FW: Update on the RAA Negotiations Since Prague
FYI. Note the specific request for advice via GAC on data protection. - Carlton ============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* ============================= ---------- Forwarded message ---------- From: Kurt Pritz <kurt.pritz@icann.org> Date: Thu, Sep 6, 2012 at 11:26 PM Subject: [soac-discussion] FW: Update on the RAA Negotiations Since Prague To: "soac-discussion@icann.org" <soac-discussion@icann.org> Cc: Matt Serlin <matt.serlin@markmonitor.com> Dear SO/AC Chairs, **** Recognizing the broad interest in the ICANN community on the RAA negotiations, we wanted to provide you with a brief update on the work conducted since the Prague Meeting for you to share with your members. **** Since Prague, the negotiation teams have reviewed the input received from the Community in order to identify possible path forwards on the complex issues that have been put on the table in these negotiations. Several meetings have taken place and are scheduled prior to Toronto, including plans to invite the GAC to provide input from data protection experts on several specific issues. There is also an agreement among the negotiation teams to begin analysis of a potential framework for a privacy/proxy accreditation program to be explored with the broader ICANN community. **** For more information on these important negotiations, please visit the ICANN wiki at: https://community.icann.org/display/RAA/Negotiations+Between+ICANN+and+Regis... **** Sincerely, **** Kurt Pritz (ICANN) and Matt Serlin (MarkMonitor) **** **** **** **** **** **** ** **
Thanks Carlton. I am slowly working my way into reading the material. I was on the http://www.icann.org/en/about/agreements/registries [got this from the WHOIS Review Final Report link] and noted that the .com Archived Agreement says 2006 and am wondering whether this is the Agreement that was extended or whether there were new conditions negotiated. Could someone also clarify whether all the Agreements for others such as .info etc are all the most revised Agreements? Thanks and kind regards, On Sat, Sep 8, 2012 at 2:46 AM, Carlton Samuels <carlton.samuels@gmail.com>wrote:
FYI. Note the specific request for advice via GAC on data protection. - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
---------- Forwarded message ---------- From: Kurt Pritz <kurt.pritz@icann.org> Date: Thu, Sep 6, 2012 at 11:26 PM Subject: [soac-discussion] FW: Update on the RAA Negotiations Since Prague To: "soac-discussion@icann.org" <soac-discussion@icann.org> Cc: Matt Serlin <matt.serlin@markmonitor.com>
Dear SO/AC Chairs,
****
Recognizing the broad interest in the ICANN community on the RAA negotiations, we wanted to provide you with a brief update on the work conducted since the Prague Meeting for you to share with your members.
****
Since Prague, the negotiation teams have reviewed the input received from the Community in order to identify possible path forwards on the complex issues that have been put on the table in these negotiations. Several meetings have taken place and are scheduled prior to Toronto, including plans to invite the GAC to provide input from data protection experts on several specific issues. There is also an agreement among the negotiation teams to begin analysis of a potential framework for a privacy/proxy accreditation program to be explored with the broader ICANN community.
****
For more information on these important negotiations, please visit the ICANN wiki at:
https://community.icann.org/display/RAA/Negotiations+Between+ICANN+and+Regis...
****
Sincerely,
****
Kurt Pritz (ICANN) and Matt Serlin (MarkMonitor)
****
****
****
****
****
****
** **
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
-- Salanieta Tamanikaiwaimaro aka Sala P.O. Box 17862 Suva Fiji Twitter: @SalanietaT Skype:Salanieta.Tamanikaiwaimaro Fiji Cell: +679 998 2851
Apologies. I have just noticed that whilst at first sight, it says .aero (11 June 2009) when I click on it, it shows all the revised versions. The same is true for all other Agreements. My bad :( On Sat, Sep 8, 2012 at 11:24 AM, Salanieta T. Tamanikaiwaimaro < salanieta.tamanikaiwaimaro@gmail.com> wrote:
Thanks Carlton. I am slowly working my way into reading the material. I was on the http://www.icann.org/en/about/agreements/registries [got this from the WHOIS Review Final Report link] and noted that the .com Archived Agreement says 2006 and am wondering whether this is the Agreement that was extended or whether there were new conditions negotiated.
Could someone also clarify whether all the Agreements for others such as .info etc are all the most revised Agreements?
Thanks and kind regards,
On Sat, Sep 8, 2012 at 2:46 AM, Carlton Samuels <carlton.samuels@gmail.com
wrote:
FYI. Note the specific request for advice via GAC on data protection. - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
---------- Forwarded message ---------- From: Kurt Pritz <kurt.pritz@icann.org> Date: Thu, Sep 6, 2012 at 11:26 PM Subject: [soac-discussion] FW: Update on the RAA Negotiations Since Prague To: "soac-discussion@icann.org" <soac-discussion@icann.org> Cc: Matt Serlin <matt.serlin@markmonitor.com>
Dear SO/AC Chairs,
****
Recognizing the broad interest in the ICANN community on the RAA negotiations, we wanted to provide you with a brief update on the work conducted since the Prague Meeting for you to share with your members.
****
Since Prague, the negotiation teams have reviewed the input received from the Community in order to identify possible path forwards on the complex issues that have been put on the table in these negotiations. Several meetings have taken place and are scheduled prior to Toronto, including plans to invite the GAC to provide input from data protection experts on several specific issues. There is also an agreement among the negotiation teams to begin analysis of a potential framework for a privacy/proxy accreditation program to be explored with the broader ICANN community.
****
For more information on these important negotiations, please visit the ICANN wiki at:
https://community.icann.org/display/RAA/Negotiations+Between+ICANN+and+Regis...
