Privacy Committee Members

DNS-OARC has a Privacy Committee of 5 volunteers whose principal responsibility is to assist DNS-OARC with respect to privacy and data use matters. 

The members of the Privacy Committee represent a broad diversity of rich experience. However, it is expected that there will be some areas pertinent to the work of the Committee where additional expertise is required, for example in the general area of privacy controls or in exploration of facilities available in particular cloud platforms. The Committee will call upon external experts to provide advice where appropriate.

The current members are:

Name Organization Role
João Damas APNIC Chair
George Michaelson APNIC Member
Benno Overeinder NLnet Labs Member
David Lawrence Salesforce Member
Steve Sullivan DNS-OARC Staff Liaison

 

Privacy Committee Charter


Background


Data: DNS-OARC encourages the collection of various datasets related to the DNS, mainly from its members. The datasets are made available to DNS-OARC members for research and analysis purposes, for example to gain insight into operational practices and deployment challenges. The results of the studies are in general presented to the DNS-OARC community, or DNS community at-large. As such, the datasets are a major asset of DNS-OARC enabling community research and analysis, thus contributing directly to the goals of OARC’s core function.

Data Storage: These datasets are stored and curated by DNS-OARC on bare-metal systems that it manages in third-party data centres. DNS-OARC controls access to data and aims to enforce restrictions on how data is used. The principal mechanism used to control access to and use of data is the Data Sharing Agreement, which is an optional part of the Participation Agreement, executed between individual members and DNS-OARC.

Risks: The extent to which DNS-OARC’s data governance practices comply with the privacy legislation in Canada and California (where datasets are stored) and Europe (where applicable) is unknown. DNS-OARC’s responsibilities with regard to data protection are not well-understood by members or staff. The risks associated with this low level of preparedness for the organisation are not well-understood.

Single Policy: Datasets curated by DNS-OARC are effectively managed under a single policy. It is not currently possible for individual datasets to have dataset-specific licences for storage, access or use. Changing policies around data access or use involves an expensive and time-consuming process of renegotiating legal agreements with individual members. 

Future use of cloud platforms: All datasets curated by DNS-OARC are stored on and accessed via bare-metal systems operated by DNS-OARC. In recent years, there has been a shift from self-maintained infrastructure to shared, cloud-based infrastructure for “big data” applications. This transition offers various advantages, including specialised analysis tools and capabilities, particularly for applications involving sensitive and personal data like healthcare. It is not clear whether DNS-OARC’s current practices in this regard provide the best balance between flexibility, accessibility, privacy and security.

Public Services: Certain content on the public services provided by OARC is covered by the confidentiality clauses in the Participation Agreement concerning ‘Information’ and these are binding on both Members and Supporters, whether or not they sign the Data Sharing Agreement. Specifically, for Member use of services such as Mattermost, Mailman, etc, where the Teams and mailing list charters are clearly defined as Member-only/private, then the Version 2023-06discussion content and metadata of these platforms is regarded as ‘Information’ within the scope of the Participation Agreement. However, there is no privacy policy for public service use of open OARC platforms.

A privacy committee has been formed to explore these issues.

Goals

The goals of the Privacy Committee include:

1. Obtain informed and reliable opinions about the degree to which DNS-OARC currently satisfies the requirements of relevant privacy law for data (as defined above). 

     a. If there are areas in which DNS-OARC is not currently compliant, identify remedial actions that could be taken to make DNS-OARC compliant with relevant privacy law.

2. Within the constraints of relevant privacy law, consider how to maximise the amount, usability and usage of data (as defined above) collected by OARC in the future. 

     a. Explore opportunities to allow different policies for storage, access and use of individual datasets, and assess whether such flexibility would be useful and practical.

     b. Explore opportunities for some datasets to be stored and managed in, and accessible to researchers from cloud-based data lakes as an alternative to being stored on DNS-OARC’s own systems.

3. Given the different sources and types of datasets, the definition of metadata can simplify access to data. Metadata can describe the dataset and possibly the relevant policies for accessing and using the data. A task force may be tasked with working on metadata and requirements for a maintained data catalogue.

4. Review the coverage required for any privacy policy related to public services and work with  an appropriate professional (e.g. a privacy lawyer) to develop and publish such a policy.

5. Propose a process for appointing a Privacy Officer


Non-Goals

The following topics are explicitly excluded from the Privacy Committee’s work in the interests of avoiding scope creep:

1. Drafting, reviewing or proposing specific legal text to incorporate in the DNS-OARC
membership agreement or other legal documents; the committee may, however,
recommend that such work be done by qualified legal personnel.

 

Version 1.0 2023-06-21
 


A PDF version of the Privacy Committee Charter is available here.