Amr Elsadr: (6/28/2017 08:29) Welcome to the GNSO Next-Generation gTLD Registration Directory Services (RDS) PDP Working Group Face-to-Face meeting at ICANN 59
 Amr Elsadr: (08:30) My name is Amr Elsadr and I will be monitoring this chat room. In this role, I am the voice for the remote participants, ensuring that they are heard equally with those who are “in-room” participants. Please note that I will only be able to read your comment/question within the time set by the Chair of this session
 Amr Elsadr: (08:31) The chat rooms are the virtual meetings’ for everyone, in-room and remote. When submitting a question that you want me to read out loud on the mic,  please start with a <QUESTION> and end with a “</QUESTION>”. Text outside these quotes will be considered as part of “chat” and will not be read out loud on the mic
 Amr Elsadr: (08:31) Please note that chat sessions are being archived and follow the ICANN Expected Standards of Behavior: https://urldefense.proofpoint.com/v2/url?u=http-3A__www.icann.org_en_news_in-2Dfocus_accountability_expected-2Dstandards&d=DwIFaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=DZVUAuc1juldSXNq8YmDoadUOY0MfYdjlopAUQyOxRQ&m=BXqe09yO4eAWzw4aJZPkflmpvLOrloGsi2fGnuaMiyI&s=l0F4LMXyn4tmugui8VPm8TnYDkqwa3lolqGuZ4MgV3I&e= 
 Amr Elsadr: (08:33) More remote participation details for this week's meetings can be found here: https://community.icann.org/x/lATfAw
 Matthias Pfeifer .berlin: (08:34) good morning all
 Juan Manuel Rojas: (08:36) Good morning everyone
 Fabricio Vayra: (08:36) Good morning
 wseltzer: (08:38) and if you have gotten
 Lisa Phifer: (08:39) Slides may be downloaded from the meeting agenda page: https://community.icann.org/x/lATfAw 
 wseltzer: (08:39) online, don't forg to mute 
 Michael R. Graham: (08:39) @Chuck -- Yes, there are a few of us!
 Lisa Phifer: (08:41) Good morning all
 Amr Elsadr: (08:45) The chat rooms are the virtual meetings’ for everyone, in-room and remote. When submitting a question that you want me to read out loud on the mic,  please start with a <QUESTION> and end with a “</QUESTION>”. Text outside these quotes will be considered as part of “chat” and will not be read out loud on the mic
 Terri Agnew: (08:49) for those in Ballroom2 , regarding power issue, we are getting an electrician in the room to fix 
 neil schwartzman: (08:56) power's back
 Fabricio Vayra: (09:18) +1 Greg
 Amr Elsadr: (09:21) Responses from ccTLDs will be posted on the wiki as they come in: https://community.icann.org/display/gTLDRDS/ccTLD+Registry+Operators%27+Responses+to+Questions+on+Privacy%252C+Data+Protection+and+the+GDPR
 Matthias Pfeifer .berlin: (09:29) is the slide online to download?
 Lisa Phifer: (09:30) Slides may be downloaded from the meeting agenda page: https://community.icann.org/x/lATfAw
 Matthias Pfeifer .berlin: (09:31) Thank you Lisa
 Edmon: (09:33) it may not always be able to distinguish between legal/natural person
 Edmon: (09:33) especially from existing data
 Susan Kawaguchi: (09:34) but if a registrant self identifies as a Legal person then we will have to treat the data differently than as a natural person
 Edmon: (09:34) hm existing data do not allow us to figure that out though
 Edmon: (09:34) so it may not be operationally feasible?
 Alex Deacon: (09:35) there is  a subset of registrations that are clearly associated with legal persons.  
 Ayden Férdeline: (09:35) Just a question for the Adobe Connect room -- I noticed on slide 19 that there was a field, “Registry Registant ID”. I was wondering what this was, is it unique to each domain name or is it unique to each customer? If it is the latter, why is it not registrar-registrant contract information? Why would it need to be public?
 Edmon: (09:35) we could mandate future registrations for gtlds to have to self identify i guess... but that is another burden for registration i guess
 Fabricio Vayra: (09:36) makes sense, Rod. Thanks.
 Susan Kawaguchi: (09:37) but wouldn't the overall set of data elements be what is colllected and displayed for a legal person?  
 Rod Rasmussen: (09:38) @Susan - probably - there may be some interesting corner cases though.
