Carlton, A lot to unpack but allow me to try. So lets start off with what we agree on – “the self-regulated registration data (WHOIS) accuracy model has failes (sic).” What we disagree on “the true goal of the registration data (WHOIS) accuracy is contactability, then who the registrant claims to be is secondary. Whether they identify as Wile E. Coyote, Donald D. Duck, or Jack Schitt shouldn’t matter.So long as they can be reached via a valid phone number or email. And if they cannot be reached, there are consequences.” I think “contactability” is framing the discussion entirely wrong. I think the better perspective is “accountability”. There is a clear trend in national law that DNS is critical infrastructure. While “contactability” was a nice talking point for Contracting parties looking to keep their operating costs down by merely verifying the operation of either an email or a phone number, the use of disposable emails makes ICANN’s current definition of “accuracy” largely meaningless when dealing with bad actors. If we frame the discussion of data accuracy from an accountability perspective, I think this aligns with where the Cooperation Group is headed with its guidance on NIS 2.0 Article 28. With accountability in the ecosystem (see also Article 21 of NIS 2.0) we build trust within that ecosystem that directly benefits are participants (end users) within that ecosystem. One of the great talents of Steve DelBianco is to take complex issues and to distill them down into simple to understand concepts that can be easily repeated to make a lasting impact on this listener. I think we “contactability” is a 1990’s concept that no longer scales to the reality of today’s internet where DNS is widely being recognized as critical infrastructure under national law. This reality I think necessitates that we approach RDDS data accuracy and access from an accountability perspective. Channeling my inner Steve and Jonathan, I think the three key bullet points on a single power point slide would be: Contractability, Accountability and Trust. I would just use these three words on the slide to have the listener pay attention to the message I was conveying. I would then use the following talking points to expand on each bullet point. “Contactability” is an outdated concept from the 1990’s “Accountability” is the proper concept to align with DNS being viewed as critical national infrastructure “Trust” in an eco-system is possible when are participants can be held accountable Jonathan, I welcome your thoughts on how close I got to the Steve DelBianco gold standard? Best regards, Michael From: Carlton Samuels <carlton.samuels@gmail.com> Date: Sunday, February 16, 2025 at 3:39 PM To: Jonathan Zuck <JZuck@innovatorsnetwork.org> Cc: Alan Greenberg <greenberg.alan@gmail.com>, CPWG <cpwg@icann.org>, ALAC <alac@atlarge-lists.icann.org>, michael palage.com <michael@palage.com> Subject: Re: [ALAC] Re: Statement on Registration Data Accuracy I see all this and I’m still gobsmacked how easy it is to connive at error. Leading……well, um threshold questions are always intended to enforce adaption of a set narrative. That should be rejected for cause. There is no successful contradiction for the evidence of inaccuracy in contact data and the registration system still lacks meaningful enforcement of the existing data accuracy policy for the DNS. It remains astonishing how easily errors persist—registrars are required to warrant that registrants provide valid contact details, yet verification remains weak. ICANN’s policy demands that registrars validate and periodically review phone and email contacts, even as these are constantly changing and too often left unchecked. Here is what we know for sure. The self-regulated registration data (WHOIS) accuracy model has failed. We have undeniable proof: emails don’t resolve, phone numbers are unreachable, and registrars face no real consequences for non-compliance. What we have here is a policy that exists in theory but not in practice. ICANN, the supposed master regulator, has failed to enforce its own policy. Evidence of oversight is weak to non-existent, and without penalties, registrars have no incentive to comply. Enter NIS2, which flips the script on registration data (WHOIS) accuracy. It raises the bar on verification, intends enforcement of legally binding government oversight and introduces penalties for non-compliance. So now, the hue and cry. Because if the EU enforces this directive as law, it would fragment the domain registration landscape, resulting in divergent verification standards, conflicting enforcement mechanisms, and inevitable clashes with GDPR. Lawyers will thrive with the legal grey areas now at play. But let’s not get lost in the noise. If the true goal of the registration data (WHOIS) accuracy is contactability, then who the registrant claims to be is secondary. Whether they identify as Wile E. Coyote, Donald D. Duck, or Jack Schitt shouldn’t matter. So long as they can be reached via a valid phone number or email. And if they cannot be reached, there are consequences. Carlton ============================== Carlton A Samuels Mobile: 876-818-1799 Strategy, Process, Governance, Assessment & Turnaround ============================= On Fri, 14 Feb 2025 at 14:02, Jonathan Zuck via ALAC <alac@icann.org<mailto:alac@icann.org>> wrote: Thanks for your work on this! As I read it, it seems to be missing the end user impact assessment that we have begun to incorporate in such comments. We make the point that we’re not the experts but instead rely on the expertise of others but could we site some of those experts to lay out a few bullets that tie this exercise back to our mandate and remit? From: Alan Greenberg <greenberg.alan@gmail.com<mailto:greenberg.alan@gmail.com>> Sent: Thursday, February 13, 2025 12:10 PM To: Jonathan Zuck <JZuck@innovatorsnetwork.org<mailto:JZuck@innovatorsnetwork.org>> Cc: CPWG <cpwg@icann.org<mailto:cpwg@icann.org>>; ALAC <alac@atlarge-lists.icann.org<mailto:alac@atlarge-lists.icann.org>>; Michael Palage <michael@palage.com<mailto:michael@palage.com>> Subject: Statement on Registration Data Accuracy Jonathan, the statement in response to the GNSO query related to registration data accuracy is not finalized. It is a significant enhancement on the version discussed during yesterday's CPWG meeting, but is identical in its overall intent. It is a much stronger and hopefully effective message. It was a collaborative effort of Michael, Cheryl, Justine and me. You can find it at https://docs.google.com/document/d/1uvGxFjlKMscGweIb-29UKc46ycgGKADbRA4NCp66... Alan _______________________________________________ ALAC mailing list -- alac@icann.org<mailto:alac@icann.org> To unsubscribe send an email to alac-leave@icann.org<mailto:alac-leave@icann.org> At-Large Online: http://www.atlarge.icann.org ALAC Working Wiki: https://community.icann.org/display/atlarge/At-Large+Advisory+Committee+(ALA...) _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.