FABI BETREMIEUX: Hello, everyone. Good morning, good afternoon and good evening. And this is Fabien Betremieux speaking from the GAC support team. Welcome to our WSG working group conference call today on Tuesday the 17 th of January, 2017. We will be starting in a few seconds. We re trying to solve a connectivity issue with Alice. You have on the screen our agenda for today. And in the chat you will also find the link to this online document for your convenience. Please make sure you mute your lines when you re not speaking and if you d like to speak at any time, please do so by raising your hand in the Adobe Connect room. And if you re not in the Adobe Connect room, please let us know on the phone. So let me pause here for a second and make sure that Alice is with us. Alice, can you hear me? I can hear you. Can you hear me? FABI BETREMIEUX: We can hear you loud and clear. Thank you. Oh, great. FABI BETREMIEUX: So Alice, the floor is yours. We ve introduced the meeting. Note: The following is the output resulting from transcribing an audio file into a word/text document. Although the transcription is largely accurate, in some cases may be incomplete or inaccurate due to inaudible passages and grammatical corrections. It is posted as an aid to the original audio file, but should not be treated as an authoritative record.
Okay. Happy New Year to everybody. Great to see everyone and thank you very much for making the time to attend this meeting. We ll start off by going through the agenda so that we can adopt it. We have 12 agenda items. We are going to have a briefing on the Nairobi LEA capacity building workshop coming up. And then a discussion around planning and briefing for the upcoming meeting in Copenhagen changing the heat session, the cross community session that we have. Issues around abuse mitigation and follow-up on previous staff advice coming out of the Hyderabad communique. The new gtld topics and procedures PDP. Then child online protection. Where we re at in the next steps to the framework. Status updates and the next steps and then privacy proxy. Privacy documentation and the LDS. A brief update on the CCT review. And then [inaudible]. And then a discussion on [inaudible] AOB. There something here, a lot of breathing on the line. If you re not talking, please mute your microphone. Thank you. So are we ok with the agenda? Can we adopt the agenda for today? For today s call? Yep. So any comments, suggestions or objections to the agenda? None at all, ok. Then I can jump straight to the first agenda item. The Nairobi Capacity Building Workshop that s coming up next week, that s hosted by the communication authority. I don t know whether they're online at the moment. They don t seem to be. So I ll speak on their -- not on their behalf, but the PSWG, the communication authority is supporting this and the government of Kenya. We have law enforcement agencies coming from the 16 African countries. I now hear there are two more, sent from the South African government and Nigeria as well. You saw Page 2 of 49
that the announcement has already gone out although we re going to be revising the agenda. So instead of having -- and to respond to Nick Shorey's question regarding whether or not we re going to be having an intercessional meeting on the 26 th afternoon, because we are not going to have enough -- or we do not have all the public safety group working members, especially topically with us in Nairobi, we thought the best thing would be to instead replace that with a presentation on what the public safety working group is addressing at the moment. The policy issues. So we will require the topic leads to perhaps provide us with a one page that speaks to what the issue is about and what African law enforcement agencies need to focus on. And the objective here from my perspective is to see if we can first create awareness about some of the policy issues that the public safety working group is addressing and also by extension outreach and see if we could engage some of the African law enforcement to join or work with the topic leads to understand the topics better and perhaps contribute in the near future. So that is the objective of that. We are replacing the 26 intercessional meeting on the afternoon of the 26 th with that, so I would kindly request the topic leads that as they're preparing the one page briefing, for the GAC, that would be very helpful for the Nairobi meeting as well. In terms of attendance, I mentioned about 25 heads of cybercrime and other stakeholders. Obviously, there's going to be more representatives from Kenya. We have between six and seven public safety working group members attending, Page 3 of 49
including the NRO, sending two or three representatives and the GAC Chair will also be available throughout the meeting. So for discussion very quickly is, we need the confirmation of the availability of topic leads to develop the one-pager. Fabien is going to be available to help with that. And if your view, your topic lead is going to be available, perhaps to remotely present the topic, so that we can confirm with our notes we will need to provide remote participation for that session. So, I would like to hear from you, especially those leading some of the topics: Nick, and Greg, Iranga, and others, whether any of you -- Iranga is going to be available, but those not available, perhaps Nick and Greg, you may be able to remotely present, and if not, we will probably not have remote participation, but we ll have any of us presenting on your behalf. I see Greg saying you will be able to present remotely. What about Nick? Thank you very much, both of you, and we'll find out from Laureen as well on CCT, and others whether they are going to be able to provide any updates on that. So any questions, regarding the Nairobi LEA workshop? Or any comments or suggestions? Okay, if none, thank you very much. We can move on to the next agenda item. The briefing of the GAC or ICANN58, and this is the GAC meeting and plenary. And for this, I will let Fabien take us through the various slots and the expectations. So, Fabien, over to you, please. FABI BETREMIEUX: Thank you, Alice. So, if you can just -- a reminder that there are currently four sessions planned on the GAC agenda, one day the general Page 4 of 49