****
Sincerely,
****
Kurt Pritz (ICANN) and Matt Serlin (MarkMonitor)
****
****
****
****
****
****
** **
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
-- Salanieta Tamanikaiwaimaro aka Sala P.O. Box 17862 Suva Fiji
Twitter: @SalanietaT Skype:Salanieta.Tamanikaiwaimaro Fiji Cell: +679 998 2851
-- Salanieta Tamanikaiwaimaro aka Sala P.O. Box 17862 Suva Fiji Twitter: @SalanietaT Skype:Salanieta.Tamanikaiwaimaro Fiji Cell: +679 998 2851
Hi Sala I think you have forgotten the ALAC comment on the .com agreement (in April 2012) - which was discussed on the ALAC list. See http://www.atlarge.icann.org/correspondence/correspondence-2-20apr12-en.htm If you remember, one of the strongest comments we made was on the lack of a thick Whois requirement, when the requirement is there for other registries and for new gTLD registries. Holly On 08/09/2012, at 9:27 AM, Salanieta T. Tamanikaiwaimaro wrote:
Apologies. I have just noticed that whilst at first sight, it says .aero (11 June 2009) when I click on it, it shows all the revised versions. The same is true for all other Agreements.
My bad :(
On Sat, Sep 8, 2012 at 11:24 AM, Salanieta T. Tamanikaiwaimaro < salanieta.tamanikaiwaimaro@gmail.com> wrote:
Thanks Carlton. I am slowly working my way into reading the material. I was on the http://www.icann.org/en/about/agreements/registries [got this from the WHOIS Review Final Report link] and noted that the .com Archived Agreement says 2006 and am wondering whether this is the Agreement that was extended or whether there were new conditions negotiated.
Could someone also clarify whether all the Agreements for others such as .info etc are all the most revised Agreements?
Thanks and kind regards,
On Sat, Sep 8, 2012 at 2:46 AM, Carlton Samuels <carlton.samuels@gmail.com
wrote:
FYI. Note the specific request for advice via GAC on data protection. - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
---------- Forwarded message ---------- From: Kurt Pritz <kurt.pritz@icann.org> Date: Thu, Sep 6, 2012 at 11:26 PM Subject: [soac-discussion] FW: Update on the RAA Negotiations Since Prague To: "soac-discussion@icann.org" <soac-discussion@icann.org> Cc: Matt Serlin <matt.serlin@markmonitor.com>
Dear SO/AC Chairs,
****
Recognizing the broad interest in the ICANN community on the RAA negotiations, we wanted to provide you with a brief update on the work conducted since the Prague Meeting for you to share with your members.
****
Since Prague, the negotiation teams have reviewed the input received from the Community in order to identify possible path forwards on the complex issues that have been put on the table in these negotiations. Several meetings have taken place and are scheduled prior to Toronto, including plans to invite the GAC to provide input from data protection experts on several specific issues. There is also an agreement among the negotiation teams to begin analysis of a potential framework for a privacy/proxy accreditation program to be explored with the broader ICANN community.
****
For more information on these important negotiations, please visit the ICANN wiki at:
https://community.icann.org/display/RAA/Negotiations+Between+ICANN+and+Regis...
****
Sincerely,
****
Kurt Pritz (ICANN) and Matt Serlin (MarkMonitor)
****
****
****
****
****
****
** **
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
-- Salanieta Tamanikaiwaimaro aka Sala P.O. Box 17862 Suva Fiji
Twitter: @SalanietaT Skype:Salanieta.Tamanikaiwaimaro Fiji Cell: +679 998 2851
Hi Holly, I haven't forgotten the statement which was composed. :) My email which has since been withdrawn was simply in relation to mapping. That was an excellent draft that you composed in relation to the recommendation for the thick Whois for the .com which shows that at the end of the day whilst we can advise the Board, the Board has the discretion to accept the advice or reject it. Although there is the possibility that the Board did raise the issue but after the fact....sigh Best Regards, Sala On Sun, Sep 9, 2012 at 6:30 PM, Holly Raiche <h.raiche@internode.on.net>wrote:
Hi Sala
I think you have forgotten the ALAC comment on the .com agreement (in April 2012) - which was discussed on the ALAC list. See http://www.atlarge.icann.org/correspondence/correspondence-2-20apr12-en.htm If you remember, one of the strongest comments we made was on the lack of a thick Whois requirement, when the requirement is there for other registries and for new gTLD registries.
Holly
On 08/09/2012, at 9:27 AM, Salanieta T. Tamanikaiwaimaro wrote:
Apologies. I have just noticed that whilst at first sight, it says .aero (11 June 2009) when I click on it, it shows all the revised versions. The same is true for all other Agreements.
My bad :(
On Sat, Sep 8, 2012 at 11:24 AM, Salanieta T. Tamanikaiwaimaro < salanieta.tamanikaiwaimaro@gmail.com> wrote:
Thanks Carlton. I am slowly working my way into reading the material. I was on the http://www.icann.org/en/about/agreements/registries [got this from the WHOIS Review Final Report link] and noted that the .com Archived Agreement says 2006 and am wondering whether this is the Agreement that was extended or whether there were new conditions negotiated.
Could someone also clarify whether all the Agreements for others such as .info etc are all the most revised Agreements?
