[IRPCoalition] Fwd: [cc-humanrights] Another rights-related law becomes applicable to ICANN?
Marianne Franklin
m.i.franklin at gold.ac.uk
Thu Jul 5 18:48:40 EEST 2018
Dear IRPC List members
See below for a forwarded message with regard to how US states are
interpreting the GDPR that came into force in the EU end of May.
Thanks Collin for the update and access to ICANN-Related implications
best wishes
MF
-------- Forwarded Message --------
Subject: [cc-humanrights] Another rights-related law becomes applicable
to ICANN?
Date: Thu, 5 Jul 2018 16:41:23 +0100
From: Collin Kurre <collin at article19.org>
To: CCWP-HR <cc-humanrights at icann.org>, NCSG-DISCUSS at LISTSERV.SYR.EDU
Dear colleagues,
You might be interested to hear that the California passed new data
protection legislation last week, the 2018 Consumer Privacy Act. For
those interested, the International Association of Privacy Professionals
(IAPP) has produced a comprehensive overview of the new
law: https://iapp.org/news/a/analysis-the-california-consumer-privacy-act-of-2018/
I found the following excerpt from their analysis particularly relevant
to ICANN:
"Some companies implemented many of their new privacy protection
measures worldwide in the hopes of being able to avoid having to
make further jurisdiction-specific updates for a while. The passage
of the California Consumer Privacy Act has now raised the question
as to whether these measures will be sufficient to the extent they
reach California residents with their GDPR-related compliance
measures. Unfortunately, the answer is largely, ‘No.’
/Global companies can and should try to address the requirements of
the California Consumer Privacy Act, EU GDPR and other privacy
regimes simultaneously and holistically in the interest of
efficiency/.”
The Human Rights Bylaw
<https://www.icann.org/resources/pages/governance/bylaws-en> (which will
come into effect when the WS2 recommendations are approved, likely in Q4
of this year) states that ICANN should be guided by the core value of
“respecting internationally recognized human rights as required by
applicable law.”
The HR FoI
<https://community.icann.org/display/WEIA/Documents?preview=/59641302/79437270/CCWG-Accountability-WS2-HumanRight-FinalReport-20171106%5B1%5D.pdf> recognizes
that the notion of applicable law “is a dynamic concept inasmuch as
laws, regulations, etcetera, change over time.” However, based on the
GDPR experience, it seems like waiting for rights-related laws to become
applicable may not be the best strategy in the long run.
Once the bylaw comes into effect, ICANN org and each SO and AC will be
required to develop policies and frameworks to take human rights into
account and avoid human rights violations in policy-development and
decision-making processes. Some have perceived this as an additional
administrative burden, though it’s hard to contest the bylaw's relevance
given the amount of time the community has spent discussing access,
accreditation, EPDPs, and other topics spawned by GDPR, a piece of
privacy — and therefore human rights-related — legislation.
I therefore see *strategic potential in developing new compliance
mechanisms for the human rights bylaw.* Just as corporate human rights
impact assessments serve to identify gaps and mitigate risks,
multistakeholder ICANN HRIAs should be devised and incorporated to
promote more holistic, efficient, and proactive self-governance.
Thoughts and comments are certainly welcome! And as a reminder, you can
find a few resources on related work on the ICANN Human Rights website,
here: https://icannhumanrights.net/documents/
Warm regards,
Collin
--
Collin Kurre
ARTICLE 19
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.internetrightsandprinciples.org/mailman/private/irp/attachments/20180705/6b8a2d1a/attachment.html>
-------------- next part --------------
_______________________________________________
cc-humanrights mailing list
cc-humanrights at icann.org
https://mm.icann.org/mailman/listinfo/cc-humanrights
More information about the IRP
mailing list