purpose. So, we're talking about the GAC agenda it s basically slots with the GAC plenary. So there are four of them. One day general purpose, one day on the security framework, one day on the registry directory services and one which is regarding the Annex 1 which is on the GAC Committee [inaudible], which is due to be a part of the meeting of the GAC with the Board. The context, very quickly is that GAC leadership right now is trying to free time on the GAC plenary agenda. I should mention that some of those topics like security framework, registry directory services, were self selected by GAC members in the prioritization exercise, so it's not necessarily a PSWG proposal. So, in the end, what matters really for the PSWG really is to determine how much time it means, for what purpose, and on what topics. So I think it will be important today to come out of this meeting with a clear picture of what are those topics that the PSWG would like to discuss with the GAC plenary. And clarify the specific needs and expectations from the GAC: would the PSWG provide just information, or would the PSWG would like to discuss with the GAC specific issues, is the PSWG expecting decisions on some issues or endorsements? So, this is the type of elements we will need on each of the topics that are on our agenda today. I also want to note that the GAC will need to receive its briefings prior to the meeting, as usual. And the deadline for that is 27 th January, where the briefings should get to the GAC Secretariat by that date. So, I'll send an email to the topic leads, and I believe we had set a target for earlier Page 5 of 49
in that week, or the previous week, and so we can discuss an ability of topic leads to provide their one pager briefing. And I think, as Alice mentioned, the briefings will also be useful for the Capacity Building Workshop. So, I think we should target early next week to have those briefings, and again, I stand available to assist any of the topic leads that would require assistance. So, finally, based on the needs that will be identified for the PSWG to meet with the GAC plenary, we can then feed the leadership, the GAC leadership, with more specific needs. And so that's expected tomorrow, actually. So, let me stop here and see if there are any comments or questions at this point. And if not, we ll just move to the discussion of each of the topics. So, I'm pausing here, any comments, questions? Thank you, Fabien, and just to be clear, there's a bullet point here that says meeting with the Board re Annex, and just to be clear, this is not the PSWG meeting with the Board, it's the PSWG making sure that we are presenting during the normal, scheduled GAC Board meeting. And to also remind topic leads that once you develop your one pager and the reason why Fabien is saying early next week will be very important, it does need to go back to the main PSWG for comments before we submit it to the GAC Secretariat. Any comments, please or suggestions? I see Nick. Nick, please go ahead. NICK SHOREY: Hello, can you hear me? Page 6 of 49
Yes, we can hear you, Nick. NICK SHOREY: Excellent. Good afternoon everyone and Happy New Year. It's just a brief observation from the Hyderabad meeting. We just need to make sure that when we're discussing these topics, and even if we have separate, specific sessions to discuss a topic such as the security framework, or whatever, if we're introducing potential advice, that we want to introduce to the communique, that we make sure that we cover that in the PSWG session, a dedicated session that we'll have during the meeting. If I recall in Hyderabad, I think we had a session on abuse mitigation and we tabled some draft advice which then went into the communique. But we didn't actually discuss it during the PSWG Plenary, and I'm just mindful, particularly of people maybe participating remotely, who would connect in for the PSWG session if they had some sort of comments that they might want to raise on the advice or further ideas, but they might have missed that opportunity because it was discussed in another session. So, I think just an administrative note, that when we're discussing central advice, even if we've got a separate session on that topic, if it's a PSWG advice, we should make sure that we cover it off during the PSWG Plenary session. Page 7 of 49
Thank you, Nick. Anyone else? Yeah, Nick, just respond to that, when we develop -- Ashley, please, go ahead, Ashley. ASHLEY HEINEMANN: I'm sorry to interrupt you mid-thought, in fact, I'm happy to take this offline if necessary, I may have missed it, I had to step out during the early part of the call. But the second here regarding a meeting with the Board, regarding Annex 1, there was a brief conversation during GAC agenda planning call, about whether or not this was a standalone meeting between the PSWG and the Board, or this is just a topic to make sure it's raised within the GAC meeting with the Board. Could you just clarify that for me, real fast? Thank you, Ashley, yes, happy to clarify. This is not a standalone PSWG meeting with the Board, this is an item that we need to make sure gets into the GAC Board agenda. So, I think we would need to rephrase that. ASHLEY HEINEMANN: Okay. Thank you for that clarification. That's what I understood, but thank you. Yes, thank you. And to respond back to Nick, regarding Annex 1. I don't know if you recall the way we work is that every topic lead develops a one pager, and within that one pager that is shared with the PSWG, it states quite clearly whether or not we're going to be seeking GAC Page 8 of 49
advice, and if so, the topic lead develops the language for advice for discussion, so, even with the DNS abuse mitigation, that was shared on the list, and we did speak about it. But we'll make sure that we again, proactively remind PSWG members to have a look again, especially when it comes to items or advice that need to go on the GAC communique. So, thank you for bringing that up again. So, if there are no other comments or questions on the ICANN58, we can move on to the next agenda item. Oh, yeah, we have the crosscommunity session on abuse mitigation. That topic lead is Bobby, I don't know if Bobby is on? Bobby? IRANGA KAHANGAMA: Hello. This is Iranga. Oh, Iranga, please go ahead. IRANGA KAHANGAMA: I don't see him in yet, you may want to push it to later in the meeting and then Okay, so then we can move to the next agenda item. The next one is still follow up on GAC advice, so we can move to the next. Okay, this is a new initiative, the Registry Service Providers Program and we still try Page 9 of 49
