Hope everybody enjoyed the rest of their time in Dublin. I've attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all. Todd. From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Sunday, October 04, 2015 2:31 PM To: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday. Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data? This is a huge open issues. Ideas welcome! Kathy -------- Forwarded Message -------- Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Date: Fri, 2 Oct 2015 21:35:30 +0000 From: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com> To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> All: Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I've flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference: · The language "comply with all applicable data protection laws while retaining Customer's contact details and" was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b). · The language "using secure communication channels" was added back to III(B)(i). As I told Kathy: I don't have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it. · On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed "a reasonable basis for" to "a basis for reasonably" in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made. · For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, "which all Providers must either allow or be allowed to allow." So that is what you see there. · We moved III(C)(vi) back to its own section - in the draft yesterday it had been collapsed into III(C)(v). · We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn't add any language per se - just added a note in the comment highlighting that point. Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend. Todd. From: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'Kathy Kleiman' <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary's latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you'd like. From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I'm even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG's Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don't understand your claim from your email yesterday (attached) that "I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form." From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team's work that you think "raises the standard for denial" in the manner that you've identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. · Annex One keep both options: agree. See Transcript at 26-27. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: · I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. · You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: · Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? · I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3