Thank you, Bruna, for providing this detailed comment in advance of the Council meeting. Would it be correct to say that NCSG is prepared to accept the RDRS Standing Committee Report, but requests further discussion of the DNS abuse Issues Report that is based on the work of the DNS Abuse Small Team? *The Issues Report states:* Based on data analysis, community consultation, and input from stakeholder groups (SGs), the Small Team recommended the following three gaps be prioritized for policy work in the Issue Report: ● Associated Domain Checks: Malicious domains are often part of broader campaigns involving dozens or hundreds of related domains. Currently, when a registrar finds that one domain is malicious, there is no contractual requirement that the registrar must investigate whether the same registrant or account has other active domains that are also being used for similar abuse. ● Unrestricted Application Programming Interface (API) access for new customers: Many registrars offer Application Programming Interfaces (APIs) or batch-registration portals that allow resellers or high-volume customers to register large numbers of domain names rapidly. According to studies such as the INFERMAL study, insufficient gating or friction for new users to access these batch registration tools can lead to the proliferation of DNS Abuse. ● Limited coordination on Domain Generation Algorithm (DGA)-based abuse: Botnets using DGAs generate many domain names (sometimes hundreds a day) for their command-and-control. 7 Law enforcement must contact each implicated registry individually when trying to mitigate malware or botnets that use DGAs at scale, which can result in fragmented, delayed, and inconsistent responses. These are low frequency but high impact events. There is no central clearinghouse or coordination hub to quickly disseminate these domain lists to all relevant operators. 8 The Small Team has chosen the above topics from the matrix, based on topics that seem appropriate for policy development (taking into consideration review of source data, input/priorities received by Small Team members, and Community consultation during ICANN83), meaning that the topics are intended to be: ● important/impactful gap to solve, ● likely to gain broad consensus, and ● ideally, areas in which the potential solution(s) seem achievable, having in mind current workload and resources. It seems most of the NCSG comments bear on the work of the small team and the resulting Issues Report. Is that correct? (I'm trying to recall the discussion in Dublin in the session on the work done by the Small Team and NCSG participation in that session.) *PDP Model* Separately, with respect to the Model to be chosen, my personal view is that Representative + Open is the way to go in order to promote transparency but as some have noted, there can be issues with members joining late in the process and/or only coming in for a single issue without considering the whole set of policy recommendations and engaging in a virtual "filibuster" of the deliberations. It seems to me that the Council could specify limitations here, e.g. that a non-representative member must join in the original Call for Volunteers and that every member will be held to a percentage standard of participation, e.g. 75%. These further limitations would serve to mitigate concerns about the Representative +Open Model. I am mindful of the fact that under our procedures, a deferral (which may be granted by the Chair in the Chair's discretion) may only be granted for a period of one meeting. The above questions/comments are offered for the purpose of trying to help clarify issues around the concerns expressed by the NCSG. Thank you, Anne Anne Aikman-Scalese GNSO Councilor NomCom Non-Voting 2022-2026 anneicanngnso@gmail.com On Mon, Dec 8, 2025 at 7:38 AM Bruna Martins dos Santos via council < council@icann.org> wrote:
Dear Council,
In light of this week's meeting and motion regarding the DNS Abuse PDP, I would like to share the following position from the NCSG:
*NCSG Position on the DNS Abuse PDPs*
*The Noncommercial Stakeholders Group (NCSG) acknowledges the importance of ICANN’s DNS Abuse mitigation efforts? and recognizes the Council's extensive discussions, public comments, and ongoing efforts in this area. However, the NCSG has significant concerns regarding the motions submitted to the Council list.The NCSG acknowledges the motion's sequential framing; the practical effect remains two separate PDPs rather than a truly integrated phased workstream. We therefore do not support establishing two separate PDPs as proposed in the motion. Given the NCSG’s limited capacity to engage, having two PDPs at the same time is not feasible. Having one PDP completed in phases would ensure NCSG capacity throughout the overall process. While the motion indicates that PDP 1 will focus on Associated Domain Checks and PDP 2 on API functionality, the language stating that "the GNSO Council will revisit the draft Charter on DNS Abuse Mitigation PDP 2 when deemed appropriate based upon the progress and resources needed for PDP 1" does not clearly establish whether these constitute phased workstreams or