to identify a topic lead for this. I'll let Fabien describe what this new initiative is about. So, Fabien, please, you have the mic. FABI BETREMIEUX: Sure. Thank you, Alice. So there are actually two, fairly new initiatives, and I think it relates well to abuse mitigation and those discussions in the PSWG working groups. So that's why I include them here. The first one is the Identifiers Technology Health Indicators. So, this is a piece of work that has been ongoing for some time now, where ICANN seeks to define some metrics to measure the health of the identifier technology, such as DNS and numbers as well. So, I think here there is a first proposal that s been submitted for poorly comments, which has been extended to early next week. And this is an opportunity for the public safety working group to weigh in on how ICANN would eventually measure some issues that relate, that are relevant to public safety, such as bad registration data, abuse of the DNS, or attacks on the DNS, this is vocabulary that is in the proposal. So, I believe that there is an opportunity here and the public security working group should consider whether it would like to take advantage of it, considering that a position for public comment would probably need GAC endorsement. And I'm sure that we could probably provide comments beyond the deadline, if needed. So, this is the first topic. The second one is a newer initiative yet, and that is an initiative launched by the ICANN GDD, which is seeking to form a working group, to discuss what they call a Registry Service Provider Program, and in Page 10 of 49
various fora, the views, the notion that certification or accreditation to give you a sense of what is the purpose of that working group. And so I think this follows from the implementation of the new gtld program, in which the Registry Service Providers are not recognized as a contracted party, as an existing party, sort of, and that has created some specific issues. And this is relevant to the public safety working group because Registry Service Providers are the ones that provide the technology, the resources and the capability to fight abuse in the DNS. So, I believe there is here, as well, an opportunity for the public safety working group to follow the discussion and influence the outcome. And for example, an outcome could be that there are criteria that relate to public safety that are inserted in such a program for recognizing Registry Service Providers. And so here, there is an ongoing call for volunteers, to which the deadline is set to the end of January. So I think in terms of action for the public safety working group there is a need to designate potential topic leaders on these topics, or for those two in general and for interested members, to either contribute to the public comments, carry on the ICHI or join the GDD working group on the Registry Service Provider Program. And so that's it, let's see if there is any questions or comments? Thank you very much, Fabien. I see Nick has responded expressing interest in being involved in the GDD Program. Nick, do you want to take the microphone? Nick is typing, so Nick has expressed interest, so Page 11 of 49
perhaps we can follow up with Nick, as the topic lead for that. That's great, thank you very much, Nick. So, I've just heard from Bobby, he's on call but he's not on Adobe Connect. Bobby, can you hear us? Bobby? Okay, I don't think he can hear us. Perhaps we can move on to the next agenda item, while he tries to sort out his connection. Okay, the new gtld Subsequent Procedures. This is an item where the GAC leadership has expressed a little bit of a frustration because there's very little participation of the GAC, so I think it's important that we have volunteers coming up to lead on these areas. Nick, you have your hand up. Is that a new hand? Okay, Nick. NICK SHOREY: Hi, sorry to cut you off, do you want to continue and I can comment after? Did you want to comment about this issue, the Subsequent Procedures or the previous issue? NICK SHOREY: No, this is Subsequent Procedures comment. In reference to your point about participation, I chucked an email to the main GAC list the other day, to see if I could get actual details about the participation stats and I managed to get hold of those. So on this gtld Subsequent Procedures thing we're got, there's a handful of GAC members on that group. Their participation percentage is generally quite high, so of the people that Page 12 of 49
we have participating on the GAC in this, their individual participation is quite high. The problem is there's just so few of them, that they're not really able to share the load. So, if there's a couple of meetings that one person can't make, and there's only two other people in that group and they can't make it either, then there's no one representing, covering the gap. Whereas, other people in the community, people in the GNSA for instance, their individual participation statistics are lower, but because there are more of them, they are better able to cover the range of meetings that take place. So, I think that might be something to consider. That if maybe we can more people on the GAC involved, it doesn't mean that those people have to participate in every single meeting, but it means we can sort of share the load maybe a bit more and ensure that there's always someone from the GAC participating in that meeting. Maybe when we do that it just needs a bit of coordination, on a separate little mailing list, where someone says, Oh hey, I can't make this meeting tomorrow, can someone else cover it? Someone else sticks their hand up and say yeah, I've got that, that's fine. So, in terms of the people's participation in those groups, their participation stats are good, but there's just not enough of them to share the load. Thank you. And as you can see here at the end, next steps are to designate a potential topic lead and to encourage more PSWG members to join the working group. So, it would be great if we could get PSWG Page 13 of 49
