PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org From: Mary Wong <mary.wong@icann.org> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: "Williams, Todd" <Todd.Williams@turner.com> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org> Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org
From: Mary Wong <mary.wong@icann.org> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than ³surrender², and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org
From: "Williams, Todd" <Todd.Williams@turner.com> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net>, Mary Wong <mary.wong@icann.org> Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
³for Sara, Kathy, and the others on our sub-team who have argued that ³verifiable evidence² means something higher let us know how you would further edit Sections II(A), (B), and (C) to meet whatever ³higher² standard you have in mind.²
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org> Cc: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is verifiable¹ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don¹t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn¹t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E however, as Todd mentioned, it isn¹t the agreed result of the Sub Team¹s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team¹s discussion on the question of ³verifiable evidence² was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that ³privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.² We as a sub-team could not agree on how to interpret ³verifiable evidence,² and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret verifiable evidence¹ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word ³verifiable² does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org
From: Holly Raiche <h.raiche@internode.on.net> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Cc: "Williams, Todd" <Todd.Williams@turner.com>, Sara Bockey <sbockey@godaddy.com> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I¹ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words verifiable evidence of wrong doing, including¹.
What that implies is that the following text lists what would constitute verifiable evidence¹ and indeed, the word including¹ suggests that other elements can also constitute verifiable evidence¹. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com> wrote:
> Thanks, Todd. > > > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 1:18 PM > To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> " > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Thanks Sara. I¹m still confused. In order: > > > > · I still don¹t see any mention in the CDT comment re: removal of > alleged infringing materials in lieu of disclosure. I do see support > for the additional language that the attached draft adds to III(C)(vii) > about ³specific information, facts and/or circumstances showing that > disclosure to the Requester will endanger the safety of the Customer² > (in fact, that language was added specifically to capture the point of > the paragraph from the CDT comment that you¹ve quoted below). But that > is completely different from what you¹ve added, for which I cannot find > any support in any of the public comments. I also don¹t understand your > claim that ³rights and actions available to the registrant are sorely > lacking in Annex E² given that Annex E explicitly contemplates notice > to the registrant and contemplates input from the registrant in Sections > III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and > III(C)(vii). > > · The portion of the NCSG comment that you¹ve cited addressed the > appeals mechanism of Section III(F), not the reconsideration mechanism > of III(E). In fact, the attached draft removes the appeal mechanism of > III(F) precisely because of the language that you quoted below from the > NCSG comment (among others). But that language has nothing to do with > III(E). > > · I don¹t understand what the comments from Key Systems, Ralf > Haring, or Adam Creighton have to do with III(E) which again, is only > talking about a request for reconsideration. Moreover, the Key Systems > comment is simply inaccurate: the Disclosure Framework never ³assume[d] > disclosure if certain process steps are followed regardless of the > merits of the complaint² a point that the attached revised draft now > makes explicit in the preamble (³by not requiring that disclosure > automatically follow any given request²). > > > > Just to reiterate: I¹ve always viewed our job in the two documents that > our sub-team has drafted as being to accurately report to the larger WG > what the comments that we¹ve reviewed say. Which means two things: 1) > we have to be true to the comments, and not reinterpret them to say > something they don¹t; and 2) we have to reserve our advocacy for or > against certain points from those comments for the larger WG discussion. > That¹s what I tried to do in the attached. So if you want to argue > against Annex E, that¹s fine do so on the call tomorrow. In fact, I¹m > planning to argue against several of the proposed changes that are > included in the attached. But I still included those proposed changes > in the attached draft, and accurately noted which comments they were > based on because to do otherwise would be misleading to the larger WG. > > > > From: Sara Bockey [mailto:sbockey@godaddy.com > <mailto:sbockey@godaddy.com> ] > Sent: Monday, September 14, 2015 3:50 