Thanks and kind regards,
On Sat, Sep 8, 2012 at 2:46 AM, Carlton Samuels < carlton.samuels@gmail.com
wrote:
FYI. Note the specific request for advice via GAC on data protection. - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
---------- Forwarded message ---------- From: Kurt Pritz <kurt.pritz@icann.org> Date: Thu, Sep 6, 2012 at 11:26 PM Subject: [soac-discussion] FW: Update on the RAA Negotiations Since Prague To: "soac-discussion@icann.org" <soac-discussion@icann.org> Cc: Matt Serlin <matt.serlin@markmonitor.com>
Dear SO/AC Chairs,
****
Recognizing the broad interest in the ICANN community on the RAA negotiations, we wanted to provide you with a brief update on the work conducted since the Prague Meeting for you to share with your members.
****
Since Prague, the negotiation teams have reviewed the input received from the Community in order to identify possible path forwards on the complex issues that have been put on the table in these negotiations. Several meetings have taken place and are scheduled prior to Toronto, including plans to invite the GAC to provide input from data protection experts on several specific issues. There is also an agreement among the negotiation teams to begin analysis of a potential framework for a privacy/proxy accreditation program to be explored with the broader ICANN community.
****
For more information on these important negotiations, please visit the ICANN wiki at:
https://community.icann.org/display/RAA/Negotiations+Between+ICANN+and+Regis...
****
Sincerely,
****
Kurt Pritz (ICANN) and Matt Serlin (MarkMonitor)
****
****
****
****
****
****
** **
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
-- Salanieta Tamanikaiwaimaro aka Sala P.O. Box 17862 Suva Fiji
Twitter: @SalanietaT Skype:Salanieta.Tamanikaiwaimaro Fiji Cell: +679 998 2851
-- Salanieta Tamanikaiwaimaro aka Sala P.O. Box 17862 Suva Fiji Twitter: @SalanietaT Skype:Salanieta.Tamanikaiwaimaro Fiji Cell: +679 998 2851
Hi Carlton Privacy was one of the really hard issues that the Whois Review had to grapple with. If you look at the initial report (as opposed to the Final and Final Final reports) two privacy issues are there. The first is how to determine registrant eligibility for the privacy server. Should it be confined to individuals, or include organisations (clear candidates would be human rights groups in many countries, womens' refuges etc) Trying to define eligibility will be a challenge. The other challenge is to define who has legitimate access to the contact information held by the privacy server. 'Law enforcement agencies' was the initial thought. But in some countries, private organisations also perform law enforcement tasks under contract to the agency. They are performing legitimate law enforcement tasks but aren't themselves, agencies. Should they have access. Even more difficult are the countries where the state itself is the oppressor - and its 'law enforcement' agencies are the very reason for the need for privacy. I'm sure that is the reason the Final Final report backed away from any details on the proposal - and probably why discussion is being fostered now. I suspect there will be many varied and divergent views within ALAC - all of them legitimate. Providing input on what is a complex, vexed issue will be a challenge for GAC - and for ALAC. Holly On 08/09/2012, at 12:46 AM, Carlton Samuels wrote:
FYI. Note the specific request for advice via GAC on data protection. - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
---------- Forwarded message ---------- From: Kurt Pritz <kurt.pritz@icann.org> Date: Thu, Sep 6, 2012 at 11:26 PM Subject: [soac-discussion] FW: Update on the RAA Negotiations Since Prague To: "soac-discussion@icann.org" <soac-discussion@icann.org> Cc: Matt Serlin <matt.serlin@markmonitor.com>
Dear SO/AC Chairs,
****
Recognizing the broad interest in the ICANN community on the RAA negotiations, we wanted to provide you with a brief update on the work conducted since the Prague Meeting for you to share with your members.
****
Since Prague, the negotiation teams have reviewed the input received from the Community in order to identify possible path forwards on the complex issues that have been put on the table in these negotiations. Several meetings have taken place and are scheduled prior to Toronto, including plans to invite the GAC to provide input from data protection experts on several specific issues. There is also an agreement among the negotiation teams to begin analysis of a potential framework for a privacy/proxy accreditation program to be explored with the broader ICANN community.
****
For more information on these important negotiations, please visit the ICANN wiki at: https://community.icann.org/display/RAA/Negotiations+Between+ICANN+and+Regis...
****
Sincerely,
****
Kurt Pritz (ICANN) and Matt Serlin (MarkMonitor)
****
****
****
****
****
****
** ** <smime.p7s>_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
On Mon, Sep 10, 2012 at 1:47 PM, Holly Raiche <h.raiche@internode.on.net>wrote:
Hi Carlton
Privacy was one of the really hard issues that the Whois Review had to grapple with. If you look at the initial report (as opposed to the Final and Final Final reports) two privacy issues are there. The first is how to determine registrant eligibility for the privacy server. Should it be confined to individuals, or include organisations (clear candidates would be human rights groups in many countries, womens' refuges etc) Trying to define eligibility will be a challenge. The other challenge is to define who has legitimate access to the contact information held by the privacy server. 'Law enforcement agencies' was the initial thought. But in some countries, private organisations also perform law enforcement tasks under contract to the agency. They are performing legitimate law enforcement tasks but aren't themselves, agencies. Should they have access. Even more difficult are the countries where the state itself is the oppressor - and its 'law enforcement' agencies a! re the very reason for the need for privacy.
Noting that there are two Studies currently being undertaken by experts on the Whois Proxy & Privacy Study and Whois Proxy and Privacy Relay and Reveal Study which the global community was informed would conclude in 2012 but there has been a shift in when the outcome of this Study will be delivered which is now 2013, it follows that the Policy or PDP process will no doubt have to factor the results into the mix. However, this is not to say that discussions should wait for the results of the Studies, I think some work should be done now and a good starting point could to create a temporary baseline modelled around the findings Council of European National TLD Registries.
I'm sure that is the reason the Final Final report backed away from any details on the proposal - and probably why discussion is being fostered now.