members joining, and perhaps somebody taking the lead on this, and as suggested, creating a mailing list to coordinate PSWG participation in this PDP. So, if someone could come forward and participate, I know we are all very overwhelmed, the workload is actually quite overwhelming, but it would be great if somebody could potentially offer to take the lead on this topic. Any comments or suggestions or volunteer? Okay, we can always come back to this and reach out to various people and see who can volunteer, who would have the time and capacity to volunteer. All right, if there are no comments or suggestions on this, we can move on to the next topic. FABI BETREMIEUX: Alice, can I just make one additional comment on this topic? I just wanted to note that there has been a recent discussion in the GAC, as proposal that a task force be formed within the GAC on which there could be a Public Safety topic lead. And the idea of this task force would be to help the GAC follow on the progress of this effort and potentially address the issue that Nick raised. So, I just wanted to note that there is this specific discussion right now in the GAC on this topic, and that it is in this context that the public safety work group may be called to propose support to that work. And just for information, on this slide here, you can see that we've listed a number of issues which are relevant to public safety and which will need most likely input from the participants. That's it from me, Alice. Page 14 of 49
Okay. Thank you, Fabien. Let me suggest that perhaps Fabien and I take this on? I can volunteer to be the topic lead for the moment, especially taking into consideration that Fabien has identified some of the areas that the public safety working group needs to take into consideration and perhaps what we could do -- cause already some the areas we do have topic leads dealing with some of the issues there, reach out to each one of you separately so that we can see what level on contribution we can take back to this PDP. But for the moment, I will offer to do that with the assistance of Fabien. Fabien, are you okay with that? FABI BETREMIEUX: Absolutely. That sounds perfect, and actually we'll discuss right after this an example of how a given topic within the PsWG can be fed into these new gtld Subsequent Procedures PDP. Absolutely. Great. So I will discuss this, the co-chairs, both Katherine and I will discuss this and we can take on the responsibility of leading on this topic, because it's been a topic of some concern and discussion at the GAC level. All right. Thank you, Fabien. We can move on to the next agenda item. Child protection and next steps. I don t know whether we have John Carr or Counsel of Europe who can speak to this? Fabien? Is that you raising your hand? FABI BETREMIEUX: Yes, Alice. Page 15 of 49
Please go ahead. FABI BETREMIEUX: Yes. John could not make it to the meeting today, so he suggested that I provide an update, which he shared with me. So, you remember that there was a paper that was circulated by John Carr prior to ICANN 57, and the discussion of that paper in the working session in Hyderabad. And so in terms of next steps, in particular with respect to this paper, John Carr had in mind that there is a need to develop detailed contractor provisions on this issue that could apply to registering. Considering the suggestion made by Bobby in Hyderabad, and also considering the concerns that were expressed by the US with regard to engaging in content regulation, and also considering sensitivity in various countries on how to deal with this issue. So I think John Carr has that on his radar, but he s also requesting assistance to do this. Because he feels that he doesn t know enough of ICANN to adapt. He s thinking too highly it should be formulated to be effective at ICANN. So I think in terms of next steps, it would be useful if there were PSWG member that would be willing to assist John in that effort. I obviously will stand ready to assist as well. And as I mentioned earlier, this is a good example of how something that would be developed on this issue and the PSWG could be fed into the new gtld Subsequent Procedures PDP. So there would not need to be double work, and there would be input prepared that would be Page 16 of 49
useful for that work. And in terms of ICANN 55, I think we need to clarify whether these should be a topic on which the GAC would be briefed by the public safety working group. And if there is any need to discuss it or present, or a sort of decision by the GAC. Let me stop here and see if there is any comments or questions. Thank you, Fabien. Any comments or questions? [AUDIO BREAK] Seems to be no comments or questions. I see -- okay, Greg, please go ahead. Greg, you have the microphone. Greg? I think we can t hear Greg. Let s see. Okay. Perhaps we can come back to Greg later, and move to the next item on the agenda. Okay, security framework. Bobby, are you on? IRANGA KAHANGAMA: This is Iragna again. Bobby s signing on. But, he should be on in one minute. In one minute? IRANGA KAHANGAMA: But I can speak to the framework. Page 17 of 49
Okay, please go ahead. IRANGA KAHANGAMA: So first I want to say thanks to all the people who submitted comments. I didn t really have any issues with them, so they were pretty much all accepted and incorporated. Actually, this meeting was a good reminder. On Friday, we had some other informal comments, and so I had added some definitions to the different types of categories of action by registry, if you remember the bullet points in the first page. So I will recirculate it because those have been updated with about two or three sentences per just to be a little more specific details. And then I ve also sent it to the ICANN drafting team, to Dennis Chang. And so we re actually going to be having a call on the 19 th which I believe is Thursday, so the security team and drafting team will be having a call on Thursday morning to discuss next steps. And I guess that s all that I ve heard. I haven t heard any initial reactions to the document we sent around because I know it wasn t a significant amount of cuts to their document, but I will get my first impressions Thursday when we discuss it with them. That s the latest with that. Thank you Iranga. Any comments? Fabien? Have you hung up? FABI BETREMIEUX: Yeah, me. Thank you Alice. Maybe, I see that Greg has commented. I believe we see it on the security framework. So just that it may not be on the IDB connect. Greg is saying I thought this was a nice and sharp Page 18 of 49