PM > To: Williams, Todd <Todd.Williams@turner.com > <mailto:Todd.Williams@turner.com> >; Mary Wong <mary.wong@icann.org > <mailto:mary.wong@icann.org> >; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Cc: Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com> > > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Todd, > > > > Please see my comments inline below. > > > > Disclaimer: I do not support Annex E. > > > > Sara > > > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 11:57 AM > To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> " > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Sara: > > > > Two quick questions on this as I was getting ready for our call > tomorrow: > > > > 1) Your addition of a new III(C)(v) stating ³the Customer has > removed the infringing trademark and/or copyright material in lieu of > disclosure² what public comment that we reviewed was that change based > on? > > > > Based on CDT¹s comment re registrant¹s ability to respond to allegations > removal of alleged infringing materials in lieu of disclosure would > fall into this category. Rights and actions available to the registrant > are sorely lacking in Annex E. > > > Mere allegation of infringement or illegality is insufficient cause for > a provider to disclose a customer¹s data to a third party; it is > frequently trivially easy for a party abusing the system to allege > frivolous or nonexistent civil claims to justify a demand for personal > information. Registrants should have the ability and opportunity to > respond to the allegations and to the dangers to which they, their > families, and their organizations might be subjected, and to obtain > counsel on these matters. > Revealing a customer¹s registration data should only occur when there > has been a substantial > showing of likelihood of abuse and only after due process. > > > > > > 2)Can you show me where in the NCSG comment (here: > > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3 > q.pdf > <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS > 3q.pdf> > > ) the NCSG argued for the addition of the clause ³in instances where > Requester has discovered and submitted additional evidence or > information which warrants consideration² to III(E)? You noted that > this change was based on the NCSG comment, but I can¹t find anything in > that comment that mentions III(E) though admittedly I could have > missed it. > > > > > Based on NCSG comment re unlimited appeals . > > Under no circumstances should Intellectual Property Interests, Law > Enforcement or any other Requestors have unlimited appeals to third > party dispute resolution providers. It will be far more than an > implementation detail to define this appellate procedure but a whole > new arbitration forum of its own will need to be created and a UDRP > process undiscussed and unplanned by this Working Group. All > deliberation about appeal mechanisms should be set aside at this time. > Any Intellectual Property owner or group that feels a Provider is > routinely denying appropriate requests will have full access to the > growing and increasingly responsive ICANN Compliance Team which will > be accessible to Complainers through the accreditation process now being > created. > > Key Systems¹ comment would also support this addition: > > We do not support the proposed Disclosure Framework as it assumes > disclosure if certain process steps are followed regardless of the > merits of the complaint. > > As well as Ralf Haring¹s comment: > > [Disagree with proposal that] Providers can be forced to give your > private contact details to anyone complaining that your site violates > their copyright or trademark. > > And Adam Creighton¹s comment: > > I think the language is too loose, and opens individuals up to frivolous > litigation from IP rights owners and third-party agencies whose > contracted relationship is to expand IP brand presence. > > > Thanks. > > > Todd. > > > > From: Sara Bockey [mailto:sbockey@godaddy.com > <mailto:sbockey@godaddy.com> ] > Sent: Friday, September 04, 2015 4:40 PM > To: Williams, Todd <Todd.Williams@turner.com > <mailto:Todd.Williams@turner.com> >; Mary Wong <mary.wong@icann.org > <mailto:mary.wong@icann.org> >; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Cc: Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com> > > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Hi all, > > > > As promised, attached is a redline of my input to the proposed changes > Todd drafted. Todd was pretty thorough and had included several > revisions I had in mind based on the comments so my edits are limited to > a few comments and additions. > > > > Best regards, > > > > Sara > > > > > > From: <gnso-ppsai3-bounces@icann.org > <mailto:gnso-ppsai3-bounces@icann.org> > on behalf of "Williams, Todd" > Date: Wednesday, September 2, 2015 at 2:58 PM > To: Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> " > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > All: > > > > As promised on our call, attached is a redline of the Draft Disclosure > Framework, with annotations noting the source of each proposed change. > Several notes as you review: > > > > · I know that we¹ve debated whether ³verifiable evidence² means > more than what is currently in Sections II(A), (B), and (C). You¹ll see > that I¹ve added the exact wording from the savedomainprivacy.org > <http://savedomainprivacy.org/> petition ³verifiable evidence of > wrongdoing² to those sections. I