Versions Compared

Version Old Version 17 New Version Current
Changes made by

Lisa Phifer

Aleksey Khapchenko

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Fix links.

...

6. Confirm next meeting date: Tuesday 14 February 2017 at 17.00 UTC

 

Attendance

Apologies: Geoffrey Noakes, Patrick Lenihan, Sara Bockey(tentative), Michael Neylon, Vicky Sheckler

Dial outs:  Daniel Nanghaka, Harold Arcos, Holly Raiche, Lawrence Olawale-Roberts

Mp3

AC Chat

Transcript


Notes from Next-Gen RDS PDP WG call on Tuesday, 7 February 2017

...

Presentation by Peter Kimpian

  • See slides at https://icann-community.icannatlassian.orgnet/wiki/download/attachments/64064540101516741/Kimpian_pdp_rds_2_2_17.pdf
  • Right to privacy is a universal right, even if it is interpreted differently in different countries.
  • Individuals have to be in control of their personal data (the whole trail of data). Overarching principles: necessity, proportionality, purpose specification / purpose limitation.
  • For data processing there has to be a legitimate aim/purpose. Lawful and fair means of data processing. Lawful = it has to be regulated and/or not forbidden by legislation.
  • Valid legal basis (law, consent, contract, vital interest of the individual). This concept is also present in other legal frameworks, not only the European one.
  • Data processing needs to be adequate, relevant and not excessive.
  • Data minimization principle: no processing of data for the sake of data, only for a purpose. During the processing, the data controller has the obligation to process the minimum amount of data that is fit for purpose.
  • There are a number of exemptions (see slide 4). Always conditions to these exemptions. Need to establish criteria under which such exemptions are permissible.
  • Disclosure of data (slide 5) - same rules apply as for processing, however there is a third party that enters into the picture using the data for a secondary purpose.
  • Accountability (slide 6) - data controller is accountable for upholding data protection principles.

...

  • Session is planned on 13 March in Copenhagen during which data protection commissioners will debate these topics. Objective to have a better understanding of how privacy principles are interpreted by authorities and legislators.

3. Begin deliberation on the Privacy charter question, starting with the following: (see  meeting handout)

  • Question 4.1 (revised): For thin data only -- Do existing gTLD registration directory services policies sufficiently address compliance with applicable data protection, privacy, and free speech laws about purpose? If not, what requirements might those laws place on RDS policies regarding purposes associated with thin data?
  • See comments made under agenda item 2: Q&A

4. Information on planned dates for the RDS PDP WG meetings in Copenhagen:

...