document. I had specific comment except for maybe trying to include a role for registry such as Registry of Last Resort. Just met with Benedict. And Nick, so apparently Nick was requesting you want to go ahead, Nick? Yeah, Nick wants to speak. Nick, please go ahead. Nick, we can t hear you. I think a lot of people are having problems with their voice today. IRANGA KAHANGAMA: Well, to speak to Greg s comment in the chat: So I know I haven t had any indications on the reception of the registries, all I got was the thank you from ICANN for submitting it. I will be speaking with the registries on Thursday. I did use that call to try and bring up incorporating some of these, but I think they are not as anxious about having very specific language in terms of what verses should be used, but I can bring it up with them if necessary. Okay. And Nick is suggesting reviewing a previous draft? IRANGA KAHANGAMA: Right. If it can be the one that John Flarety had dome. Page 19 of 49
Okay. Okay. All right. No other comments. Okay, we can move on to the next agenda item. FABI BETREMIEUX: Actually, Alice. This is Fabien. Yes, Fabien, go ahead. FABI BETREMIEUX: I just wanted to discuss the actions for ICANN 58. I think we need to confirm here whether we believe it is needed to provide an update to the GAC on the security framework. That may be early, depends on really how Iranga and Bobby feel about this question. But this is something we need to confirm with the GAC leadership tomorrow whether this 30 minute session on the GAC plenary agenda regarding the security framework is needed. We also need to confirm whether or not there should be a brief to the GAC on this issue. And if there is any expectation from the GAC at this stage. Okay. Well, so just for clarity: I thought this was a topic that was request by the GAC, right? FABI BETREMIEUX: It was. Page 20 of 49
Yes. FABI BETREMIEUX: It was I believe in the prioritization exercise. Considering that the GAC leadership is looking for reducing the workload session, looking for free time on the agenda, if we believe that 30 minutes are not necessary, and this can be addressed in the general purpose activity session with the GAC plenary, the GAC could just decide to let that slot go. Okay. So question to the topic to Fabien and Iranga: Do you think we are ready to provide-- to propose GAC advisement on this topic? BOBBY FLAIM: This is Bobby, can you hear me? Yes we can hear you Bobby, finally. BOBBY FLAIM: Okay. I think it s going to be dependent upon our January 19 th call that we have with the registries. Iranga sent out the draft, and Iranga, correct me if I m wrong, but we haven t heard from the registry group. I know Dennis Chang from ICANN said he was going to send it to all of Page 21 of 49
them, and unless I missed something this morning, we haven t heard anything. So we re, I think waiting to see how the January 19 th call goes. And if it looks like they will be amenable and accepting of it, maybe with a few minor tweaks, then maybe we don t have to brief the GAC, We can just tell them that we re proceeding and then maybe we can give the GAC a written document if we re ready at that time, by Copenhagen. But if it looks like the registries don t want to accept what we have drafted as the third version, then that may be something which we may need to brief the GAC on. Okay, so we can leave that. Fabien did we need to respond to GAC leadership tomorrow? FABI BETREMIEUX: I was planning to because Katherine will be meeting with the other working group chairs and propose that we get back to the GAC tomorrow. And I can provide the input I think. We are still working on the agenda, so hopefully it should be fine if we indicate to the GAC leadership that an answer will come later this week or early next week. Hopefully, I can suggest that. Yeah, perhaps you can tell them that from the PSWG we can provide more concrete responses next week? After, that would be time to the various opportunities. And also would be time for the January 19 th meeting to take place and for Bobby and Iranga to come back to us so Page 22 of 49
we can suggest next week. Is that okay with everyone? Okay. We can move on to the next agenda item if there are no questions or comments? Privacy Proxies. Nick, you have the microphone. Nick can you hear us? NICK SHOREY: Hi everyone, can you hear me? Yes, we can hear you. NICK SHOREY: Sorry, I m just stepping out of a noisy room. Okay, so Privacy Proxy implementation: The implementation review team has agreed that some of the outstanding issues that the GAC raised in its advice to the board back in Helsinki, particularly around disclosure of law enforcement requests and relay of law enforcement requests, are probably best dealt with if the public safety working group come up with a draft framework of how this would look and work in practice. So I issued that invitation to the GAC just before Christmas and then during Christmas. And so now we ve got a team of about eight volunteers, which is really excellent. And we re going to have our first call on the 25 th, I believe. And if anyone else wants to participate and join up subsequently, they can. Just drop me an email and well get you involved. So we ve got our first call on 25 th, and then we re going to start to look at how we go Page 23 of 49