think that is a good fit, as of > right now. But for Sara, Kathy, and the others on our sub-team who have > argued that ³verifiable evidence² means something higher let us know > how you would further edit Sections II(A), (B), and (C) to meet whatever > ³higher² standard you have in mind. > > · You¹ll note that I briefly added a reference to the comment from > Com Laude (which I think we had omitted from our summary). And that I > did not reference the comment from Aaron Myers (which we¹ve referenced > in our summary, but which doesn¹t really offer any edits to the > Disclosure Framework). Otherwise I think I¹ve covered everything that > we reviewed in terms of edits to the Disclosure Framework though let > me know if anybody sees anything I¹ve missed. > > · Just to be clear for the record: the attached is a revised > Disclosure Framework that illustrates and attempts to account for all of > the proposed edits that we received from the public comments, for the > larger Working Group¹s reference. But it is not how I would have edited > the Disclosure Framework. In fact, I¹ll reserve the right to argue > against some of these proposed edits, once we get into the larger WG > discussion. Just wanted to make that clear so that nobody thinks these > edits are mine (since I¹m the one who drafted the document). > > > > Thanks. > > > > Todd. > > > > From:gnso-ppsai3-bounces@icann.org > <mailto:gnso-ppsai3-bounces@icann.org> > [mailto:gnso-ppsai3-bounces@icann.org > <mailto:gnso-ppsai3-bounces@icann.org> ] On Behalf Of Mary Wong > Sent: Wednesday, September 02, 2015 6:59 AM > To: gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> > Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration > > > > Hello again everyone, > > > > As you look through the proposed revised summary document (below), you > may also wish to consider whether some of the additional comments that > were included in Part 4 of the overall WG Public Comment Review Tool > might be useful such that additional notes or recommendations can be > made, or existing language amended. For your convenience I¹ve extracted > ten such comments which, while not sent in as specific responses to the > Preliminary Recommendations and Annex E that this Sub Team is analysing, > nonetheless seem relevant generally. > > > > I attach these ten comments in tabular form to this email, and welcome > the Sub Team¹s discussion and comments on whether any of them ought to > be considered as well as your thoughts on the summary document. > > > > As the Sub Team is due to report back to the full WG next Tuesday, > please let me know also if you think a call before then amongst the Sub > Team members might be needed. > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org <mailto:mary.wong@icann.org> > > > > > > From: Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org> > > Date: Monday, August 31, 2015 at 15:46 > To: "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> " > <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> > > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hello everyone, in an attempt to facilitate further dialogue and, > hopefully, consensus on a way forward on this issue, I¹ve taken the > liberty of amending Kathy¹s document to take into account Holly¹s > comments as well as to attempt to place certain comments (e.g. the > ICA¹s, EasyDNS¹) more specifically within a particular category. I > attach both a redlined and clean copy of this latest updated version > (with the clean copy including yellow highlighted portions where the > most significant language changes are suggested). I have not yet broken > the comments down further into the registrant/provider distinction that > Todd noted, but can of course do so if this is viewed as useful. > > > > Please note that this is not a staff position that is being suggested, > but merely an attempt to document where the Sub Team¹s discussion seems > to be at the moment. I hope this is helpful. > > > > Cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org <mailto:mary.wong@icann.org> > > > > > > From: <gnso-ppsai3-bounces@icann.org > <mailto:gnso-ppsai3-bounces@icann.org> > on behalf of "Williams, Todd" > <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com> > > Date: Friday, August 28, 2015 at 22:40 > To: Kathy Kleiman <kathy@kathykleiman.com > <mailto:kathy@kathykleiman.com> >, "gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> " <gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Thanks Kathy. I both agree and disagree with what you¹ve said below. > > > > I strongly agree that ³the key is the quotes that have come out of the > comments.² I¹ve said repeatedly that our job as a sub-team is not to > advocate, but to simply present the comments to the WG in as accurate > and objective a way as possible. To the extent that we then want to > advocate for our own positions as part of the larger WG, we can do so. > Moreover, part of the reason why I feel so strongly that ³the key is the > quotes² is that I think we have to take the comments at face value, and > then debate as WG whether we can reach consensus on what they actually > say not on what we want them to say. That¹s why I felt so strongly > that ³verifiable evidence² should not be reinterpreted to mean a court > order. It is also what animated my email exchange with Stephanie in the > larger WG (attached). > > > > And if we are in fact faithful to what the comments actually say, then > it is a mistake to lump all of the ³court order² comments into one > monolithic group. I¹ve given some examples of substantive differences > below. But let me give another one: if we look at what they actually > say, the ³court order² comments are very much divided based on whether > the comment came from an individual registrant or from a > registrar/provider. Which of course makes sense: a registrant will tend > to look at these issues very differently than a provider. Specifically, > as you correctly note in our draft, the vast majority of comments > (11,000+) from individuals/registrants said that ³Everyone deserves the > right to privacy² and that ³No one¹s personal information should be > revealed without a court order, regardless of whether the request comes > from a private individual or law enforcement agency.