I suspect there will be many varied and divergent views within ALAC - all of them legitimate. Providing input on what is a complex, vexed issue will be a challenge for GAC - and for ALAC.
Holly
On 08/09/2012, at 12:46 AM, Carlton Samuels wrote:
FYI. Note the specific request for advice via GAC on data protection. - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
---------- Forwarded message ---------- From: Kurt Pritz <kurt.pritz@icann.org> Date: Thu, Sep 6, 2012 at 11:26 PM Subject: [soac-discussion] FW: Update on the RAA Negotiations Since Prague To: "soac-discussion@icann.org" <soac-discussion@icann.org> Cc: Matt Serlin <matt.serlin@markmonitor.com>
Dear SO/AC Chairs,
****
Recognizing the broad interest in the ICANN community on the RAA negotiations, we wanted to provide you with a brief update on the work conducted since the Prague Meeting for you to share with your members.
****
Since Prague, the negotiation teams have reviewed the input received from the Community in order to identify possible path forwards on the complex issues that have been put on the table in these negotiations. Several meetings have taken place and are scheduled prior to Toronto, including plans to invite the GAC to provide input from data protection experts on several specific issues. There is also an agreement among the negotiation teams to begin analysis of a potential framework for a privacy/proxy accreditation program to be explored with the broader ICANN community.
****
For more information on these important negotiations, please visit the ICANN wiki at:
https://community.icann.org/display/RAA/Negotiations+Between+ICANN+and+Regis...
****
Sincerely,
****
Kurt Pritz (ICANN) and Matt Serlin (MarkMonitor)
****
****
****
****
****
****
** ** <smime.p7s>_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
-- Salanieta Tamanikaiwaimaro aka Sala P.O. Box 17862 Suva Fiji Twitter: @SalanietaT Skype:Salanieta.Tamanikaiwaimaro Fiji Cell: +679 998 2851
Hi Holly: Absolutely, the privacy issues you highlighted do attract spirited debate and very emotional responses. The ALAC has staked out its position and at least for the last 3 years, that position has been consistently reiterated: a recognition that in furtherance of free speech rights, some groups, especially ones that might be politically inconvenient, do indeed deserve some protection; a formal community embrace of defined privacy services and their providers; the conditions under which a privacy provider would be authorised. Best, - Carlton ============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* ============================= On Sun, Sep 9, 2012 at 8:47 PM, Holly Raiche <h.raiche@internode.on.net>wrote:
Hi Carlton
Privacy was one of the really hard issues that the Whois Review had to grapple with. If you look at the initial report (as opposed to the Final and Final Final reports) two privacy issues are there. The first is how to determine registrant eligibility for the privacy server. Should it be confined to individuals, or include organisations (clear candidates would be human rights groups in many countries, womens' refuges etc) Trying to define eligibility will be a challenge. The other challenge is to define who has legitimate access to the contact information held by the privacy server. 'Law enforcement agencies' was the initial thought. But in some countries, private organisations also perform law enforcement tasks under contract to the agency. They are performing legitimate law enforcement tasks but aren't themselves, agencies. Should they have access. Even more difficult are the countries where the state itself is the oppressor - and its 'law enforcement' agencies are the very reason for the need for privacy.
I'm sure that is the reason the Final Final report backed away from any details on the proposal - and probably why discussion is being fostered now.
I suspect there will be many varied and divergent views within ALAC - all of them legitimate. Providing input on what is a complex, vexed issue will be a challenge for GAC - and for ALAC.
Holly
On 08/09/2012, at 12:46 AM, Carlton Samuels wrote:
FYI. Note the specific request for advice via GAC on data protection. - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
---------- Forwarded message ---------- From: Kurt Pritz <kurt.pritz@icann.org> Date: Thu, Sep 6, 2012 at 11:26 PM Subject: [soac-discussion] FW: Update on the RAA Negotiations Since Prague To: "soac-discussion@icann.org" <soac-discussion@icann.org> Cc: Matt Serlin <matt.serlin@markmonitor.com>
Dear SO/AC Chairs,
****
Recognizing the broad interest in the ICANN community on the RAA negotiations, we wanted to provide you with a brief update on the work conducted since the Prague Meeting for you to share with your members.
****
Since Prague, the negotiation teams have reviewed the input received from the Community in order to identify possible path forwards on the complex issues that have been put on the table in these negotiations. Several meetings have taken place and are scheduled prior to Toronto, including plans to invite the GAC to provide input from data protection experts on several specific issues. There is also an agreement among the negotiation teams to begin analysis of a potential framework for a privacy/proxy accreditation program to be explored with the broader ICANN community.
****
For more information on these important negotiations, please visit the ICANN wiki at:
https://community.icann.org/display/RAA/Negotiations+Between+ICANN+and+Regis...
****
Sincerely,
****
Kurt Pritz (ICANN) and Matt Serlin (MarkMonitor)
****
****
****
****
****
****
** ** <smime.p7s>_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
I should also add that the threats that accompany the TPP gives rise to what Holly mentions in terms of "private law enforcement" where IP mark holders by virtue of serving notice directly can have access. This is why laws need to be debated by people in Parliaments or Legislative Assemblies. What happens to "Due Process"? What constitutes a legal seizure of a Domain Name? On Tue, Sep 11, 2012 at 3:58 AM, Carlton Samuels <carlton.samuels@gmail.com>wrote:
Hi Holly: Absolutely, the privacy issues you highlighted do attract spirited debate and very emotional responses. The ALAC has staked out its position and at least for the last 3 years, that position has been consistently reiterated: a recognition that in furtherance of free speech rights, some groups, especially ones that might be politically inconvenient, do indeed deserve some protection; a formal community embrace of defined privacy services and their providers; the conditions under which a privacy provider would be authorised.
