Page History
...
For other times: https://tinyurl.com/y2rojs4h
Info |
---|
PROPOSED AGENDA
Confirmed EPDP-Legal Team members
*During ICANN65, Janis proposed Leon to chair the Phase 2 Legal Committee calls. Leon agreed to serve as the chair, and no EPDP Team Members registered their objection. 2. Review Legal Committee Process and Working Methods a) Similar to the Phase 1 Legal Committee, if the EPDP Team identifies questions it believes are legal in nature, the Phase 2 Legal Committee will vet the questions to determine:
b) Meetings of the Phase 2 Legal Committee will be open to all EPDP Team members, but only appointed members will be invited to speak. Appointed members unable to attend meetings may appoint an alternate to speak during the meeting. c) Ultimate determinations of the Phase 2 Legal Committee will be shared and signed off with the EPDP Team before questions are sent to Bird & Bird. d) Questions/Concerns? 3. Substantive Review of Priority 1 Legal Questions Submitted to Date a) The Phase 2 Legal Committee will begin its review of questions submitted for Priority 1 items, i.e., questions submitted for SSAD.
b) Substantive review of SSAD questions 4. Wrap and confirm next meeting to be scheduled a) Confirm action items For ease of reference, please find the SSAD questions submitted to date below:
2. Answer the controllership and legal basis question for a system for Standardized Access to Non-Public Registration Data, assuming a technical framework consistent with the TSG, and in a way that sufficiently addresses issues related to liability and risk mitigation with the goal of decreasing liability risks to Contracted Parties through the adoption of a system for Standardized Access (Suggested by IPC) 3. Legal guidance should be sought on the possibility of an accreditation-based disclosure system as such. (Suggested by ISPCP) 4. The question of disclosure to non-EU law enforcement based on Art 6 I f GDPR should be presented to legal counsel. (Suggested by ISPCP) 5. Can a centralized access/disclosure model (one in which a single entity is responsible for receiving disclosure requests, conducting the balancing test, checking accreditation, responding to requests, etc.) be designed in such a way as to limit the liability for the contracted parties to the greatest extent possible? IE - can it be opined that the centralized entity can be largely (if not entirely) responsible for the liability associated with disclosure (including the accreditation and authorization) and could the contracted parties’ liability be limited to activities strictly associated with other processing not related to disclosure, such as the collection and secure transfer of data? If so, what needs to be considered/articulated in policy to accommodate this? (Suggested by GAC) 6. Within the context of an SSAD, in addition to determining its own lawful basis for disclosing data, does the requestee (entity that houses the requested data) need to assess the lawful basis of the third party requestor? (Question from ICANN65 from GAC/IPC) BACKGROUND DOCUMENTS |
Info | ||
---|---|---|
| ||
Audio Recording Zoom Recording Chat Transcript |
...