Dear Colleagues, Thanks so much for your active participation on today's IRT call. If you were unable to attend, I encourage you to listen to the recording, which is available on the wiki, https://community.icann.org/display/IRT/08+August+2017 Attached, you will find an updated "issues list" that includes a detailed summary of all the PPAA-related topics discussed to date, including those raised on the call today. A very short summary of the input received today and the significant outstanding questions is also available below. Please review the topics discussed today and submit any additional feedback you have no later than next Monday, 14 August. Your feedback is especially needed on the LEA Framework and Data Retention topics. Proposed upcoming IRT discussion schedule: 15 August: PPAA definitions, PPAA amendment/negotiation process (updated per IRT feedback), RAA synchronization, request suggestions for future discussion topics 22 August: LEA framework, data retention, IP Framework, business dealings 29 August: Data escrow, labeling (new draft specification modeled on RAA requirements to be provided, per IRT feedback) Summary of Discussion on Today's Call * PPAA Issues 18-19: LEA Framework: * Updates to definitions to conform with rest of PPAA: no further edits suggested by IRT * Proposed edit to Section 3.2.1 from PSWG, editing the section as follows: [cid:image002.png@01D3105C.76955490] * Summary of proposed edit: This would reduce the period required for a provider to initiate a review of a law enforcement request from 2 business days to 24 hours. However, this would also eliminate any requirement for the provider to respond to the LEA requester within 24 hours. * PSWG rationale: This edit was made to align more closely with RAA requirement (See Section 3.18.2<https://www.icann.org/resources/pages/approved-with-specs-2013-09-17-en> RAA-"Well-founded reports of Illegal Activity submitted to these contacts must be reviewed within 24 hours by an individual who is empowered by Registrar to take necessary and appropriate actions in response to the report." * Summary of IRT feedback thus far: Some IRT members said 24 hours is too short a period; possibly 1 business day would be preferable; Other IRT members supported edit and alignment with RAA. See issues list for detailed feedback. * PPAA Issues 4, 23: Data Retention Requirements * Summary of IRT Feedback: Proposed required data elements appear generally OK; retention period appears to create issues under global data protection laws notwithstanding proposed reduction from RAA's 2-year requirement to 1-year requirement proposed for PPAA * Proposed solution raised by IRT member: Edit to require retention based on maximum period allowed under applicable law. * PPAA Issue 12: Accreditation Agreement Term * Summary of IRT Feedback: IRT members who commented supported the inclusion of a 5-year term for the contract, as is done for the RAA. * Customer Data Accuracy Specification: * Summary of IRT Feedback: Questions raised regarding how third-party providers would comply with these requirements. * IRT is requested to comment further on this specification, specifically, if a third-party provider cannot comply with these requirements, how should this be handled in the contract? Best, Amy Amy E. Bivins Registrar Services and Engagement Senior Manager Registrar Services and Industry Relations Internet Corporation for Assigned Names and Numbers (ICANN) Direct: +1 (202) 249-7551 Fax: +1 (202) 789-0104 Email: amy.bivins@icann.org<mailto:amy.bivins@icann.org> www.icann.org<http://www.icann.org>