 Matthias Pfeifer .berlin: (09:38) Edmon: Registrars already check idendity - at least for billing maters
 Susan Kawaguchi: (09:38) Currently most entities self identify in the registrant field by indicating their legal name 
 Christopher Wilkinson (CW): (09:39) <Comment>   I understand that there are necessary distinctions between Legal/Commercial/Personal data subjects, but the priority now should be the personal data for individuals. The deadline for conformity with GDPR in and for EU individuals is rather short. L'ets get thirght first, soon. <Comment>
 Christopher Wilkinson (CW): (09:40) Lets get that right first, soon.
 Alan Woods: (09:46) no ... lol you are hidden behind the lady to her right
 Alan Woods: (09:47) oops ... erronoeus post .. apologies 
 Fabricio Vayra: (09:47) @Rod - Rules engine
 Fabricio Vayra: (09:47) +1 Rod on process
 Alex Deacon: (09:49) +1 Susan
 Susan Kawaguchi: (09:56) self identified registrants as entities is a different discussion than looking at commercial activity on a website using that domain name registration 
 Michele Neylon: (09:57) Susan - yes
 Susan Kawaguchi: (09:57) I am not advocating entering into the commercial discussion 
 Michele Neylon: (09:57) I wasn't saying you were 
 Michele Neylon: (09:57) but someone else did :)
 Michele Neylon: (09:57) /me looks at Mr Aaron
 Susan Kawaguchi: (10:01) +1 Alex
 Alex Deacon: (10:01) I don't believe the PPSAI debate (and result) is relevant to the current discussion.    its different. 
 Michael R. Graham: (10:02) @Alex -- Agree.
 Susan Kawaguchi: (10:02) +1 Alex, this would not be a discussion about commercial activity.  PPSAI discussion is completely different.  And we have a duty to adhere to applicable law on how we treat the data 
 Amr Elsadr: (10:02) Reminder: The chat rooms are the virtual meetings’ for everyone, in-room and remote. When submitting a question that you want me to read out loud on the mic,  please start with a <QUESTION> and end with a “</QUESTION>”. Text outside these quotes will be considered as part of “chat” and will not be read out loud on the mic
 Vicky Sheckler: (10:03) agree with Alex - PPSAI discussion was about when/who can use p/p services, not about implications on whois
 Susan Prosser: (10:03) Agree @Alex
 Fabricio Vayra: (10:03) +1 Alex - two different discussions entirely
 Matthias Pfeifer .berlin: (10:03) ++
 Greg Shatan: (10:03) +1 Alex. PPSAI was a different context and a discussion for a different purpose.
 Lisa Phifer: (10:03) •    Proposal: Concentrate on the superset of data elements that may be collected and possibly displayed in the RDS.
 wseltzer: (10:03) agree with Rod
 Michele Neylon: (10:03) not really - it was about whois
 Fabricio Vayra: (10:04) @Michele - Casting the net wide, eh?
 Susan Kawaguchi: (10:04) it was about commercial activity on a website not legal person 
 Greg Shatan: (10:04) It was about the availability of privacy/proxy services.
 Greg Shatan: (10:04) It was about the Internet.
 Greg Shatan: (10:04) Maybe that's too wide....
 Fabricio Vayra: (10:04) +1 Rod -- using recent decisions and not recreating the wheel makes sense
 Fabricio Vayra: (10:06) +1 Susan
 Volker Greimann: (10:10) Is this the first time we have full consensus on anything in this group?
 Fabricio Vayra: (10:11) Can I nap here on the East coast while you break?
 Susan Kawaguchi: (10:13) @ Fab yes, we will wake you up when we return 
 Michael R. Graham: (10:14) Have to return to regularly scheduled west coast activities.  Thanks all.
 Fabricio Vayra: (10:14) @Susan -- Just say something loud
 Chris Pelling: (10:16) here you in adobe
 Edmon: (10:16) we can
 Lisa Phifer: (10:39) When we resume, we will be using this new handout: https://community.icann.org/download/attachments/64947348/Data Elements Handout.pdf 
 Amr Elsadr: (10:42) Welcome back to the GNSO Next-Generation gTLD Registration Directory Services (RDS) PDP Working Group Face-to-Face meeting at ICANN 59.
 Amr Elsadr: (10:42) The chat rooms are the virtual meetings’ for everyone, in-room and remote. When submitting a question that you want me to read out loud on the mic,  please start with a <QUESTION> and end with a “</QUESTION>”. Text outside these quotes will be considered as part of “chat” and will not be read out loud on the mic
 Fabricio Vayra: (10:52) +1
 Fabricio Vayra: (10:53) 2013
 Alan Woods: (10:57) <comment> making something opt in / consent does not justify inclusion, if it is completely unnecessary for the purpose (i.e. the regsitration of a domain name) Under Data Minimization things like social media details - regardless if they 'could be used' still should not even be an option. </comment>
 Fabricio Vayra: (10:58) EWG had a purpose statement -- penned by Stephanie
 Fabricio Vayra: (10:58) The use cases were vetted against that purpose statement
 Fabricio Vayra: (10:59) +1 Chuck
 Fabricio Vayra: (11:02) Holy conflation!  can we pls stick to the task at hand?
 Alex Deacon: (11:02) @stephanie - sounds like an implementation topic....
 Matthias Pfeifer .berlin: (11:03) bute the question is still serious
 Lisa Phifer: (11:03) "MPDS" = minimum public data set, apologies for not expanding acronym in slides shown
 Kathy Kleiman: (11:08) Tx you, Chuck
 allison nixon: (11:13) e-mail is still unavoidable nowadays, you cant create online accounts without having one
 allison nixon: (11:13) nor phone number, for many services
 neil schwartzman: (11:14) whatsapp doesn't need email does it?
 Kathy Kleiman: (11:15) One generalized form of contact 
 Kathy Kleiman: (11:15) Support Francisco
 Kathy Kleiman: (11:15) Quick note: as currently drafted, the alternate contact forms are optional, but don't change the mandatory form.
 Matthias Pfeifer .berlin: (11:15) the acebook account does?
 Vicky Sheckler: (11:22) @stephanie - data element alone isn't reason by itself to determine how/can that data element can be used
 Justine Chew: (11:27) <COMMENT> But all registry operators will also be subject to their own personal data protection rules, so they should not be doing anything that would contradict those rules</COMMENT>
 Fabricio Vayra: (11:33) <COMMENT> Can we pls stay on the task at hand?
 wseltzer: (11:34) re extra data fields such as credit score, do we want to impose on all the users of the system the cost of passing these elements around?
 Amr Elsadr: (11:35) @Fabricio: Do you want me to read that out for you?
 Fabricio Vayra: (11:35) @Amr, yes pls.
 Matthias Pfeifer .berlin: (11:35) Justine's Comment should be read now
 Fabricio Vayra: (11:35) We are so far off what we said we'd do here
 Susan Kawaguchi: (11:35) in the credit score example that is an opt in and the target registrant sees the value of having their credit score public.  Truly a cultural different point of view 
 Matthias Pfeifer .berlin: (11:36) most registrars use post-payment..
 Matthias Pfeifer .berlin: (11:36) *nTLD Registries
 Justine Chew: (11:36) <COMMENT>We are talking about minimum data elements from ICANN's perspective, are we not?</QUESTION><COMMENT>Anything outside ICANN's remit is not within ICANN's remit!</COMMENT>
 allison nixon: (11:36) if someone registers a dot-credit-score domain they aren't exactly going to be shocked and surprised at the result
 Volker Greimann: (11:36) not really. Pre-payment by customers is king
 Matthias Pfeifer .berlin: (11:37) mhm. dont we talk about te Registrars credit score?
 wseltzer: (11:39) OT: I'm talking about overheads of expanding the database beyond necessary  purpose
 Limei Liu 2: (11:40) (Comment) Given the existence of IDN gTLDs, we might need the Language of the Domain Name as the Data Element?
 Justine Chew: (11:41) <QUESTION>Will this list ultimately go through translation and transliteration processes?</QUESTION>
 Fabricio Vayra: (11:42) Thnx Amr
 Vicky Sheckler: (11:42) @kathy - completely disagree with you  for purposes we discussed yesterday, a physical address is necessary
 Alex Deacon: (11:43) FWIW RDAP supports language tags.
 Matthias Pfeifer .berlin: (11:45) depends on which party is asked
 Matthias Pfeifer .berlin: (11:45) as a registry, we would just need an ID, because our customer is the registrar
 Amr Elsadr: (11:45) @Justine: I'll read your question, but note that the answer is yes. Both the T/T recommendations and the IRD WG final report are included in the background documents for this PDP found here: https://community.icann.org/x/R4xlAw
 Justine Chew: (11:47) @Amr, that's fine, thanks for the reply. I trust the WG knows the answer. Perhaps guests might not.
 wseltzer: (11:47)  note: we should do cost-benefit analysis on all of this later
 Amr Elsadr: (11:47) @Justine: So I should still read your question, correct?
 Kal Feher: (11:48) agree with James insofar as handles and nicknames work just fine for identification in other technical services
 Justine Chew: (11:48) @Amr, not necessary, since chat will be part of the transcript.
 Amr Elsadr: (11:48) OK, thanks for confirming.
 Kal Feher: (11:51) We might be conflating data collected for RDS and data collected by the Registrar so they can do their business.
