Re: ICANN GDPR lawsuit

[Stephen Satchell <list () satchell net>]

On 06/01/2018 09:37 AM, McBride, Mack wrote:
> For routing whois information there aren't going to be many individuals and it would seem
> that the corporations who employee individuals should be the ones protecting those individuals
> work emails by providing a generic contact email forward.  Which is good practice anyway
> since people leave and go on vacation and problems still happen.
> And the routing whois information is a lot more relevant to most of us here.

+1

Perhaps the Right Thing(SM) to do is to update the best practices
documents regarding role e-mail accounts for network operators.

1.  Add "networkmaster () example com" to the list of required role accounts.

2.  Require that e-mail sent to role "networkmaster () example com" be
accessible in some way by all technical people for the network in
question.  This can be done using a ticket system, or a simple mail
exploder.

3.  Require that e-mail sent to role account "abuse () example com" by
accessible in some way by all members of the abuse desk.  This can be
done using a ticket system, or a simple mail exploder.

4.  Require the WHOIS information specify exactly these role accounts
for TECH and ABUSE, not a person.  This gets around the GDPR
requirements while maintaining the usefulness of the WHOIS without
having to go through an intermediate party or web site.

ICANN may want to consider this idea when adjusting its contracts with
registrars to eliminate GDPR exposure.