Best, - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
On Sun, Sep 9, 2012 at 8:47 PM, Holly Raiche <h.raiche@internode.on.net
wrote:
Hi Carlton
Privacy was one of the really hard issues that the Whois Review had to grapple with. If you look at the initial report (as opposed to the Final and Final Final reports) two privacy issues are there. The first is how to determine registrant eligibility for the privacy server. Should it be confined to individuals, or include organisations (clear candidates would be human rights groups in many countries, womens' refuges etc) Trying to define eligibility will be a challenge. The other challenge is to define who has legitimate access to the contact information held by the privacy server. 'Law enforcement agencies' was the initial thought. But in some countries, private organisations also perform law enforcement tasks under contract to the agency. They are performing legitimate law enforcement tasks but aren't themselves, agencies. Should they have access. Even more difficult are the countries where the state itself is the oppressor - and its 'law enforcement' agencies are the very reason for the need for privacy.
I'm sure that is the reason the Final Final report backed away from any details on the proposal - and probably why discussion is being fostered now.
I suspect there will be many varied and divergent views within ALAC - all of them legitimate. Providing input on what is a complex, vexed issue will be a challenge for GAC - and for ALAC.
Holly
On 08/09/2012, at 12:46 AM, Carlton Samuels wrote:
FYI. Note the specific request for advice via GAC on data protection. - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
---------- Forwarded message ---------- From: Kurt Pritz <kurt.pritz@icann.org> Date: Thu, Sep 6, 2012 at 11:26 PM Subject: [soac-discussion] FW: Update on the RAA Negotiations Since Prague To: "soac-discussion@icann.org" <soac-discussion@icann.org> Cc: Matt Serlin <matt.serlin@markmonitor.com>
Dear SO/AC Chairs,
****
Recognizing the broad interest in the ICANN community on the RAA negotiations, we wanted to provide you with a brief update on the work conducted since the Prague Meeting for you to share with your members.
****
Since Prague, the negotiation teams have reviewed the input received from the Community in order to identify possible path forwards on the complex issues that have been put on the table in these negotiations. Several meetings have taken place and are scheduled prior to Toronto, including plans to invite the GAC to provide input from data protection experts on several specific issues. There is also an agreement among the negotiation teams to begin analysis of a potential framework for a privacy/proxy accreditation program to be explored with the broader ICANN community.
****
For more information on these important negotiations, please visit the ICANN wiki at:
https://community.icann.org/display/RAA/Negotiations+Between+ICANN+and+Regis...
****
Sincerely,
****
Kurt Pritz (ICANN) and Matt Serlin (MarkMonitor)
****
****
****
****
****
****
** ** <smime.p7s>_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
-- Salanieta Tamanikaiwaimaro aka Sala P.O. Box 17862 Suva Fiji Twitter: @SalanietaT Skype:Salanieta.Tamanikaiwaimaro Fiji Cell: +679 998 2851
I would normally agree, except this is not how it happens in reality. We have the theory, but then there is reality.... You cannot expect Parliaments etc to really take notice and address issues if the internet public themselves are self defeatist. The current mantra is "privacy and anonymity at all costs". Essentially this creates an environment that is totally unmanageable and creates a threat to everyone. We need responsibility in this process. What do you think happens currently? We find bullet proof hosters, uncooperative registrars referring us to IC3's website and IC3 only willing to address the worst of the worst. But what is teh worst, if you can't link incidents? The current implementation of the WHOIS policy allows a malicious registrant to change names to perpetuate malicious activities. In the process he uses VPNs that keep no logs, paid for by places totally outside the recognized monetary systems. This leaves law enforcement virtually powerless. By the time victim losses eventually tally to the point where law enforcement takes notice, much harm has been dome already. In the past I mentioned Heihachi here, a "Russina" reseller for an American registrar who refused to deal with the issue effectively. The reseller themselves had fake WHOIS registration data, but were allowed to act as a privacy proxy. In the process they shielded a group known as the fake shopkeepers. This resulted in what was described as Germany's largest cyber-scam last month in the media when the perpetrators were sentenced; ~2000 victims opened cases, over 1m € losses, 190 recorded fake shops. Of those 190 shops, approximately half were domains via Turkish registrar, the other half via American. It's not as if the reports weren't flowing in before of fake whois and abuse. The news reports ignore numerous DDoS attacks on servers worldwide, from the USA to India and Germay, mixed with hacking attempts by this gang using the Heihachi network. Currently we have garbage going into the system, yet we are loathe to clean up and wish to pass the buck. Many times privacy/anonymity is used as an excuse for this garbage. "Due process" takes a lot of time and money, all for the sake of an unverified $10 domain registration. Who foots the bill for that? The victim? Why victimize a victim further? Then off course there is the presumption that due process works across international borders. Unfortunately we do not have a perfect world. As the situation currently stands, the worst enemy of the ordinary user is privacy and anonymity. Right now innocent peoples data is being stolen and abused by a few anonymous players using domains and resources purchased with anonymizing mechanisms. I would strongly suggest that ICANN and a knowledgeable independent party does a study on how bad actors were able to target innocent users using the DNS system and associated anonymizing mechanisms. I believe the fake shopkeeper saga in Germany would be a great case study as this effected the stability of and trust in the net. The fact that the owner of Heihachi was arrested eventually is small consolation for those he harmed (he was not Russian, an open secret, except no-one was willing to listen). Likewise the fake shop gang in Germany who eventually got their day in court is small consolation. My point: It is easy to debate these issues without real experience or reference points of what is happening in the abuse arena. In fact most law enforcement officials and parliamentarians do not even understand the real Internet and the threats the great unwashed are experiencing. I can report domains that target users On 9/10/2012 9:45 PM, Salanieta T. Tamanikaiwaimaro wrote:
I should also add that the threats that accompany the TPP gives rise to what Holly mentions in terms of "private law enforcement" where IP mark holders by virtue of serving notice directly can have access. This is why laws need to be debated by people in Parliaments or Legislative Assemblies. What happens to "Due Process"? What constitutes a legal seizure of a Domain Name?
