2017-05-30 Next Gen RDS PDP Working Group

Notes RDS PDP WG Meeting 

These high-level notes are designed to help PDP WG members navigate through the content of the call and are not meant as a substitute for the transcript and/or recording. The MP3, transcript, and chat are provided separately and are posted on the wiki here.

1) Roll Call/SOI Updates

• Attendance will be taken from AC
• Please remember to state your name before speaking and remember to mute your microphones when not speaking
• SOI updates: none

2) Complete deliberation on the charter question: What steps should be taken to control "thin data" access?

a) Review poll results – see AnnotatedResults-Poll-from-23MayCall.pdf

Q3) minimum data set of "thin data" elements

• Guiding principle based on EWG principle #41
• Most prefer or could live with option a):
• "A minimum set of "thin data" elements must be accessible by unauthenticated RDS users."
• Is the word "minimum" really needed?
• Does "minimum set" or "defined set" have other implications?
• Noted that we still need to define the minimum set of data elements needed
• Proposed alternative redux: At least a defined set of "thin data" elements must be accessible by unauthenticated RDS users.

Proposed WG Agreement (to be confirmed by poll): At least a defined set of "thin data" elements must be accessible by unauthenticated RDS users.

Q5) & Q4) purposes for "thin data" access

• Guiding principle based on EWG principle #45
• Refer to comments 5-8 in poll results
• Must the data elements have a stated purpose, or must the requestor state a purpose when querying the data?
• Note previous agreements: WG Agreement #2: Every "thin data" element should have at least one legitimate purpose; and WG Agreement #3: Every existing "thin data" element does have at least one legitimate purpose for collection.
• Most prefer or could live with option b): To deter misuse and promote accountability, RDS policy must state purpose(s) for public access to "thin data."
• Even though this is not nominative data, the data could be construed to be personal and therefore you need to specify purpose(s) for collection and access - data collectors will be held accountable for using data consistent with those purpose(s)

Proposed WG Agreement (to be confirmed by poll): "RDS policy must state purpose(s) for public access to "thin data."

Q4) non-discriminatory "thin data" access

• Guiding principle based on EWG principle #44
• Note: Option a) results s/b 19 - 4 = 15 (typo)
• Comments 1-4 pertain to the concept of providing non-discriminatory access
• What is intended by non-discriminatory access? Equal access? Access to RDS services/data that doesn't differ by quantity, quality, in an unfair manner that favors one requestor over another
• This EWG principle was to discourage tiered access - that is, those who pay more (or have more power) should not get more access (faster, broader)
• Does non-discriminatory access prevent anti-abuse measures to slow/block requestors who are abusing the system or data?
• Alternative proposal: "RDS access to "thin data" must be non-discriminatory access for all permissible uses"
• For consistency with other agreements that should probably be "legitimate purposes" not permissible uses
• Would it be helpful to add "from a policy perspective" to eliminate the technical issue, that we have no control over, from the agreement?
• How would access to "thin data" for legitimate purposes be verified?
• "RDS policies for access to "thin data" must be non-discriminatory for all legitimate purposes" received support with some opposition
• Defer discussion on this poll question until the leadership team can propose a way forward on Q4

Q6) other principles for "thin data" access

• Poll indicated no additional principles were needed at this time, with one exception: a proposed principle on proportionality (see Coupet comment)
• Further explanation on "proportionality" as a principle on access to "thin data": Thought it would be best to include this principle as soon as possible, since it is central to the GDRP, and not wait until later
• Possible principle? Data that is not absolutely necessary for a query should not be shared

Action Item: Nathalie Coupet and any other WG members who wish to do so to propose to the WG list a new principle on proportionality for "thin data." All WG members to comment on that proposed principle in advance of next call.