² And of course, we > can understand why registrants would argue that their right to privacy > is inviolate, and that it should never be abrogated unless a court > blesses it. > > > > But note that the registrar/provider comments in the ³court order² group > do NOT say the same thing. Rather, they are focused on retaining their > discretion as to when to disclose or publish, and do not want an > accreditation standard that requires them to do so absent a court order. > Hence my point about the word ³require² in the Blacknight comment. See > also the Key Systems comment: ³Disclosure or publication should never be > the automatic result of a process, but rather remain an option of the > provider.² And others. So one key distinction b/w the > registrant/individual comments and the registrar/provider comments is > that the registrant comments do not want disclosure or publication EVER > unless following a court order, while the provider comments want a court > order first if SOMEBODY ELSE wants them to disclose or publish, but not > if THEY want to disclose or publish. And we can understand why, given > how many provider Terms of Service include language that gives them > discretion to basically turn off a P/P Service whenever they want (for > example, if the registrant stops paying them), without any kind of > process beforehand (due process or otherwise). See below (among many > others): > > > > · Blacknight: https://www.blacknight.com/acceptable-usage.html > <https://www.blacknight.com/acceptable-usage.html> . > > · Whoisprivacy.com <http://whoisprivacy.com/> , Ltd.: > http://www.whoisprivacyservices.com.au/terms.htm > <http://www.whoisprivacyservices.com.au/terms.htm> . > > · EuroDNS S.A.: > https://www.eurodns.com/terms-and-conditions/whois-privacy > <https://www.eurodns.com/terms-and-conditions/whois-privacy> . > > · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static > <http://www.1and1.com/TcPdr?__lf=Static> . > > · Domain.com <http://domain.com/> , LLC: > http://www.domain.com/legal/legal_domain.bml#domain-privacy-service > <http://www.domain.com/legal/legal_domain.bml#domain-privacy-service> . > > · DomainIt, Inc.: https://www.domainit.com/terms.html > <https://www.domainit.com/terms.html> . > > · Moniker Privacy Services, LLC: > http://www.moniker.com/legal/registration-agreement > <http://www.moniker.com/legal/registration-agreement> . > > > > So we can understand why providers would not want an accreditation > regime that requires them to get a court order before they turn off a > registrant¹s privacy service (and to rewrite their Terms of Service > accordingly). In fact, Volker has already admitted both on the email > list (see attached) and on our weekly calls (see transcript of 8-11-15 > call) that such an accreditation requirement would have such a ³severe > impact² on the economic realities of providers (in other words, would > cost them so much money), that they could never agree to such a > requirement. But of course, if I¹m an individual registrant concerned > about my privacy and due process, then I could care less about the > ³economic realities² of providers. > > > > My point is only that we can¹t gloss over that important distinction > (and others) by lumping all of the ³court order² comments together as if > they were coming from the same place and advocating for the same thing. > They¹re not. > > > > From: Kathy Kleiman [mailto:kathy@kathykleiman.com > <mailto:kathy@kathykleiman.com> ] > Sent: Friday, August 28, 2015 8:44 AM > To: Williams, Todd <Todd.Williams@turner.com > <mailto:Todd.Williams@turner.com> >; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi Todd, > The entire WG is now looking to our comments to show what supports Annex > E (deemed generally to be a lower standard than court order) and Court > Order (deemed to be a much higher standard than Annex E). What we are > talking about is the floor, not the ceiling, right, for accreditation? > Namely, what is the minimum requirement for disclosure of proxied data? > I see it as really quite binary - up or down (Annex E or court order for > private requests to p/p providers) - but I can understand if the subteam > thinks differently. > > What I think is key is the quotes that have come out of the comments. > Provided we keep the quotes, I'm good.I can rework, but not until end of > weekend or early next week. > > Best, > Kathy > : > > Thanks Kathy. > > > > · When you say that ³in the weeks since the original draft, I > think the discussion has evolved from a multipart one . . . to a binary > one² what are you basing that on? Can you point to any transcripts or > emails? I certainly don¹t remember being part