On Tue, Sep 11, 2012 at 3:58 AM, Carlton Samuels <carlton.samuels@gmail.com>wrote:
Hi Holly: Absolutely, the privacy issues you highlighted do attract spirited debate and very emotional responses. The ALAC has staked out its position and at least for the last 3 years, that position has been consistently reiterated: a recognition that in furtherance of free speech rights, some groups, especially ones that might be politically inconvenient, do indeed deserve some protection; a formal community embrace of defined privacy services and their providers; the conditions under which a privacy provider would be authorised.
Best, - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
On Sun, Sep 9, 2012 at 8:47 PM, Holly Raiche <h.raiche@internode.on.net
wrote:
Hi Carlton
Privacy was one of the really hard issues that the Whois Review had to grapple with. If you look at the initial report (as opposed to the Final and Final Final reports) two privacy issues are there. The first is how to determine registrant eligibility for the privacy server. Should it be confined to individuals, or include organisations (clear candidates would be human rights groups in many countries, womens' refuges etc) Trying to define eligibility will be a challenge. The other challenge is to define who has legitimate access to the contact information held by the privacy server. 'Law enforcement agencies' was the initial thought. But in some countries, private organisations also perform law enforcement tasks under contract to the agency. They are performing legitimate law enforcement tasks but aren't themselves, agencies. Should they have access. Even more difficult are the countries where the state itself is the oppressor - and its 'law enforcement' agencies are the very reason for the need for privacy.
I'm sure that is the reason the Final Final report backed away from any details on the proposal - and probably why discussion is being fostered now.
I suspect there will be many varied and divergent views within ALAC - all of them legitimate. Providing input on what is a complex, vexed issue will be a challenge for GAC - and for ALAC.
Holly
On 08/09/2012, at 12:46 AM, Carlton Samuels wrote:
FYI. Note the specific request for advice via GAC on data protection. - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
---------- Forwarded message ---------- From: Kurt Pritz <kurt.pritz@icann.org> Date: Thu, Sep 6, 2012 at 11:26 PM Subject: [soac-discussion] FW: Update on the RAA Negotiations Since Prague To: "soac-discussion@icann.org" <soac-discussion@icann.org> Cc: Matt Serlin <matt.serlin@markmonitor.com>
Dear SO/AC Chairs,
****
Recognizing the broad interest in the ICANN community on the RAA negotiations, we wanted to provide you with a brief update on the work conducted since the Prague Meeting for you to share with your members.
****
Since Prague, the negotiation teams have reviewed the input received from the Community in order to identify possible path forwards on the complex issues that have been put on the table in these negotiations. Several meetings have taken place and are scheduled prior to Toronto, including plans to invite the GAC to provide input from data protection experts on several specific issues. There is also an agreement among the negotiation teams to begin analysis of a potential framework for a privacy/proxy accreditation program to be explored with the broader ICANN community.
****
For more information on these important negotiations, please visit the ICANN wiki at:
https://community.icann.org/display/RAA/Negotiations+Between+ICANN+and+Regis...
****
Sincerely,
****
Kurt Pritz (ICANN) and Matt Serlin (MarkMonitor)
****
****
****
****
****
****
** ** <smime.p7s>_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
On Tue, Sep 11, 2012 at 9:29 AM, Derek Smythe <derek@aa419.org> wrote:
I would normally agree, except this is not how it happens in reality.
You have an absolutely valid point. The reality is also that there are people whose rights have been infringed whether they have been defrauded and due process can be difficult.
We have the theory, but then there is reality....
You cannot expect Parliaments etc to really take notice and address issues if the internet public themselves are self defeatist. The current mantra is "privacy and anonymity at all costs".
Recently the South Korean Courts ruled in favour of allowing privacy but said that where criminal investigations then internet addresses could be looked up. See: http://english.khan.co.kr/khan_art_view.html?artid=201 the 208241354087&code=790101<http://english.khan.co.kr/khan_art_view.html?artid=201208241354087&code=7901...> There are things that will require consideration where there are competing categories. Even the Review Team and consensus from the general community recognise that there are legitimate grounds for protection of privacy and I am absolutely sure that it does not include harbouring "criminals". I agree with you. Essentially
this creates an environment that is totally unmanageable and creates a threat to everyone. We need responsibility in this process.
I agree!
What do you think happens currently? We find bullet proof hosters, uncooperative registrars referring us to IC3's website and IC3 only willing to address the worst of the worst. But what is teh worst, if you can't link incidents?
This is precisely why ICANN needs to toughen up and get its act together and force Registrars (yes force) to pull the plug on Registrants and resellers who are not managing the Whois lookups properly provided that proper processes and notifications have been followed.
The current implementation of the WHOIS policy allows a malicious registrant to change names to perpetuate malicious activities. In the process he uses VPNs that keep no logs, paid for by places totally outside the recognized monetary systems. This leaves law enforcement virtually powerless.