Action Item: Staff to prepare poll confirming the two proposed WG Agreements listed above (Q3 and Q5). All WG members to participate in poll no later than COB Saturday 3 June.

b) Proposal from Rod Rasmussen and Vaibhav Aggarwal on what "unreasonably restrict legitimate access" means in Proposed WG Agreement #21:

There must be no RDS policies that prevent RDS operators from applying operational controls such as rate limiting and CAPTCHA, provided that they do not unreasonably restrict legitimate access."

• Some progress made looking at current policy that has already been implemented (current status quo)
• Plan to identify other areas where application of operational controls are done, to compare to how this might be applicable to RDS policy
• Documentation available on similar issues within the ICANN space

Action Item: Rod Rasmussen and Vaibhav Aggarwal to complete action assigned during 17 May call and distribute in advance of next WG call, so that WG may reach closure on Proposed WG Agreement #21 as shown above.

3) Review poll results for Q2) Data of Record

• Poll results show a modest preference for option b):
  Data set that, at a given time, is asserted to match data as acquired at the point of origin.
• Deferred to next WG call

4) Updates

a) Legal review

• Staff has been reaching out to experts to perform an independent analysis of the WG’s previously-developed questions on data protection and privacy law application to RDS
• Information requested included expected costs and timeframe for delivery of answers to questions. Staff has already received some information, and is awaiting more information, to be shared with the leadership team, in order to select and engage experts to conduct this analysis
• There is advantage in using FY17 funds for this project, as some funds are already available, and allows for further follow-up or additional analysis using FY18 funds
• Need to decide quickly to take advantage of FY17 funds, and also to provide expert responses in advance of the WG’s target for starting its first initial report for Phase 1
• Should a revision of the questions asked of the data protection experts be done prior to sending to the independent experts?
• In the short-term, the leadership team will coordinate bringing the experts on board, and will communicate updates to the WG

b) ICANN59 planning

• AC room poll to determine whether it would be acceptable to switch ICANN59 F2F meeting slots with the new gTLD Subsequent Procedures PDP WG, at their request
• If agreed, instead of Tuesday am 27 June, the RDS PDP WG would meet F2F Wednesday am 28 June
• AC room poll indicated just one person would be negatively impacted by this change of date

Action Item: Staff to send a Doodle poll regarding this request to change meeting slots with the new gTLD Subsequent Procedures PDP WG at ICANN59, moving our F2F meeting from 27 June to 28 June

5) Confirm action items and proposed decision points

• Proposed WG Agreement (to be confirmed by poll): At least a defined set of "thin data" elements must be accessible by unauthenticated RDS users.
• Proposed WG Agreement (to be confirmed by poll): "RDS policy must state purpose(s) for public access to "thin data."
  
  
• Action Item: Nathalie Coupet and any other WG members who wish to do so to propose to the WG list a new principle on proportionality for "thin data." All WG members to comment on that proposed principle in advance of next call.
• Action Item: Staff to prepare poll confirming the two proposed WG Agreements listed above (Q3 and Q5). All WG members to participate in poll no later than COB Saturday 3 June.
• Action Item: Staff to send a Doodle poll regarding this request to change meeting slots with the new gTLD Subsequent Procedures PDP WG at ICANN59, moving our F2F meeting from 27 June to 28 June

6) Confirm next meeting date: 6 June 2017 at 16:00 UTC

Meeting Materials

• KeyConceptsDeliberation-WorkingDraft-31May2017.pdf and doc (updated to reflect call results) 

23 May Call Poll Results -

• PDF of Poll Questions: Poll-from-23MayCall.pdf
• Annotated Poll Results: AnnotatedResults-Poll-from-23MayCall.pdf (for display during call)
• SurveyMonkey Summary Poll Results: SummaryResults-Poll-from-23MayCall.pdf
• SurveyMonkey Raw Data Poll Results: RawDataResults-Poll-from-23MayCall.zip and XLS

30 May Call Poll -

• Link to participate: POLL CLOSED @ COB 3 June
• PDF of Poll Questions: Poll-from-30MayCall.pdf
• Poll Results: to be discussed at 6 June RDS PDP meeting