 Kathy Kleiman: (11:52) +1 Michele 
 allison nixon: (11:52) +1 vicky
 Kathy Kleiman: (11:53) RDS as an externally accessible system
 Vicky Sheckler: (11:55) @kathy - this is not a questio of how/when data is accessed, but whether it is in the database at all
 neil schwartzman: (11:56) +1,000,000 @vicky
 Vittorio Bertola: (11:56) Er, privacy is exactly about being able to communicate without revealing who you are...
 Fabricio Vayra: (11:56) +1 Vicky (to last two comments)
 allison nixon: (11:56) very much agree with vicky. registrants should be educated about taking responsibility for what data they disclose. no one is being tricked to disclose their PII
 allison nixon: (11:57) and we need to be able to figure out who we are dealing with on the internet
 Bradley Silver: (11:57) +1 @Vicky
 wseltzer: (11:57) -1 to overinclusion. that externalizes the costs to everyone else
 Ayden Férdeline: (11:57) Allison, if a registrant is forced to disclose their name in order to purchase a domain name, and there is no way of opting out, the consent is not meaningful.
 allison nixon: (11:58) ayden they can disclose a different name or use whois privacy
 allison nixon: (11:58) no one is forced
 Ayden Férdeline: (11:58) I presume we would want accurate records, if we determine we need a replacement to WHOIS.
 Ayden Férdeline: (11:58) But that is a conversation for the future.
 Justine Chew: (11:58) +1 Greg
 Fabricio Vayra: (11:58) +1 Greg
 Vittorio Bertola: (11:58) "Whois anonymization services" are not a solution because privacy laws say that you have the right not to provide your information, not that you are required to give it but you can pay extra money to have someone else listed in your place.
 allison nixon: (11:59) whois anonymization services should be free
 Volker Greimann: (11:59) Greg: I was not saying we should get rid of this field, I just said we have no business purpose to collect it
 Vittorio Bertola: (11:59) Even if they were free, that would be better but still wouldn't meet the legal requirements in Europe.
 allison nixon: (12:00) the customer can use someone else's name. nowhere is it required that the billing data is equal to the whois data
 Lisa Phifer: (12:00) stion: How many of you are comfortable with the five data elements listed: Registrant Name/Org, Type, Contact ID, Contact Validation Status, Last Updated TS
 Lisa Phifer: (12:00) That was Question
 Volker Greimann: (12:01) wow, time flies when you are having fun
 Vittorio Bertola: (12:01) Allison, doesn't ICANN say that either your data are true or your domain should be cancelled? It's curious to build a new system by suggesting that people should lie, that's not a proper solution to me.
 allison nixon: (12:01) using another name doesn't mean you lie
 allison nixon: (12:01) =maybe i will use my lawyer's name
 Volker Greimann: (12:01) mark me down as undecided for ID, positive for the others
 allison nixon: (12:02) or some other consenting proxy
 neil schwartzman: (12:02) which privacy laws say that you may redact your name to register a domain?  as vicky has said 'accountability'.
 Vittorio Bertola: (12:02) That's not what privacy laws say. You have the right to withdraw your name completely and not provide another one, unless there is some legal requirement that you disclose it for the public interest (I'm really simplifying it).
 neil schwartzman: (12:02) I'd like to say this was fiun.  neil out.
 allison nixon: (12:03) well it is in the public interest, plenty of evidence for that
 Fabricio Vayra: (12:03) Thanks, all.
 Vittorio Bertola: (12:03) Neil, it's the opposite. Privacy laws say that you can only be asked for the minimum amount of data that is strictly necessary.
 Vittorio Bertola: (12:03) Allison, it's not you or me that decide that, it's the competent authorities (the DPAs) and/or the Parliaments when passing a law. Not ICANN for sure.
 Vittorio Bertola: (12:03) (Though I do see a reason for that, I'd not be opposed to keeping at least the name public)
 Fabricio Vayra: (12:03) Agree with Chuck, not enough to run a poll
 allison nixon: (12:04) im not the only person making that argument
 allison nixon: (12:04) if social media as a concept is allowed to exist i fail to see why whois is so sensitive
 Amr Elsadr: (12:05) The GNSO Next-Generation Registration Directory Services (RDS) PDP Working Group face-to-face meeting at ICANN 59 has now ended. Thank you for you participation.
 Vittorio Bertola: (12:05) Do I have to publish my home address on Facebook?!?
 allison nixon: (12:05) can we join icann working groups anonymously
 wseltzer: (12:05) big difference between voluntary and involuntary i, for one
 Volker Greimann: (12:05) I know many people who post on Facebook with assumed identities