Dear All, Please find the MP3 recording for the Privacy and Proxy Services Accreditation Issues PDP Working group call held on Tuesday 11 November 2014 at 15:00 UTC. at: http://audio.icann.org/gnso/gnso-ppsa-20141111-en.mp3 On page: http://gnso.icann.org/en/group-activities/calendar#nov The recordings and transcriptions of the calls are posted on the GNSO Master Calendar page: http://gnso.icann.org/calendar/ Attendees: Steve Metalitz - IPC Graeme Bunton – RrSG Frank Michlick – Individual Don Blumenthal – RySG David Heasley-IPC Chris Pelling – RrSG Justin Macy - BC Susan Kawaguchi – BC Kristina Rosette – IPC Sarah Wyld – RrSG Val Sherman – IPC Volker Greimann - RrSG Holly Raiche – ALAC Theo Geurts - RrSG Stephanie Perrin - NCSG David Cake - NCSG Susan Prosser – RrSG Libby Baney – BC Luc Seufer – RrSG Michele Neylon – RrSG James Bladel – RrSG Keith Kupferschmid-IPC Christian Dawson-ISPCP Tatiana Khramtsova – RrSG Phil Marano – IPC Griffin Barnett – IPC Osvaldo Novoa - ISPCP Apologies : Darcy Southwell - RrSG Phil Corwin – BC Lindsay Hamilton-Reid-RrSG Kiran Malancharuvil-IPC Dick Leaning – no soi Eric Brunner-Williams- Not Applicable ICANN staff: Mary Wong Amy Bivins Danielle Andela Terri Agnew ** Please let me know if your name has been left off the list ** Mailing list archives: http://mm.icann.org/pipermail/gnso-ppsai-pdp-wg/ Wiki page: https://community.icann.org/x/9iCfAg Thank you. Kind regards, Terri Agnew ------------------------------- Adobe Connect chat transcript for Tuesday 11 November 2014: Terri Agnew: Welcome to the PPSAI call on 11 November 2014 Theo Geurts:Afternoon all. Chris Pelling:Afternoon all Graeme Bunton:G'mornin all. Frank Michlick:Good morning. Val Sherman:Hello all Michele Neylon:afternoon Terri Agnew:Susan Kawaguchi and Libby Baney have joined Terri Agnew:Susan Prosser has joined audio Terri Agnew:Stephanie Perrin has joined Stephanie:I am sorry I missed Don's comment about the change in process...what was it? Michele Neylon:I missed it too Osvaldo Novoa:Hello all, sorry I'm late Terri Agnew:David Cake has joined Holly Raiche:The change was that we will not have a presentation from law enforcement or privacy authorities Stephanie:NOt ever? Bladel:can't hear don Terri Agnew:Kristina Rosette has joined Mary Wong:@Stephanie, the idea now given our timeline is to have LEA and DPA input on our prelim recommendations instead of doing a full presentation each. Chris Pelling:+1 to James Mary Wong:With the Remembrance Day holiday today and the deadlines coming up for us, it did not seem realistic to expect LEA and DPA to have fully digested our work so far in order to have a meaningful session. Stephanie:@ Mary, makes sense. Stephanie:thanks Mary Wong:No problem :) We really would welcome LEA and DPA input, though, so we appreciate the suggestions. Luc Seufer:DPA input would have indeed help to deal with the compliance part. I am not sure how to demonstrate compliance in case of a relay without disclosing the registrant details. Bladel:Tha'ts a good question. Holly Raiche:My guess is the best that can be done is to explain the process without revealing user details Chris Pelling:@Luc simply provide the "OK" string of mail delivery Chris Pelling:with a time and date stamp Mary Wong:@Steve, we'll take your question back to our Compliance colleagues, but my guess is that we won't have reliable or many statistics since there's no real way right now to distinguish a P/P registration from a non-P/P one just from the registration data. Stephanie:Does the ok string reveal IP address? Chris Pelling:no Chris Pelling:^^@ Stephanie Chris Pelling:and I would if it were my service, strip out any personal info and provide if required just the ok string, as confirmation with date and time steve metalitz:@Mary, "gaining registrars" in this process may have some insights. Mary Wong:@Steve, thanks - we'll ask Compliance and the Rr Services team. Holly Raiche:@ Stephanie - it probably would in Australlia as well Mary Wong:On Steve's point - it may be helpful if Registrar SG members who are in this WG could comment, if they've come across this :) Chris Pelling:if I have this wrong Steve, sorry, but, RDE escrow the correct registrant information as per the RDE spec, if a registrar is accredited for both, registrar AND PP provider, then ICANN need only amend the RDE escrow to include a further field for "PP" Y or N. Chris Pelling:Now, this means ICANN may or may not want to do that, but, thats the easiest way Mary Wong:@Chris, are you suggesting the WG recommend this step? Christian Dawson:On a bad Internet connection while traveling and the audio keeps dropping out so I can't follow. Will listen to the recording later - dropping off. Chris Pelling:hell no mary - its a thought Chris Pelling:thanks for the music ;) Mary Wong:OK thanks, just checking! Chris