about setting up a draft framework which we would then present back to the IRT. Ideally, they want this before the meeting in Copenhagen, so we can then have a PSWG privacy proxy IRT face to face discussion on it. So we re going to try to work to that deadline. I ve minded them a bit on expectations because we re all very busy, but that s the ambition. The IRT has prepared a draft, sort of discussion document which is going to form the basis of the briefing for us, to help steer us in the right direction, hopefully. And there s also a previous disclosure framework, I think, from one of the other contracts, which we might be able to use as a basis. So I m confident that we should hopefully be able to make progress on this fairly quickly. And I think I can see a potential way forward that is consistent with the defined recommendations from the GSNA PDP, but also take into account the concerns that we ve got. So that s as far as we are at the moment. And we will look forward to getting on the 25 th. Thank you. Thank you Nick. Any comments? I see a couple of you. Matteo? Matteo you have the microphone. Okay. You may need to speak a little bit more closer to the microphone. MATEO LUCCHETTI: Hello? Can you hear me now? I m speaking to the microphone in my mouth. Page 24 of 49
Yes. Yes, I can hear you. Yes. MATTEO LUCCHETTI: Okay. Hello. Thank you, Nick, for this introduction. I just wanted to say this is a topic that we have been dealing with, especially with those requests from law enforcement in the framework of the [inaudible] convention and [inaudible] convention committee. So [inaudible] convention. And there have been groups for dealing with the international law enforcement requests that can be done [inaudible] group. So this is a topic that would actually be interested to be in touch with the volunteers for the working group for the sub-team. We are not sure that we can convene on a permanent basis, but still I would like to anyway want to discuss some issues with [inaudible] that we have had. The framework of this would be for our first meeting. The only problem I see is that 25 th we actually -- there is a Capacity Building workshop [inaudible] thirty minutes. So I don t know if these two events that now are part of each other. I m not sure I will be able to attend. I would like to attend [inaudible] FABI BETREMIEUX: Matteo, this is Fabien speaking. I m sorry for interrupting, but it s very hard to understand you. Would you mind maybe writing in the chat the few elements that you were stressing? I understood from what you were saying that the Council of Europe has had experience with this Page 25 of 49
topic, law enforcement requests in the context of the Cyber Conn convention, and did I understand correctly that you were MATTEO LUCCHETTI: I would like to write it. And I will email it to you. FABI BETREMIEUX: Perfect. Perfect. MATTEO LUCCHETTI: -- will write an email to Nick, and probably I will copy you and Alice on it, to let you know. Okay. Thank you Matteo. Some of us -- FABI BETREMIEUX: Thank you, Matteo. Some of us could hear you, but others could not. And thank you for that. Any other questions, or comments? Fabien? FABI BETREMIEUX: Alice. Page 26 of 49
Fabien, you had your hand up? Yes. FABI BETREMIEUX: Yes, thank you. I just wanted to discuss the ICANN 58 aspect of this topic. Do we think that we should plan I m sorry if I missed this from what Nick said earlier, I m not sure he addressed it, but we should clarify whether we need any specific preparation for ICANN 58 with the GAC. In particular, I think we have an open question to determine whether a strawman proposal by the public safety working group to feed into the IRT discussion and would need some sort of GAC endorsement or not. So I would just like to raise this question to the group. Thank you, Fabien. A question: Do we need any endorsement or presentation to the GAC, or just the briefing enough? Nick. Nick is typing. He says it may need to go to the GAC. So, once again, I think we can keep topic leads until the end of the week, and we can get back to the GAC next week regarding what topics will be on the PSWG presenting to the GAC agenda in Copenhagen. Is that you, Fabien? Okay great. All right we can move on unless there s anyone? Okay, we can move on to the next the RDS, this is an update on the review team under, a topic lead is required here. And there s been an ongoing call for volunteers with a deadline that was extended to next week, the 20 th. So the PSWG members were interested, I think they have to submit their expression of interest to the corps. And we need to brief the GAC regarding the team members and the concerns that the Page 27 of 49
public safety working group will be raising. So, I know that I think there are three I hope I m not wrong three members who have submitted their expressions of interest. Three PSWG members. GREG MOUNIER: Yes, this is Greg, Alice. I believe there is an additional application from a GAC member representing Thailand as well. And from a GAC perspective. Okay. GREG MOUNIER: And so there are Go ahead. GREG MOUNIER: Sorry, go ahead. Please go ahead. Sorry. Page 28 of 49
GREG MOUNIER: I was just going to add that there are at least three seats on the review team that will be reserved for the GAC: Chair to two [] and depending on the other applications and the other SO/ACs that could be increased. But actually there will be three seats for the GAC on the review team. And I think, I just want to mention that one key element for the recently working group is to determine how internally the work group would like to work with the future GAC representatives on this review team. Because there is a lot of expertise around RDS in the public safety work group. So I think in addition to identifying the various issues of concern that ought to be fed into your process, and that may be useful to inform the GAC about, there s also this question about organizing an internal PSWG process to make sure that PSWG members that are interested can see and contribute to the work of the review team through the GAC work group. Okay. And Greg had said that the more PSWG members who are interested in this working group, they can always join as observers, which is correct. But we ve got three members, so the PSWG will follow the same process they did with the CCT review and submit and just alert the GAC that we have three PSWG members that applied and are interested in joining. And then other PSWG members are always welcome as Greg mentioned, as observers. Any questions? Okay, if there are no questions or comments Page 29 of 49
