Dear All, Please the attached notes below for the meeting of the DNS Abuse Small Team on 26 June 2025: DNS Abuse Small Team 26 June 2025 Meeting Notes DNS Abuse Small Team Wiki<https://icann-community.atlassian.net/wiki/x/iQCiCg> Slides<https://icann-community.atlassian.net/wiki/download/attachments/178389129/up...> ACTION ITEMS AI: Staff to clarify in questions for clarification by replying to comments within the document 1. Welcome 2. Discuss list of gaps – new feedback * Shared this document<https://docs.google.com/spreadsheets/d/18PdZnH3OQ65NT9g0lGE6Y2toFaCrtxyf/edi...> and went over new positions from each SG/C (early input as the official deadline is next week) * RySG G17 and G27 seem similar. How can it be easier to submit reports to take action on them? They should be worked on as a single initiative * RySG G1 and G10 these perhaps should not be tied together as preventive measures. It could be difficult on the CP side because the level of evidence is not at the same rigor as an actionable complaint * Aim is to narrow the total number of gaps, should be a clear indication that this could be a future area of work. * RySG G30 and G1 could be couched together. * Agreement with G30 and G1 brought together, flag where we think things can be combined * G2 and G31 are not the same, but some kind of friction in API to new customers, it would also be sensible to consider other kinds of contractual friction. Because of theme categorization, what is the underlying subject matter and intent, some could be grouped back together. * NCSG input shared via this document<https://docs.google.com/document/d/1W9_fBXRjgDNGXiWf61JOHn3YAPE2qMgqtSGIdrgH...> * NCSG reminded about the Human Rights impact assessment * This exercise will be moving toward a call for Issue Report * IPC a couple of comments unsure where the context comes from for example G24 AI: Staff to clarify in questions for clarification by replying to comments within the document * NCSG comments imply that some of these gaps are not gaps, but measures that CPs don’t take because it has consequences for them. Discussing these gaps we have to consider why these measures have not been implemented * Mitigation measures cannot always be transparent and will be learned by abusers and make it harder to mitigate abuse 3. Discuss reply from ICANN Org * Discussed the following document<https://icann-community.atlassian.net/wiki/download/attachments/178389129/IC...> from ICANN org Compliance * Perhaps the path forward is to factor their replies into the gap analysis review. There were some gaps already identified to see if they address or do not address the gaps identified * Q 1: The discussion of the investigations and remediation plans completed is an indication that compliance had not been able to do that before. * There was a general discussion about wanting a bit more detail from question 3, but it was unsurprising. * Amendments have been helpful, conduct investigations, and enforce mitigation, if there should be more rigorous enforcement it has to be listed out via contracts or ICANN consensus policies. * A lot of compliance webinars are building education materials for RySG and RrSG, it remains a work in progress. Gap for compliance to start to work on that and give a timeline on when that can happen * Gaps in RAA language on “reasonable and prompt” did the contractual amendments fix that? G29, G20, G15, or can say that these gaps have been partially addressed * Looking at gaps list G29 from the 2022 DNS abuse report it has been partially addressed from the answers from compliance. * The other enforcement challenges are in between the lines that the data compliance has been identified after the contract amendments have been implemented. Based on the NetBeacon analysis it is now worthwhile to see if it still persists based on the answers from compliance * The list of gaps on enforcement challenges have not been named directly by the report as a gap, this has been the work of the small team. Looking between the lines and the data, you can always go further than what we currently have. Is this a real issue or does not fit into what the community would like to do for the Issue Report 4. Present preliminary recommendation document * Request an issue report by August, staff drafted a small report as outlined in the slides <https://icann-community.atlassian.net/wiki/download/attachments/178389129/up...> and in this document<https://docs.google.com/document/d/18AMsedMhKEox1196No0yS6ktqFbcTs2l/edit?us...> * This included a key findings of the gap analysis in a more readable format * Discussion of the prioritization column, for all of them or only for some listed? As some may be more valuable than others. These will not be taken as a whole row. * Staff: Intention is to have Council vote on request for Issue Report in the August meeting. July AOB is allocated to present to Council the current state of the Small Team * Specific question in the issue report is done in consultation with ICANN legal Thank you, John R. Emery, Ph.D. Policy Development Support Senior Specialist Generic Names Supporting Organization (GNSO) Internet Corporation for Assigned Names and Numbers (ICANN) www.icann.org<http://www.icann.org>