Dear Elise and Kim,

It has taken some time, but please find included the (long) pending response on your questions re Implementation of the ccNSO FOI WG recommendations.

On behalf of Becky and Keith,

Kind regards,

Bart

FOI Implementation Advisory:

Contact details Consent of the ccTLD manager

To: Elise Gerich, Kim Davies

Cc: ccNSO Council

Date: 23 August 2016

Introduction & Advise

In preparation of the 10 December 2016 Council meeting, Keith Davidson, in his capacity as member of the FOI Implementation Advisory Team, raised the issue with the ccNSO Council that ICANN staff working on the implementation of the Framework of Interpretation has raised some questions on how to implement the request to IANA not to contact the admin and technical contacts listed on the IANA database, when it’s an issue of delegation or revocation or retirement. Instead, there should be a specific person or procedure for these more serious changes to the IANA database. To solicit input from Councillors, this topic was discussed in the aforementioned ccNSO Council meetings (10 December 2015) and the direct following one (21 January 2016). In addition, feed-back by email was sought.

Based on the conversations and input received, the FOI Implementation Advisory Team advises IANA staff:

1) There has been no consistency in the feedback received from the very small pool of ccNSO Councillors, so opening up the consultation to seek more, additional opinions will only make things harder.

2) As to the questions, the answer is quite simple: IANA should introduce/open up a field to record the instruction from the ccTLD with respect to whom to seek consent in case of the transfer etc. and then ask ccTLDs what their preference is. For example, .nz might respond "To verify a transfer of .ab the incumbent manager must provide a copy of the resolution of its governing council verified by the President and the CEO of the organisation.” Whereas another might state "the transfer of .xy can only occur after verification by the appropriate minister".

Background

According to the FOI, in case of a transfer of the ccTLD: "the IANA Operator only seeks consent for a transfer request from the incumbent manager and the proposed manager. The IANA Operator should not seek consent from the Administrative or Technical contacts.”

A transfer is interpreted "to refer to the process by which the IANA Operator transfers the responsibility from an incumbent manager to a new manager with the consent of both parties.” To be clear “what a party is being asked to agree to in a Transfer, is the transfer of the incumbent manager’s role as trustee for the ccTLD (as the term is used in RFC1591) to the proposed manager, including, without limitation, changing the entry in the IANA database”

With respect to the person(s) providing consent the FOI requires further that the IANA Operator formally records:

"The status of the person providing the consent or response, and should demonstrate that a party's consent to a Redelegation (i.e.: Transfer) is clear, informed, unambiguous, affirmatively expressed, and freely given."

In other words: if the IANA Operator should not seek consent from the Admin or Tech contact as listed in the IANA database, in case of these major changes to a ccTLD, who should be the contact? Or phrased differently, who or by which process does a ccTLD manager consent to these major changes?

Based on experience, some ccTLDs might have a contact person, others might have a title to contact, (for example, the CEO), some might outline a process like having Chairman and CEO to confirm, by copying in the resolution from the minutes that agreed to the revocation.

The questions IANA staff is asking are:

· Should the IANA Operator maintain this specific information inside the IANA database, or outside of the IANA database as a separate record?

· Should this information be published or be publicly available, or conversely, should it be kept confidential between the parties? And

· Should there be different processes available to reflect the different needs between ccTLDs?

Councillors were asked to think about these questions and what would be appropriate to each Councillor’s ccTLDs and what information they would like to see recorded by IANA in terms of the process if ever it should come up.

During the ccNSO Council call on 21 January 2016 the following remarks were made:

· (Councillor 1): Read note with interest. Based on her former experience she noted that Information needs to be kept private: inundated with spam.

· (Councillor2): I think the person to be contacted is the Legal Representatives and this information should be private. Whether it is kept in the same database it doesn´t matter.

After the Council meeting one more Councillor provided a response by email:

1) I think this should be maintained as a separate record.

2) I believe it should be kept confidential to lower the risk but there must be a clear procedure of how parties can provide (initially), learn and update this information. This information could be provided by the Admin contact. Maybe Admin contact also should be allowed to get this info but all the updates should be provided the same way as in the case of the transfer request.

3) Yes, I believe there should be different processes for different ccTLDs. First, the legal structure of ccTLDs differ. Second, some ccTLDs have formal agreements with ICANN. If I understand it correctly (we have exchanged letters) those are trilateral agreements, i.e., the respective governments are parties to those agreements. I have no clue what Californian law says about that but at least according to our civil law if one of the parties is changed the government as another party should be consulted.

On behalf of the ccNSO FOI Implementation Advisory Team (Becky Burr and Keith Davidson)

Bart Boswinkel