FABI BETREMIEUX: Alice? Yes Fabien, go ahead. FABI BETREMIEUX: Sorry. I just also wanted to discuss the topic lead aspect of this issue. I think we, having a PSWG and RDS topic created, was Greg, and right now he was mostly working on the RDS PDP, so I wasn t sure whether he would be interested in taking on the internal coordination regarding the review team as well. So that s why I didn t want to force his name as topic lead on this topic, but that could be an interesting arrangement, if he s interested. So I m just throwing that out to the group for discussion. Yeah. I just assumed that he would take on the responsibility once again, but, please Greg, correct. You re very welcome to let us know if you re happy to continue as the topic lead? He s typing. We re wondering if you d be happy to continue as the topic lead for this working group? And I see Okay. Greg says he is happy to continue as the topic lead for this. And Wanawit says the participant that applied from Thailand is no longer on the GAC. So good to take note of that. Thank you Wanawit and thank you Greg. Any other comments? Okay, if there are no other comments, then we can move on to the next agenda item. Page 30 of 49
The CCT review. I don t know if Laureen is with us. Laureen. Please go ahead. Hi, Laureen. LAURE KAPIN: Hi Alice, can you hear me? Yes. We can. LAURE KAPIN: Okay. So, the CCT review team will be releasing its preliminary report soon. The date s been pushed a little bit to let us do our final consensus-building and review and formatting and all of the other good stuff that goes into these long reports. But we anticipate that s going to be released by mid-february. So it s a little bit of an adjustment to what is in the agenda here. But that report will set forth our preliminary recommendations on a rather large range of topics that deal with the big picture issue of the impact of the expanded gtld program on competition, consumer choice, and consumer trust, and also the impact on the safeguards, particularly as it relates to mitigating DNS disputes. And that will have a public comment period that will actually be a little bit longer than usual because the report will be rather lengthy, and we want to make sure we give folks an opportunity to comment. And I believe that will actually the comment period will run past the time of the Copenhagen meeting. But there also will be three things in Page 31 of 49
the Copenhagen meeting, and opportunities for stakeholders to provide input. So I encourage everyone to take a look at the preliminary report when it come s out. And know that the review team really welcomes your input, particularly on its recommendations and on the work in general. So, that's the big picture update. Thank you, Laureen. Any questions? Fabien, you have your hand up. FABI BETREMIEUX: Sorry, Alice, this is an old hand. Okay. Any questions or comments for Laureen? Okay, if there are or questions or comments we can move on to the next agenda item. Perhaps, Bobby, are you ready to speak to? BOBBY FLAIM: Yes, absolutely. Great. Okay. Okay, so we can go back to the DNS. Yes, please. BOBBY FLAIM: Apologies. I'm sorry, I apologize. I apologize for not being on the call earlier, I was on the call but on the audio part, not Adobe, so I did catch everything, but apologies for that. But in talking about the abuse Page 32 of 49
mitigation, if everyone will recall, the PSWG through the GAC provided GAC advice, which we'll just call Annex 1, which was part of the GAC communique, and basically it was a series of questions. So, what we had also put in the Annex 1 was that we were looking for answers from ICANN to be provided to us five weeks prior to the Copenhagen meeting, which is coming up in March. So, if we did our calculations correctly, that should be 3 rd February, which is coming up in a couple of weeks. The other thing which Fabien was able to arrange, is that this will now be a high interest topic session in Copenhagen. So very similar to the ones that we had in Hyderabad. But we don't want to regurgitate or reiterate what we did before, we want to really stick to this Annex, the questions that were asked, and if you look at the Annex you will see that they were broken up into three parts. One was dedicated to what 2013 RAA, the Registrar Accreditation Agreement stated, and there were some things in there that the GAC advice put in there, but have yet to be addressed. So, we want to see what the status of that is, and we actually have talked to a few ICANN staff members and they have gone back to the registries and they have resurrected this, because it was dormant. So, that's one thing that we'll be looking at, such as the cross-validation and a few other things. And to see how ICANN compliance is enforcing these contracts or contractual provisions. The second part of the Annex 1 was about registries, and GAC advice played into it also, insofar as the GAC safeguards which came out in 2013 in the GAC communique. And part of that was registries reporting security incidents, or taking proactive measures and reporting that to ICANN. So we want to see Page 33 of 49
how that is coming along, this also plays into Spec 11, the security framework and some of the other things that are going on, so we wanted an update on that. And lastly, the third is a catch all which really goes to ICANN staff and what ICANN is doing proactively regarding DNS mitigation and that goes to two parts of ICANN: one is the security team and the other is the contractual compliance team. So, if you will look at the Annex you'll see a couple of footnotes from public source resources about which registrars and registries may have the most spam, and may be involved in abuse and we want to ask ICANN as an independent body what are they doing about that? How are they taking outside reports and what contractual compliance does? And the other thing is we want to see about the transparency of contractual compliance. So, that's how we're trying to address abuse mitigation, in this instance, we're not necessarily trying to discuss what is going on with registries and registrars on a handle, 'cause we did that in Hyderabad. This was very specifically to the questions that were asked and how ICANN is handling them. And how the registries and registrars are handling them with ICANN. So, we're really trying to stick to Annex 1 and those questions and a lot of this session is going to be based on what the answers are, that we received on 3 rd February. So, I think that's all I had for now. Okay, thank you, Bobby. So, the next step, as I can see here, I think you can see the timing. And Bobby has explained our expectations. So the Page 34 of 49
