Versions Compared

Old Version 6

changes.mady.by.user Caitlin Tubergen

Saved on

compared with

New Version 7

changes.mady.by.user Caitlin Tubergen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. How is the Compliance team trained on GDPR specifically?
  2. Are the metrics from Compliance based on complaints received? (Answer: yes.) Would be interested to know – prior to the GDPR, how did ICANN perform these checks?
  3. What is the status of the DPA negotiation between ICANN org and contracted parties?
  4. Is the ability for ICANN to share any of the training materials possible? (For example, it has been difficult for the group with respect to wordsmithing. If there are documents regarding clarity on these issues, it would be very helpful.)
  5. With respect to Q3, it discusses issues that are out of scope. How would a third complainant ever file a complaint regarding the accuracy of registrant data behind a P/P service? When is a compliant in scope and when is it out of scope?
  6. With respect to the engagement you are doing on the NIS2…exactly what kind of purpose are you lobbying for? How does it fit with ICANN’s controller role?  Who else do you think should be able to avail themselves of that “legitimate purpose” role to check accuracy?  Do you envisage outsourcing and how would that work?  Who are you engaging with, the EC or the DPAs?
  7. On the answer to Q21, the second to last line where includes the term “patently inaccurate” is used, how is this . How is "patently inaccurate" determined? For example, the name Mickey is an actual name. There are times where data may look fishy but it is, in fact, correct. How does ICANN org make this determination?