of those discussions. > > · Moreover, had I been involved in those discussions, I would have > objected, because I think that lumping the comments together in the way > that you have, and ignoring the categories that our sub-team had already > agreed upon, does a disservice to the nuance of the comments from > Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a > court. I think that is an important distinction between Categories 2 > and 3. And the fact that the ICA and EasyDNS comments would allow for > ³some exceptions for cases of abuse² is another important distinction > that the broader WG ought to know about. I¹m fine if we want to include > some sort of introductory sentence saying that __ comments opposed the > basic premise of Annex E (which we do). But to then argue that those > comments are monolithic, or that they all oppose the premise of Annex E > in the same way, is not accurate. > > · I simply understood the ISPCP comment to mean that allegations > of infringement should not always be automatically taken as true (³not > indisputably wronged parties²), and that some independent adjudicator > (meaning, somebody other than the IP owner who is making the allegation) > should evaluate the merits of those claims. Annex E as currently > drafted provides for that. But I also don¹t think that you or I should > necessarily be the ones to decide this argument. Why can¹t we just say > that we weren¹t quite sure what to do with this one (as was true with > some others), and take it to the larger WG for their consideration. > > · I think you¹re missing my point on Blacknight. My point is that > the key word is ³require.² As I mentioned below, nothing in Annex E > ³requires² Blacknight to disclose (merely to give reasons if they refuse > to disclose). So I don¹t see anything in their comment that is > inconsistent with Annex E. > > · On the APC comment: I don¹t disagree with you that the comment > has important value for the WG. But that¹s not the same thing as saying > that it advocates for disclosure only following a court order. It > doesn¹t. > > > > From: Kathy Kleiman [mailto:kathy@kathykleiman.com > <mailto:kathy@kathykleiman.com> ] > Sent: Wednesday, August 26, 2015 10:59 PM > To: Williams, Todd <Todd.Williams@turner.com> > <mailto:Todd.Williams@turner.com> ; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi Todd, > Tx you for the close read. In the weeks since the original draft, I > think the discussion has evolved from a multipart one - such as the 5 > categories originally created in Section III -- to a more binary one: do > commenters support a system such as Annex E or do they want court order > prior to the reveal of the data? > > With apologies, I don't understand the differentiation into Categories > 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and > others not, but that does not take away from the totality of the > commenters who want court orders -- or want court orders for certain > categories of requests such as privacy requests to p/p providers from > third parties, such as intellectual property requests. To divide up > these comments really dilutes the argument, I think, as these commenters > favor court order for the key issue we are evaluating. > > So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy > DNS together in Category 2. > > The ISPCP Constituency Comments call for an "independent adjudicator" to > "determine the merits of their ("intellectual property rights holders") > claims. I thought that was pretty clear reference to a judge or > magistrate, but if you see it differently, please let me know. > > Re Blacknight, on the issue of Annex E or court order, the comments > appear to come down squarely for court orders. For LEA, it recommends a > different approach, but there is no reference to Annex E, only "a > request from law enforcement, Irish consumer protection agencies or a > court order with jurisdiction over us." The intellectual property > requests falls into the final category -- court order -- and as such, > this comment would be properly listed here. > > Re: APC, Alliance for Progressive Communications, you are right that I > missed a step in putting this comment forward. The question this quote > addresses, and it is a valuable one, is court orders and jurisdiction -- > from which jurisdiction are court orders are valid? Here APC provides > us with unique insight, very worth passing onto the WG: that release of > domain name data in some countries has and will continue to result in > arrest, prosecution, conviction, etc. of "domain owners" who are > "exercising activism" online. This is a very tough issue that we > discussed in the WG, and APC is on the ground in Africa and near the > Middle East to see abuses first hand. > > As the WG explores the issue of court orders, the next question is: from > what jurisdiction should/must p/p provider accept a court order? The APC > comment reminds us that what is clearly legal in one country is > punishable in another -- and that jurisdictional issues for court orders > are a key part of what we (the WG) have to keep in mind. If you would > like to create a introductory paragraph, or new section, for this type > of discussion, I would certainly welcome it! > > Best, > Kathy > : > > Thanks Kathy. One minor formatting suggestion: > > > > I think the spectrum that we outline on page 5 (Categories 1-4) is > useful, because not all of these comments are advocating for the same > thing. Yet the quotes that we¹ve added from the comments are all > included under Category 2, which is somewhat confusing. I would suggest > that we move: > > > > · The quotes from the comments from Google, Endurance > International Group, and Jeff Wheelhouse to the paragraph on Category 3. > > · The quotes from the comments from ICA and Easy DNS to the > paragraph on Category 4. > > > > Also, I saw that you added quotes from the comments from ISPCPC, > Blacknight, and the Association for Progressive Communications, even > though those weren¹t in our initial summary and don¹t specifically > mention Annex E. My thoughts on each: > > > > · Here¹s the full ISPCPC quote, from a section titled ³Regarding > LEA definitions & differentiations²: ³While we respect the desire to > utilize the official ICANN definition of Law Enforcement Agent (LEA), we > acknowledge that intellectual property rights holders and private anti > abuse organizations should be treated as complainants and not > indisputably wronged parties, and accordingly an independent adjudicator > should determine the merits of their claim before rights that users > would otherwise have are abrogated by reason of those lawyers' claims.² > To be honest, I¹m not really sure what to make of that (especially given > that it is included under a heading about LEA definitions). But I¹m not > sure that we can assume that it means disclosure only following a court > order. Why would Annex E as currently drafted not satisfy the standard > of ³an independent adjudicator should determine the merits of their > claim²? > > · I also don¹t understand why we would think that the Blacknight > quote is incompatible with Annex E. All it says is that ³any policy > that would require us to divulge our client¹s information in the absence > of either a request from law enforcement, Irish consumer protection > agencies or a court order with jurisdiction over us is incompatible with > Irish law.² But Annex E as currently drafted doesn¹t require Blacknight > to divulge its client¹s information. Rather, it gives Blacknight the > discretion to make that decision; all it requires is that Blacknight > provide the complainant with its reasoning if it chooses to refuse. > > · I don¹t understand why we¹d include a quote from the APC comment > in this section, given that it does not mention Annex E, and that it > expressly endorsed the NCSG comment (see: > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i > 9.pdf > <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0 > i9.pdf> ), which we analyze in the previous section that supports the > premise of Annex E. > > > > From:gnso-ppsai3-bounces@icann.org > <mailto:gnso-ppsai3-bounces@icann.org> > [mailto:gnso-ppsai3-bounces@icann.org > <mailto:gnso-ppsai3-bounces@icann.org> ] On Behalf Of Kathy Kleiman > Sent: Wednesday, August 26, 2015 5:17 PM > To: gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi All, > Tx to Darcy for the Overview work. I've taken her draft and added to it > my work on Section III as promised on the last call. I added more quotes > from commenters seeking court orders and the use of existing legal due > process mechanisms prior to disclosure of proxied data. There was a wide > array of comments on this issue, including from ISPs, individuals, > organizations, and companies. > > I used Darcy's version as the base. Both her edits (Overview) and my > edits (Section III) are shown in "track changes." > > Best, > Kathy > > : > > Hi, all! > > In follow up to our call earlier this week, attached is an updated > Sub-team 3 analysis draft with the overview added at the beginning. I > redlined my changes so you can clearly see what I¹ve done. I hope you > find that I present a clear and accurate overview. > > > > I also made some minor revisions to Section V (³Comments that did not > fit neatly into any of the above categories²) that I realized after > submitting my original draft of that section made a bit more sense. > Again, I¹ve redlined the changes so you can easily see what changed. > > > > Please let me know if there are any questions. > > > > Thanks, > > Darcy > > > > > > > > > > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > <https://mm.icann.org/mailman/listinfo/gnso-ppsai3> > > > > > > <Revised Illustrative Disclosure Framework for Intellectual Property > Righ...[2][1].docx>_______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > <https://mm.icann.org/mailman/listinfo/gnso-ppsai3> > _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: * I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). * The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). * I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: * I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. * You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. * Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): * Blacknight: https://www.blacknight.com/acceptable-usage.html. * Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. * EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. * 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. * Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. * DomainIt, Inc.: https://www.domainit.com/terms.html. * Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. * When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. * Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. * I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. * I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. * On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: * The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. * The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: * Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? * I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. * I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com> wrote:
Works for me. Thanks Mary.
From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: Mary Wong <mary.wong@icann.org> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: "Williams, Todd" <Todd.Williams@turner.com> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org> Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: Mary Wong <mary.wong@icann.org> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: "Williams, Todd" <Todd.Williams@turner.com> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net>, Mary Wong <mary.wong@icann.org> Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org> Cc: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: Holly Raiche <h.raiche@internode.on.net> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Cc: "Williams, Todd" <Todd.Williams@turner.com>, Sara Bockey <sbockey@godaddy.com> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com> wrote:
Thanks, Todd.
From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com>; Mary Wong <mary.wong@icann.org>; gnso-ppsai3@icann.org Cc: Sara Bockey <sbockey@godaddy.com> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer’s registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com>; Mary Wong <mary.wong@icann.org>; gnso-ppsai3@icann.org Cc: Sara Bockey <sbockey@godaddy.com> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from the savedomainprivacy.org petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind. · You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how I would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: Mary Wong <mary.wong@icann.org> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" <Todd.Williams@turner.com> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy : Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy : Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”? · I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
: Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks, Darcy
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary. *From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone – can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. *From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email): “for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.” *From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks I apologise for not participating over the past week - I’ve been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’…. What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd. *From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I’m still confused. In order: ·I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). ·The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). ·I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”). Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG. *From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara *From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1)Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton’s comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd. *From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara *From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: ·I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind. ·You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed. ·Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document). Thanks. Todd. *From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below. I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): ·Blacknight:https://www.blacknight.com/acceptable-usage.html. ·Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm. ·EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy. ·1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static. ·Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. ·DomainIt, Inc.:https://www.domainit.com/terms.html. ·Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers. My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not. *From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy. ·When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions. ·Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. ·I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. ·I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E. ·On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t. *From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: ·The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. ·The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each: ·Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”? ·I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. ·I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. *From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team¹s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than ³surrender², and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org From: <gnso-ppsai3-bounces@icann.org> on behalf of Kathy Kleiman <kathy@kathykleiman.com> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd < <mailto:Todd.Williams@turner.com> Todd.Williams@turner.com> wrote:
Works for me. Thanks Mary.