The GNSO after calls from the community and mainly the GAC pushing is currently doing studies which were supposed to be completed this year but will conclude next year, see:http://gnso.icann.org/en/issues/whois/studies. Whois Misuse Study;Whois Proxy and Privacy Abuse; Whois Registrant Identification and Whois Proxy & Privacy Relay and Reveal Study. I had recommended to the ALAC that At Large gather feedback and send them to the GNSO to give to those conducting the Studies. We do not have to wait for the results of the Studies to come back before we cross pollinate. Shall we start putting something together? Let me know. We can make submissions. I will try and put a skeletal submission and send to the community to give their feedback. I know Garth has done this before. It will be great to collate feedback from all over At Large, I know that our Whois Chair, Carlton would be willing to push this through.
By the time victim losses eventually tally to the point where law enforcement takes notice, much harm has been dome already.
In the past I mentioned Heihachi here, a "Russina" reseller for an American registrar who refused to deal with the issue effectively. The reseller themselves had fake WHOIS registration data, but were allowed to act as a privacy proxy.
This should not be tolerated.
In the process they shielded a group known as the fake shopkeepers. This resulted in what was described as Germany's largest cyber-scam last month in the media when the perpetrators were sentenced; ~2000 victims opened cases, over 1m € losses, 190 recorded fake shops.
This is an excellent point especially the Economic loss.
Of those 190 shops, approximately half were domains via Turkish registrar, the other half via American. It's not as if the reports weren't flowing in before of fake whois and abuse.
The news reports ignore numerous DDoS attacks on servers worldwide, from the USA to India and Germay, mixed with hacking attempts by this gang using the Heihachi network.
Currently we have garbage going into the system, yet we are loathe to clean up and wish to pass the buck. Many times privacy/anonymity is used as an excuse for this garbage. "Due process" takes a lot of time and money, all for the sake of an unverified $10 domain registration. Who foots the bill for that? The victim? Why victimize a victim further?
Then off course there is the presumption that due process works across international borders. Unfortunately we do not have a perfect world.
As the situation currently stands, the worst enemy of the ordinary user is privacy and anonymity. Right now innocent peoples data is being stolen and abused by a few anonymous players using domains and resources purchased with anonymizing mechanisms.
We should not have to wait for 2013 or some consensus policy to address this! This is purely being a responsible netizen.
I would strongly suggest that ICANN and a knowledgeable independent party does a study on how bad actors were able to target innocent users using the DNS system and associated anonymizing mechanisms. I believe the fake shopkeeper saga in Germany would be a great case study as this effected the stability of and trust in the net.
This is currently being done, see the link to the Studies I sent.
The fact that the owner of Heihachi was arrested eventually is small consolation for those he harmed (he was not Russian, an open secret, except no-one was willing to listen). Likewise the fake shop gang in Germany who eventually got their day in court is small consolation.
My point:
It is easy to debate these issues without real experience or reference points of what is happening in the abuse arena. In fact most law enforcement officials and parliamentarians do not even understand the real Internet and the threats the great unwashed are experiencing.
That's the whole point about debate and dialogue to tease out issues.
I can report domains that target end users
Excellent, maybe the At large could even help by having a "name and shame" space somewhere...
On 9/10/2012 9:45 PM, Salanieta T. Tamanikaiwaimaro wrote:
I should also add that the threats that accompany the TPP gives rise to what Holly mentions in terms of "private law enforcement" where IP mark holders by virtue of serving notice directly can have access. This is why laws need to be debated by people in Parliaments or Legislative Assemblies. What happens to "Due Process"? What constitutes a legal seizure of a Domain Name?
On Tue, Sep 11, 2012 at 3:58 AM, Carlton Samuels <carlton.samuels@gmail.com>wrote:
Hi Holly: Absolutely, the privacy issues you highlighted do attract spirited debate and very emotional responses. The ALAC has staked out its position and at least for the last 3 years, that position has been consistently reiterated: a recognition that in furtherance of free speech rights, some groups, especially ones that might be politically inconvenient, do indeed deserve some protection; a formal community embrace of defined privacy services and their providers; the conditions under which a privacy provider would be authorised.
Best, - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
On Sun, Sep 9, 2012 at 8:47 PM, Holly Raiche <h.raiche@internode.on.net
wrote:
Hi Carlton
Privacy was one of the really hard issues that the Whois Review had to grapple with. If you look at the initial report (as opposed to the Final and Final Final reports) two privacy issues are there. The first is how to determine registrant eligibility for the privacy server. Should it be confined to individuals, or include organisations (clear candidates would be human rights groups in many countries, womens' refuges etc) Trying to define eligibility will be a challenge. The other challenge is to define who has legitimate access to the contact information held by the privacy server. 'Law enforcement agencies' was the initial thought. But in some countries, private organisations also perform law enforcement tasks under contract to the agency. They are performing legitimate law enforcement tasks but aren't themselves, agencies. Should they have access. Even more difficult are the countries where the state itself is the oppressor - and its 'law enforcement' agencies are the very reason for the need for privacy.
I'm sure that is the reason the Final Final report backed away from any details on the proposal - and probably why discussion is being fostered now.
I suspect there will be many varied and divergent views within ALAC - all of them legitimate. Providing input on what is a complex, vexed issue will be a challenge for GAC - and for ALAC.
