Versions Compared

Old Version 19

changes.mady.by.user Lisa Phifer

Saved on

compared with

New Version 20

changes.mady.by.user Lisa Phifer

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

2. Review poll results: Question 8 - Publication of "raw data" for WG polls

    a. Overview of poll conclusions & "raw data" options from Survey Monkey

...

Action: Staff to request that Stephanie provide explanation of problem to be solved to the WG list to resolve this request.

     bb. Attempt to reach WG consensus on "raw data" for future WG polls

  • To be progressed on-line via WG mail 
  • Conclusion deferred to next week's meeting

 33. Review poll results: Questions 1-7 - Purposes for "thin data" collection

    a. Review of poll conclusions & comments/clarifications

    Q1 - Domain Name Certification

  • 21:3 support for WG Agreement #1 : Domain Name Certification is a legitimate purpose for "thin data" collection.
  • Noted that we are only talking about "thin data" so a lot of concerns around privacy are moot
  • There is no obligation on anyone to get an SSL cert - if you are requesting an SSL cert, you are giving CA permission to do validation using your data
  • Note that those taking CC payments are obligated by PCI compliance to get certs
  • Purposes doesn't seem self-evident to all
  • Purposes such as this one need more than "thin data" (looking only at "thin data" now to break this into smaller pieces to facilitate progress, but need to get beyond "thin data" soon)
  • Can purposes being legitimate without being a purpose of RDS? Need to consider in context of Purpose Statement.
  • Are some taking a too constrained view of purposes?
  • A useful purpose for data that already exists vs. a purpose for collection in the first place, with exception of Domain Name Control which may be self-evident
  • If anything is a purpose for collection, we must state definitely why the purpose is legitimate. What is the foundation and motivation for that purpose?
  • Reason for collection + large list of potential uses that may or may not be deemed acceptable

     Q2 - Business Domain Name Purchase or Sale

  • 21:2 support for WG Agreement #2 : Business Domain Name Purchase or Sale is a legitimate purpose for "thin data" collection.
  • No problem having this an appropriate use, but don't understand why this would be a purpose of collection

    Q3 - Academic/Public Interest DNS Research

  • 19:3 support for WG Agreement #3 : Academic / Public Interest DNS Research is a legitimate purpose for "thin data" collection.
  • Do "thin data" only really pose an issue for this purpose?

    Q4 - Regulatory and Contractual Enforcement

  • 22:2 support for WG Agreement #4 : Regulatory and Contractual Enforcement is a legitimate purpose for "thin data" collection.
  • Ditto

    Q5 - Criminal Investigation & DNS Abuse Mitigation

  • 23:1 support for WG Agreement #5 : Criminal Investigation & DNS Abuse Mitigation is a legitimate purpose for "thin data" collection.
  • Thin data seems more relevant to this purpose but does collecting for this purpose pose any risk?
  • No problem with data being used for anti-abuse but should data be collected for express purpose of being investigated for possible abuse/criminal activity?

    Q6 - Legal Actions

  • 22:3 support for WG Agreement #6 : Legal Actions is a legitimate purpose for "thin data" collection.
  • What is the distinction between purpose, collection, use?
  • Why does purpose for collection matter? How will it be applied later on?
  • May jump ahead to Privacy charter question to better understand how data protection laws define and differentiate between purpose of collection and purpose of disclosure/display

    Q7 - Individual Internet Use

  • 22:1 support for WG Agreement #7 : Individual Internet Use is a legitimate purpose for "thin data" collection.

    b. Add results to "Key Concepts Deliberation Working Draft" Section 2.2.2

...

Meeting materials: