[NCUC-DISCUSS] The new draft of China Data Security Management Regulation relating to EPDP issue

Tue May 28 05:29:06 CEST 2019

Dear NCSG colleagues,

Today, the Cyber Administration of China issues the draft of Data Security Management Regulation (DSMR), and receiving public comments. I personally believed that the DSMR could be viewed as a Chinese-version GDPR. 

I noticed that article 27 of the DSMR draft mentioned:
“Article 27.  The network service provider should evaluate the security issue /possible risk, and obtain the consent of personal information subject, before they provide the personal information to others, unless:
1) The personal information is collected through public and lawful manner and is not obviously against the willing of personal information subject;
2) The personal information is voluntarily disclosed by personal information subject;
3) The personal information has been anonymized;
4) The personal information is required by law enforcement agency;
5) The personal information is required for protecting nation security, society public interest or the life security of personal information subject.”

Obviously, ICANN could be considered as a network service provider in such article, and WHOIS service could be regarded as providing personal information to others. In addition, Intellectual property issue is not mentioned here.

I hope such information might help NCUC representatives in EPDP process. If you are interested about this draft, you might view the website of Cyber Administration of China to get the full text of this draft (Link: http://www.cac.gov.cn/2019-05/28/c_1124546022.htm). Unfortunately, the Cyber Administration of China only provided the Chinese version. 

Best regards,

--
Zhou Heng
Ph.d Candidate
Renmin University of China

-------- 转发邮件信息 --------
发件人：socata <socata at ruc.edu.cn>
发送日期：2018-06-21 19:02:24
收件人："Mueller, Milton L" <milton at GATECH.EDU>
抄送人：ncuc-discuss at lists.ncuc.org
主题：Re:Important article about Whois and accreditation
Dear Milton,

Recently, I am writing an article in Chinese about the conflict between WHOIS and GDPR, in which Your book Networks and Stats: The Global Politics of Internet Governance gives me a lots of inspiration. In addition, I believe even in different languages, I share lots of viewpoint of your proposed article Let’s talk about WHOIS accreditation – Before it’s too late.
Tomorrow, I will give a speech about this issue in a seminar hosted in the China Foreign Affairs University (You may refer to the Chinese link for further details here: http://gjfx.cfau.edu.cn/art/2018/5/4/art_1842_65690.html) to talk about my article, and I hope maybe this article may be published at a journal in China very soon. 

There are some things I hope the community may notice:
1. ICANN's intellectual property protection rules like UDRP/URS is expensive, if the rights holder could not find whether the domain name owner is a legal rights holder or not, the rights holder may lack of interest to make a move for UDRP/URS.
2. ICANN's obey to GDPR is a very very bad example; tells the whole world that a nation's law can make ICANN to change its rule with a threatening high tickets. I would not be surprise that if some other country use some local law to force ICANN to change the rule they don't like in future.
3. The interim specification is ridiculous by put GDPR as a part of regulation. There are 200 countries in the world, and all of them may propose some local laws to protect the interest or fundamental rights of their citizens. Should ICANN add all those law in the article 4.2 of the  interim regulation? 

I will keep my research in this areas, and maybe next time I will try to give an article in english to further the discussion in this topic with NCUC members.

--
Zhou Heng
Ph.d Candidate
Renmin University of China

在 2018-06-16 05:44:10，"Mueller, Milton L" <milton at GATECH.EDU> 写道：
Would urge you all to read this.
https://www.internetgovernance.org/2018/06/15/lets-talk-about-whois-accreditation-before-its-too-late/

Dr. Milton Mueller
Professor, School of Public Policy
Georgia Institute of Technology

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20190528/c9ae21e0/attachment.html>