next step is all those interested, in following this specific topic, as well as the heat session created and volunteers to join this effort by next week, the 20 th, well, end of this week, rather. The 20 th January. Nick, I see your hand up, please, go ahead. NICK SHOREY: Thanks, Alice and thanks, Bobby for sharing the feedback on the status of this and your thoughts and plan going forward. I think I made some comments back in December, when this was on the GAC list for discussion and I'm keen that we make this session as targeted and focused on tangible outcomes as possible. So I was really encouraged by some of your thoughts on how to do that, Bobby. And also the approach, how we can mix up the approach to the actual delivery of that session. What I'm slightly worried about is a couple of the sessions, I think you've had before, we always get the same answer from compliance. And maybe it will be different now that Alan's moved on and the new guy, Jamie, in place. But we always seem to get that very lawyer's answer from the compliance team. And I'd really like to certainly make sure that we really focus this on a tangible outcome and make sure that we draw out much more detail from compliance about what they do and that kind of stuff. And I'm really pleased as well that there could potentially be discussion around contracts that link into the Spec 11 stuff, as I think I wrote in the chat earlier. It will help Spec 11 if we can get a much better insight into the detail and content of that other contract, that other spec that Page 35 of 49
ICANN and the registries are working on as well, it'll really help the Spec 11 stuff. BOBBY FLAIM: This is Bobby, I think that would be great. I think we really are trying to get tangible outcomes and like I said, number one, we're going to see what the responses are and then we can customise our approach or plan, based on that. But I think the tangible results we want in the first part is number one. We want to see this cross-validation requirement come to fruition. So, that's tangible item number one, we want to see what they will do insofar as verification, validation of how the WHOIS is going, and providing sunshine and transparency on that. And if that is not our interpretation, then we would go to ICANN to see how we can foster that. The second, this is the registrar's duty to investigate reports of abuse. What are the numbers, what are the stats? Everyone wants case examples from us, well, now we can ask for case examples. The vetting of registrar's application procedures and applications, that's also going to be important, that's in section one. Insofar as section two, the tangible is the fact that we want to see if these statistical reports based on Specification 11, part of the contract, not part of the security framework, have been reported to ICANN and what they have actually received. So, that's tangible, what exactly are you receiving? How are you doing that? And then for Part Three, I think that's going to be very, very important, because there's been unofficial reports that the ICANN security Page 36 of 49
department does receive reports of registry and registrar complaints and that nothing is being done with that. Even, by, there's a lot of evidence, so that needs to be investigated and if we can also ensure as a tangible that the ICANN contractual compliance is actually listening to the ICANN security, I think that would also be a big improvement as well. So there's lots of tangibles that we really are hoping to get out of this, as concrete steps, because like you, we don't want more talk, we have the mechanisms, we've provided the advice to get these outcomes and we still haven't. And some of these things are five, six years in the making, so we're trying to bring that all to a conclusion. Thank you again, Bobby, for that update. Any other comments or questions? Okay, I think we can go to the next agenda item. FABI BETREMIEUX: Alice? This is Fabien speaking. Yes, Fabien. This is PSWG [inaudible]. Go ahead, Fabien, sorry. FABI BETREMIEUX: I just would like to come back to number four, because this is the other part. I think Bobby spoke to this, and we re awaiting the answers from ICANN in the next one. I think here is a specific action for the PSWG in Page 37 of 49
relation to the meeting with the ICANN Board, the meeting between the GAC and the Board in which the public safety working group would like the topic to be addressed. And we discussed, in this context, I think the group needs to plan for a briefing of the GAC, on the answers that will be provided by ICANN. So I wanted to make sure that this is on everyone's radar, and maybe have a short discussion on how that should be done. And how the meeting with the Board should be approached from a public safety working group perspective, considering that the GAC wanted to make sure that this is indeed a meeting of the GAC with the Board in which some public safety working group issues could be addressed. So, I think there is need to clarify exactly how the PSWG would like to see this discussion on this Annex 1 happen with the Board. Okay and I think Bobby will chime in here, I suppose it will depend on the responses that we get from the ICANN Board, that will determine how we approach the PSWG's contribution to the GAC Board meeting. But perhaps, Bobby, you can speak to that as well? With any ideas you may have? BOBBY FLAIM: Yes, I think the plan should be number one we get the answers and then we review them. And see what our response would be to see if that's the direction we anticipate going or no, we would need follow questions, follow up answers, so on and so forth. And then maybe what we can do is maybe we can prepare, with your help, Fabien, kind of a Page 38 of 49