Holly
On 08/09/2012, at 12:46 AM, Carlton Samuels wrote:
FYI. Note the specific request for advice via GAC on data protection. - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
---------- Forwarded message ---------- From: Kurt Pritz <kurt.pritz@icann.org> Date: Thu, Sep 6, 2012 at 11:26 PM Subject: [soac-discussion] FW: Update on the RAA Negotiations Since Prague To: "soac-discussion@icann.org" <soac-discussion@icann.org> Cc: Matt Serlin <matt.serlin@markmonitor.com>
Dear SO/AC Chairs,
****
Recognizing the broad interest in the ICANN community on the RAA negotiations, we wanted to provide you with a brief update on the work conducted since the Prague Meeting for you to share with your members.
****
Since Prague, the negotiation teams have reviewed the input received from the Community in order to identify possible path forwards on the complex issues that have been put on the table in these negotiations. Several meetings have taken place and are scheduled prior to Toronto, including plans to invite the GAC to provide input from data protection experts on several specific issues. There is also an agreement among the negotiation teams to begin analysis of a potential framework for a privacy/proxy accreditation program to be explored with the broader ICANN community.
****
For more information on these important negotiations, please visit the ICANN wiki at:
https://community.icann.org/display/RAA/Negotiations+Between+ICANN+and+Regis...
****
Sincerely,
****
Kurt Pritz (ICANN) and Matt Serlin (MarkMonitor)
****
****
****
****
****
****
** ** <smime.p7s>_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
-- Salanieta Tamanikaiwaimaro aka Sala P.O. Box 17862 Suva Fiji Twitter: @SalanietaT Skype:Salanieta.Tamanikaiwaimaro Fiji Cell: +679 998 2851
Thanks Carlton The real challenge will not be the principle: when I sat in the Whois Review team discussions, there was general acceptance of the need to protect those groups that may be at risk in certain political situations. The challenge is putting the generally agreed principle into words - how to describe human rights groups in a way that identifies those groups/individuals that will be at risk while not giving the same protection to those who would take advantage for nefarious purposes (the SSAC work showed a large number of people in malware/criminal activity using the privacy/proxy server device to hide their identity.) So it is a clear case of the devil in the detail. And the other challenge is defining who gets access to those details and in what circumstance. Again - a very vexed question. Yes, it is a real issue for ALAC - but once we get beyond principle, it will be a complex set of issues Holly On 11/09/2012, at 1:58 AM, Carlton Samuels wrote:
Hi Holly: Absolutely, the privacy issues you highlighted do attract spirited debate and very emotional responses. The ALAC has staked out its position and at least for the last 3 years, that position has been consistently reiterated: a recognition that in furtherance of free speech rights, some groups, especially ones that might be politically inconvenient, do indeed deserve some protection; a formal community embrace of defined privacy services and their providers; the conditions under which a privacy provider would be authorised.
Best, - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 Strategy, Planning, Governance, Assessment & Turnaround =============================
On Sun, Sep 9, 2012 at 8:47 PM, Holly Raiche <h.raiche@internode.on.net> wrote: Hi Carlton
Privacy was one of the really hard issues that the Whois Review had to grapple with. If you look at the initial report (as opposed to the Final and Final Final reports) two privacy issues are there. The first is how to determine registrant eligibility for the privacy server. Should it be confined to individuals, or include organisations (clear candidates would be human rights groups in many countries, womens' refuges etc) Trying to define eligibility will be a challenge. The other challenge is to define who has legitimate access to the contact information held by the privacy server. 'Law enforcement agencies' was the initial thought. But in some countries, private organisations also perform law enforcement tasks under contract to the agency. They are performing legitimate law enforcement tasks but aren't themselves, agencies. Should they have access. Even more difficult are the countries where the state itself is the oppressor - and its 'law enforcement' agencies are the very reason for the need for privacy.
I'm sure that is the reason the Final Final report backed away from any details on the proposal - and probably why discussion is being fostered now.
I suspect there will be many varied and divergent views within ALAC - all of them legitimate. Providing input on what is a complex, vexed issue will be a challenge for GAC - and for ALAC.
Holly
On 08/09/2012, at 12:46 AM, Carlton Samuels wrote:
FYI. Note the specific request for advice via GAC on data protection. - Carlton
============================== Carlton A Samuels Mobile: 876-818-1799 *Strategy, Planning, Governance, Assessment & Turnaround* =============================
---------- Forwarded message ---------- From: Kurt Pritz <kurt.pritz@icann.org> Date: Thu, Sep 6, 2012 at 11:26 PM Subject: [soac-discussion] FW: Update on the RAA Negotiations Since Prague To: "soac-discussion@icann.org" <soac-discussion@icann.org> Cc: Matt Serlin <matt.serlin@markmonitor.com>
Dear SO/AC Chairs,
****
Recognizing the broad interest in the ICANN community on the RAA negotiations, we wanted to provide you with a brief update on the work conducted since the Prague Meeting for you to share with your members.
****
Since Prague, the negotiation teams have reviewed the input received from the Community in order to identify possible path forwards on the complex issues that have been put on the table in these negotiations. Several meetings have taken place and are scheduled prior to Toronto, including plans to invite the GAC to provide input from data protection experts on several specific issues. There is also an agreement among the negotiation teams to begin analysis of a potential framework for a privacy/proxy accreditation program to be explored with the broader ICANN community.
****
For more information on these important negotiations, please visit the ICANN wiki at: https://community.icann.org/display/RAA/Negotiations+Between+ICANN+and+Regis...
****
Sincerely,
****
Kurt Pritz (ICANN) and Matt Serlin (MarkMonitor)
****
****
****
****
****
****
** ** <smime.p7s>_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org https://atlarge-lists.icann.org/mailman/listinfo/at-large
At-Large Official Site: http://atlarge.icann.org
participants (4)
-
Carlton Samuels -
Derek Smythe -
Holly Raiche -
Salanieta T. Tamanikaiwaimaro