truly separate PDPs. The NCSG would prefer a phased PDP approach rather than two concurrent or sequential independent processes for these related topics. Moreover, it seems that the final issue report still recommends concurrent PDPs despite our emphasis that they should not be concurrent which makes the process more ambiguous. This incongruity risks causing confusion and requires Council discussion to resolve them.Additionally, NCSG believes the Council should first discuss which specific topics warrant prioritization based on the recommendations in the Final Issue Report, and then provide recommendations of approaches to the PDP regarding timelines and scope. We also believe the PDP participants should decide which topics they should prioritize and provide a rationale for it, with clear timelines. NCSG's most significant concern remains the process itself. There has been insufficient deliberation regarding the charter structure and the working group model to be adopted during the PDP process. In our view, proceeding without this proper discussion risks a rushed process that could result in inadequate review and unsound policy outcomes. The motion presents a draft charter for the Associated Domain Check PDP and for API before the Council has thoroughly discussed and decided upon the representation and working group model to be adopted. And although it's not the first time a draft charter emerges from a final issues report, the GNSO council holds the role of managing PDPs and, therefore, the role of scoping said efforts. Adequate deliberation on these structural questions is essential to ensuring that the Working Group can function effectively and that NCSG can participate meaningfully, as well as a drafting team for finalizing the charter/charters. To conclude, the NCSG does not oppose convening PDPs on the identified topics. However, we caution against prioritizing the Associated Domain Check initiative, as it raises significant concerns regarding registrant privacy and identification risks.The NCSG would appreciate deferring a vote on this motion while ensuring the council thoroughly deliberates on the working group model and representation structure and how to move forward on convening the PDPs and drafting the charters and focusing on issues. ****In a nutshell, the NCSG will defer a vote on this motion, and we would welcome if more time was allocated during our upcoming meeting to address these issues and the final issues report.
We remain at your disposal in case any doubts arise!
Kind regards,
On Fri, Dec 5, 2025 at 4:15 PM Devan Reed via council <council@icann.org> wrote:
Hi Damon.
Thank you, your second is noted.
The motions page will be updated shortly.
Kind regards, Devan
*From: *"Ashcraft, Damon via council" <council@icann.org> *Reply-To: *"Ashcraft, Damon" <dashcraft@swlaw.com> *Date: *Friday, December 5, 2025 at 9:00 AM *To: *"council@icann.org" <council@icann.org> *Subject: *[council] Re: Friendly amendment to the Motion - DNS Abuse Mitigation - PDP 1 and PDP 2
All,
Please note that I am seconding this motion.
Thanks, Damon
*J. Damon Ashcraft*
*, P.C.*
********
*O: *
602.382.6389
|
*M: *
602.510.1640
dashcraft@swlaw.com
*SNELL*
*& WILMER*
swlaw.com [us.content.exclaimer.net] <https://urldefense.com/v3/__https:/us.content.exclaimer.net?url=https*3A*2F*...> | LinkedIn [us.content.exclaimer.net] <https://urldefense.com/v3/__https:/us.content.exclaimer.net?url=https*3A*2F*...>
One East Washington Street | Suite 2700 | Phoenix, AZ 85004‑2556
Albuquerque *|* Boise *|* Dallas *|* Denver *|* Las Vegas *|* Los Angeles *|* Los Cabos *|* Orange County *|* Palo Alto *|* Phoenix *|* Portland *|* Reno-Tahoe *|* Salt Lake City *|* San Diego *|* Seattle *|* Tucson *|* Washington, D.C.
This email and any attachments may be confidential and protected by legal privilege. If you have received this message in error, please do not disclose the contents to anyone. Please notify the sender by return email and delete this email as well as any attachments from your system.
*From:* Terri Agnew via council <council@icann.org> *Sent:* Thursday, December 4, 2025 12:08 PM *To:* jen@dot.asia; council@icann.org *Subject:* [council] Re: Friendly amendment to the Motion - DNS Abuse Mitigation - PDP 1 and PDP 2
*[EXTERNAL] **council@icann.org <council@icann.org>*
------------------------------
Hi Jen,
The motion has been updated on the wiki page: https://icann-community.atlassian.net/wiki/x/ZKifBg [icann-community.atlassian.net] <https://urldefense.com/v3/__https:/icann-community.atlassian.net/wiki/x/ZKif...>
GNSO Council, as a reminder this will need a second. Please email the mailing list to do so: council@icann.org
Thank you.
Kind regards,
Terri
Policy Team Supporting the GNSO
*From: *jen--- via council <council@icann.org> *Reply-To: *"jen@dot.asia" <jen@dot.asia> *Date: *Thursday, December 4, 2025 at 12:33 PM *To: *"council@icann.org" <council@icann.org> *Subject: *[council] Friendly amendment to the Motion - DNS Abuse Mitigation - PDP 1 and PDP 2
Thank you Feodora and staff team for making these corrections and also making sure the references in the Charters reflect the language used in the rest of the Final Issue Report.
