[NCUC-DISCUSS] The new draft of China Data Security Management Regulation relating to EPDP issue

Martin Pablo Silva Valent mpsilvavalent at gmail.com
Wed May 29 21:15:58 CEST 2019 

Thank you Zhou Heng for the email. It is very interesting. 

Hope to see you in the next meetings.

Best of all from Argentina,


Martin Silva Valent

mpsilvavalent at gmail.com

Partner | Silva.legal
martin at silva.legal

Director | Dat.as
martin.silva at dat.as

Skype ID: mpsilvavalent
Tel: +5491164993943
Libertador 5990, Off. 406
Buenos Aires, Argentina.

Este email, incluyendo adjuntos, podría contener información  confidencial protegida por ley y es para uso exclusivo de su destinatario. Si  Ud. no es el destinatario, se le advierte que cualquier uso, difusión, copia o  retención de este email o su contenido está estrictamente prohibido.  Si Ud.  recibió este email por error, por favor avise inmediatamente al remitente por  teléfono o email y borre el mismo de su computadora. / This  e-mail, including any attachments, may contain information that is protected by  law as privileged and confidential, and is transmitted for the sole use of the  intended recipient. If you are not the intended recipient, you are hereby  notified that any use, dissemination, copying or retention of this e-mail or the  information contained herein is strictly prohibited. If you have received this  e-mail in error, please immediately notify the sender by telephone or reply  e-mail, and permanently delete this e-mail from your computer system. 

> On May 28, 2019, at 12:29 AM, Zhou Heng <socata at ruc.edu.cn> wrote:
> 
> Dear NCSG colleagues,
>  
> Today, the Cyber Administration of China issues the draft of Data Security Management Regulation (DSMR), and receiving public comments. I personally believed that the DSMR could be viewed as a Chinese-version GDPR. 
>  
> I noticed that article 27 of the DSMR draft mentioned:
> “Article 27.  The network service provider should evaluate the security issue /possible risk, and obtain the consent of personal information subject, before they provide the personal information to others, unless:
> 1) The personal information is collected through public and lawful manner and is not obviously against the willing of personal information subject;
> 2) The personal information is voluntarily disclosed by personal information subject;
> 3) The personal information has been anonymized;
> 4) The personal information is required by law enforcement agency;
> 5) The personal information is required for protecting nation security, society public interest or the life security of personal information subject.”
>  
> Obviously, ICANN could be considered as a network service provider in such article, and WHOIS service could be regarded as providing personal information to others. In addition, Intellectual property issue is not mentioned here.
>  
> I hope such information might help NCUC representatives in EPDP process. If you are interested about this draft, you might view the website of Cyber Administration of China to get the full text of this draft (Link: http://www.cac.gov.cn/2019-05/28/c_1124546022.htm <http://www.cac.gov.cn/2019-05/28/c_1124546022.htm>). Unfortunately, the Cyber Administration of China only provided the Chinese version. 
>  
> Best regards,
> 
> --
> Zhou Heng
> Ph.d Candidate
> Renmin University of China
> 
> -------- 转发邮件信息 --------
> 发件人:socata <socata at ruc.edu.cn <mailto:socata at ruc.edu.cn>>
> 发送日期:2018-06-21 19:02:24
> 收件人:"Mueller, Milton L" <milton at GATECH.EDU <mailto:milton at GATECH.EDU>>
> 抄送人:ncuc-discuss at lists.ncuc.org <mailto:ncuc-discuss at lists.ncuc.org>
> 主题:Re:Important article about Whois and accreditation
> Dear Milton,
> 
> Recently, I am writing an article in Chinese about the conflict between WHOIS and GDPR, in which Your book Networks and Stats: The Global Politics of Internet Governance gives me a lots of inspiration. In addition, I believe even in different languages, I share lots of viewpoint of your proposed article Let’s talk about WHOIS accreditation – Before it’s too late.
> Tomorrow, I will give a speech about this issue in a seminar hosted in the China Foreign Affairs University (You may refer to the Chinese link for further details here: http://gjfx.cfau.edu.cn/art/2018/5/4/art_1842_65690.html) <http://gjfx.cfau.edu.cn/art/2018/5/4/art_1842_65690.html),> to talk about my article, and I hope maybe this article may be published at a journal in China very soon. 
> 
> There are some things I hope the community may notice:
> 1. ICANN's intellectual property protection rules like UDRP/URS is expensive, if the rights holder could not find whether the domain name owner is a legal rights holder or not, the rights holder may lack of interest to make a move for UDRP/URS.
> 2. ICANN's obey to GDPR is a very very bad example; tells the whole world that a nation's law can make ICANN to change its rule with a threatening high tickets. I would not be surprise that if some other country use some local law to force ICANN to change the rule they don't like in future.
> 3. The interim specification is ridiculous by put GDPR as a part of regulation. There are 200 countries in the world, and all of them may propose some local laws to protect the interest or fundamental rights of their citizens. Should ICANN add all those law in the article 4.2 of the  interim regulation? 
> 
> I will keep my research in this areas, and maybe next time I will try to give an article in english to further the discussion in this topic with NCUC members.
> 
> --
> Zhou Heng
> Ph.d Candidate
> Renmin University of China
> 
> 在 2018-06-16 05:44:10,"Mueller, Milton L" <milton at GATECH.EDU <mailto:milton at GATECH.EDU>> 写道:
> Would urge you all to read this. 
> https://www.internetgovernance.org/2018/06/15/lets-talk-about-whois-accreditation-before-its-too-late/ <https://www.internetgovernance.org/2018/06/15/lets-talk-about-whois-accreditation-before-its-too-late/>
>  
> Dr. Milton Mueller
> Professor, School of Public Policy
> Georgia Institute of Technology
>  
>  
>  
> 
> 
> 
> _______________________________________________
> Ncuc-discuss mailing list
> Ncuc-discuss at lists.ncuc.org <mailto:Ncuc-discuss at lists.ncuc.org>
> https://lists.ncuc.org/cgi-bin/mailman/listinfo/ncuc-discuss <https://lists.ncuc.org/cgi-bin/mailman/listinfo/ncuc-discuss>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncuc.org/pipermail/ncuc-discuss/attachments/20190529/f7b22b81/attachment.html>

More information about the Ncuc-discuss mailing list