Pelling:hehehe Chris Pelling:OSprru dpm wjat was tjat Chris Pelling:Sorry don what was that ? steve metalitz:Proxy and privacy service provider are defined in our terms of reference, the issue iarises when a provider of those services loses accreditation. steve metalitz:In the registrar situatoin are registrants guarranteed the same terms of service from the gaining registrar? Stephanie:@Don, they may not exist now but they may very soon... Don Blumenthal:Stephanie, how much can we guide our work on "maybe?" Holly Raiche:The transfer issue was how to maintain the privacy of p/p user details on the transfer process to another p/p provider Mary Wong:@Steve, I don't believe so because I don't believe ICANN is in a position to measure/gauge different Registrar ToS. Stephanie:I guess that depends, Don, on how seriously you take the EWG report. Volker A. Greimann:somebody please pick up that phone Don Blumenthal:"take seriously" doesn't equal the likelihood of any recommendaiton being implemented. Stephanie:@Mary Very helpful. I think, with or wihtout the EWG recommendations, we could list potential issues that are not addressed in the current transfer protocol. Terri Agnew:Phil Marano has joined Holly Raiche:I would have a concern if we leave unresolved issues to an implementation process. We should be working through the issues here as much as possible. Policy should not be decided by an implementation group Terri Agnew:Griffin Barnett has joined Stephanie:I would agree with Holly....we are starting from a tabula rasa here, in that PP services are not subject to rules at the moment. Frank Michlick:When a registrar is deaccredited, usually the domains and customers are transferred to registrars that have a similar offering . Holly Raiche:@ frank - I think that is what we assumed. The issue we had is how to preserve he privacy of registrant details in that transfer process Frank Michlick:The transfer usually is coordinated by ICANN, the registry whois would not change and the Registrar Data Escrow data would be made available to the registrar who gains the registrar. That data should contain the underlying actual registration data. Frank Michlick:unless the issue that Michele is bringing up takes place... Graeme Bunton:we've had nasty transfers from de-accreds Graeme Bunton:orphaned domains with no identifiable owner Stephanie:So what happens to the registrant in that case? Michele Neylon:Graeme - we had that issues Holly Raiche:And my understanding is that a gaining registrar has to verify registrant details - with implications for privacy? steve metalitz:Catch 22 started on west side of Atlantic Michele Neylon:Stephanie - you try to help them if they can give you proof Michele Neylon:Steve - I know Michele Neylon::) Bladel:Trouble hearing don agian Michele Neylon:fine for me Michele Neylon:audio I mean Graeme Bunton:ok for me too Luc Seufer:fine for me too(but I am young) Stephanie:So surely this is an issue that is within our remit.....something in the accreditation/de-accreditation regime has to take care of the needs of the registrant, in the case where they wind up in the hands of an unscrupulous/non-compliant provider Michele Neylon:Luc - you just love using that line Luc Seufer:until I turn 30 Michele Neylon:Stephanie which one is the problem? the one that's losing or the one that's gainin? :) Michele Neylon:Luc - you're over 30 already Holly Raiche:@ stephanie - I think one of the rules will be transfeONLY to an accredited p/p provider?? Michele Neylon:Steve - yeah - big difference Stephanie:@michele, we have to defend users against both, I realize that is probably tough...:-) Stephanie:Remembering that we would not be de-accrediting if they weren't accredited in the first place.... Holly Raiche:@ Stephanie - agreed Mary Wong:The four points Steve mentioned have been posted in the right hand side Notes Pod. Luc Seufer:To be really effective every registry should impose that the underlying data be escrowed with the RDE. But this would require an amdendment of every RA Graeme Bunton:Your domains are safe with us, Stephanie Stephanie:I know Graeme.. Luc Seufer:will it be in the records that Tucows igoing belly up next time Stephanie is going on a world cruise? Stephanie:Absolutely! Stephanie:@James, agree that this is a difficult matter but there needs to be some kind of escrow/optout for the customer Holly Raiche:I think that, becausse notice should be given, registrants could be allowed to make a choice of another p/p provider Don Blumenthal:Notice should be given at what point? Holly Raiche:@ Don - we were talking about a kind of 3 strickes before you are out - Mary Wong:We'll send out some notes after the call. Frank Michlick:Thank you all. Ciao. Stephanie:Thanks Don! Luc Seufer:Merci Don Chris Pelling:Thanks all David Cake:thank you