In light of this, I am suggesting a friendly amendment to the motion I brought to Council to align with this updated corrected language:
https://icann-community.atlassian.net/wiki/spaces/gnsocouncilmeetings/pages/... [icann-community.atlassian.net] <https://urldefense.com/v3/__https:/icann-community.atlassian.net/wiki/spaces...> (original motion)
Specifically in whereas clause 9:
9. Informed by the DNS Abuse Small Team`s recommendations, the Public Comment on the Preliminary Issue Report, the ICANN84 DNS Abuse working sessions, and the clear preference for narrowly scoped Policy Development Processes (PDP), the Final Issue Report recommends separate PDPs on:
- *Associated Domain Checks: *A framework A reactive approach requiring registrars to proactively pivot to investigate domains linked to malicious actors, particularly in cases of high-volume domain registrations used for DNS Abuse campaigns; and, - *Safeguards for Application Programming Interface (API) access to new customers: *A proactive approach that seeks to introduce friction for new customer accounts, prior to gaining access to high volume registration tools until trust is established.
I’ve been advised by staff that procedurally I can also accept this amendment as friendly in this same email, and call for a second for the motion. Many thanks to all!
Best,
Jen
*From:* Feodora Hamza via council <council@icann.org> *Sent:* Thursday, December 4, 2025 1:20 PM *To:* council@icann.org *Subject:* [council] Re: Final Issue Report on a PDP on DNS Abuse Mitigation
Dear Councilors,
please find below an *updated version/link* to the Final Issue Report on DNS Abuse Mitigation. Updates were made to the Annex A and B on the DNS Abuse Mitigation Charters, which included some minor typographical errors and the details of the Working Group representative structure that have been carried over from the Preliminary Issue Report and included in the Charters of Annex A and Annex B. The lack of inclusion of these was a formatting error and this was remedied.
Finally, the Charter language of the Associated Domain Checks was updated in Annex A on page 48 as follows: *Associated Domain Checks*: A framework A reactive approach requiring registrars to *proactively pivot* to investigate domains linked to malicious actors, particularly in cases of high-volume domain registrations used for DNS Abuse campaigns.
- Please utilize the updated link here: https://gnso.icann.org/sites/default/files/policy/2025/draft/issue-report-dn... [gnso.icann.org] <https://urldefense.com/v3/__https:/gnso.icann.org/sites/default/files/policy...>
Kind regards,
Feodora on behalf of the Support Team
*From: *Feodora Hamza via council <council@icann.org> *Reply to: *Feodora Hamza <feodora.hamza@icann.org> *Date: *Monday, 1 December 2025 at 21:02 *To: *"council@gnso.icann.org" <council@gnso.icann.org> *Subject: *[council] Final Issue Report on a PDP on DNS Abuse Mitigation
Dear GNSO Council,
Please find below the link to the Final Issue Report on a PDP on DNS Abuse Mitigation – updated based on the Public Comment received.
The most notable change compared to the Preliminary Issue Report is the Annex containing two draft charters starting on page 46.
Final Issue Report: https://gnso.icann.org/sites/default/files/policy/2025/draft/issue-report-dn... [gnso.icann.org] <https://urldefense.com/v3/__https:/gnso.icann.org/sites/default/files/policy...>
Kind regards,
*Feodora Hamza*
Policy Development Support Manager (GNSO)
Internet Corporation for Assigned Names and Numbers (ICANN)
* Mobile:* +32 496 30 24 15
*Email:* feodora.hamza@icann.org
*Website:* www.icann.org
_______________________________________________ council mailing list -- council@icann.org To unsubscribe send an email to council-leave@icann.org
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
--
*Bruna Martins dos Santos *
Policy and Advocacy Manager | WITNESS <https://www.witness.org/>
German Chancellor Fellow 21' (Bundeskanzler-Stipendiatin) | Alexander von Humboldt Foundation <https://www.humboldt-foundation.de/>
Member | Coalizão Direitos na Rede <https://direitosnarede.org.br/>
Twitter: @boomartins <https://twitter.com/boomartins> // Skype: bruna.martinsantos Email: bruna.mrtns@gmail.com _______________________________________________ council mailing list -- council@icann.org To unsubscribe send an email to council-leave@icann.org
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.