icann.org/dataprotectionprivacy>. The user story matrix can
also be found on this page.
As previously communicated, we engaged the European law firm Hamilton to
provide an independent legal analysis, that will be developed in phases.
We are pleased to note that the first part of the initial independent legal
analysis was published
<https://www.icann.org/en/system/files/files/gdpr-memorandum-part1-16oct17-en.pdf>
[PDF, 252 KB] today, which includes an appendix with the general questions
we provided to Hamilton as "food for thought" in analyzing GDPR in relation
to gTLD registration data.
This first memo focuses on potentially challenging areas with existing
requirements for registries and registrars to provide open, publicly
available WHOIS services. It provides a general overview of key concepts in
the GDPR (e.g. personal data, consent, the role of data controllers and
processers and data protection authorities, etc.) and how these concepts
relate to gTLD WHOIS services.
The memo highlights the complexity of these issues in the domain name
space, and concludes that the current open, publicly available WHOIS
services cannot remain unchanged. The WHOIS system has to become adaptable
to address the GDPR from the European perspective, as well as other
changing regulations around the world.
Since GDPR will likely effect how WHOIS data is displayed, it could impact
our ability to maintain a single global WHOIS system. In turn, this will
likely impact either ICANN's agreements or its ability to enforce
contractual compliance of its agreements using a single and consistent
approach. In the short term, we need to work together to understand the
scope of this impact and find the right balance between maintaining the
current WHOIS services and compliance with local laws.
On the engagement front we continued to interact with a range of
stakeholders to raise awareness about ICANN's privacy- and data protection-
related work. We participated in the annual international DPAs conference
<https://www.privacyconference2017.org/eng/index.html> in Hong Kong, the
European Commission's High Level Group on Internet Governance and the CENTR
General Assembly
<https://www.centr.org/events/upcoming-events/58th-centr-general-assembly.html>
in Brussels, where GDPR was a major topic of discussion. These events
provided a further opportunity to hear many perspectives and learn about
existing practices in this area.
Next up is ICANN60 <https://meetings.icann.org/en/abudhabi60>, which will
be held in Abu Dhabi, and is just around the corner. We encourage you to
attend the cross-community "General Data Protection Regulation (GDPR)
Implications for ICANN"
<https://schedule.icann.org/event/CbHj/cross-community-session-general-data-protection-regulation-gdpr-implications-for-icann>
session, which is planned for Thursday, 2 November at 10:30am local time
(UTC +4). Remote participation is offered if you can't be there in person.
*A Look Ahead*
ICANN, like many other organizations, is looking at the new regulation to
see how it is relevant and determine how best to comply with the new
framework with respect to the data we collect and process for internal and
external services, as well as the implications for the ICANN community and
its policies and procedures more widely.
As a reminder, this legal analysis is intended to serve as building block
for community discussions about how to approach GDPR issues in the domain
name space.
Here's where we need help from the multistakeholder community:
Please review the initial legal analysis and provide feedback. This
includes identifying possible questions, and how best to interact with data
protection agencies and others to get to the next step of the analysis.
It will be helpful to receive your feedback at the earliest opportunity, so
as to inform the upcoming discussions at ICANN60, and to feed into future
iterations of the legal analysis. Either reach out to us directly or email
gdpr at icann.org.
For those of you traveling to Abu Dhabi, we wish you safe travels and look
forward to seeing you in person. If you aren't making the trip, we hope you
will participate remotely.
David A. Olive
Senior Vice President
Policy Development Support
Internet Corporation for Assigned Names and Numbers (ICANN)
_______________________________________________
So-ac-sg-cleaders mailing list
So-ac-sg-cleaders at icann.org
https://mm.icann.org/mailman/listinfo/so-ac-sg-cleaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20171018/9d1a00cd/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 114436 bytes
Desc: not available
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20171018/9d1a00cd/attachment.jpg>
More information about the Ncuc-discuss
mailing list