From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org [ <mailto:gnso-ppsai3-bounces@icann.org> mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org
From: Mary Wong <mary.wong@icann.org> Date: Tuesday, September 22, 2015 at 23:12 Cc: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org
From: "Williams, Todd" < <mailto:Todd.Williams@turner.com> Todd.Williams@turner.com> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org> Cc: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org [ <mailto:gnso-ppsai3-bounces@icann.org> mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org
From: Mary Wong < <mailto:mary.wong@icann.org> mary.wong@icann.org> Date: Wednesday, September 16, 2015 at 16:27 Cc: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> Subject: Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than ³surrender², and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org
From: "Williams, Todd" < <mailto:Todd.Williams@turner.com> Todd.Williams@turner.com> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net>, Mary Wong <mary.wong@icann.org> Cc: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
> Thanks Holly. As I mentioned when I circulated the draft (see attached > email): > > ³for Sara, Kathy, and the others on our sub-team who have argued that > ³verifiable evidence² means something higher let us know how you would > further edit Sections II(A), (B), and (C) to meet whatever ³higher² > standard you have in mind.² > > From: <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org [ <mailto:gnso-ppsai3-bounces@icann.org> > mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche > Sent: Tuesday, September 15, 2015 8:43 AM > To: Mary Wong <mary.wong@icann.org> > Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > Yes, it does help - particularly since I recognise my words in the > extract. What it suggests, however, is acceptance that the elements a > requested gives to a provider amounts to the standard of evidence that > is verifiable¹ - as described below. My question to the group, > therefore, is whether the addition of those words has been agreed upon > by the group. If not, the words should not be there; their mere > presence suggests agreement, and puts the onus on those of us who don¹t > agree to argue for the removal of words that were not agreed to. > > Sorry to be pedantic, folks, but the presence of those words suggests a > level of agreement that I am not aware of. > > Holly > On 15 Sep 2015, at 10:27 pm, Mary Wong < <mailto:mary.wong@icann.org> > mary.wong@icann.org> wrote: > > > > > Hi Holly and everyone, > > As Todd noted in his report to the full WG last week on behalf of the > Sub Team, the document doesn¹t represent the finished consensus product > of the Sub Team but rather is being presented as a tool for further WG > discussion. The document includes certain revisions that were added to > more fully reflect the comments that were received, and as such could be > one form of a revised Annex E however, as Todd mentioned, it isn¹t the > agreed result of the Sub Team¹s substantive analysis. > > Similarly, in the summary document that was also sent out in tandem, > here is how the Sub Team¹s discussion on the question of ³verifiable > evidence² was presented: > > "Further, the Save Domain Privacy petition, which had 10,042 signatories > and also included [x] number of additional statements, argued that > ³privacy providers should not be forced to reveal my private information > without verifiable evidence of wrongdoing.² We as a sub-team could not > agree on how to interpret ³verifiable evidence,² and will leave that > discussion to the larger WG. Some on the sub-team viewed these comments > as supporting Annex E because the requirements in Annex E as currently > formulated can be interpreted as constituting verifiable evidence, while > others on the sub-team interpret verifiable evidence¹ as requiring a > court order and therefore not in support of Annex E. However, some also > noted that the word ³verifiable² does not imply that the evidence has > been tested through a legal process; rather, it simply points toward > requiring that evidence provided must be credible/provable enough so > that, in a legal proceeding, it would withstand legal scrutiny, but does > not necessarily imply that there must have been a court process in all > cases." > > Does this help? > > Cheers > Mary > > Mary Wong > Senior Policy Director > Internet Corporation for Assigned Names & Numbers (ICANN) > Telephone: +1 603 574 4889 > Email: <mailto:mary.wong@icann.org> mary.wong@icann.org > > > > From: Holly Raiche < <mailto:h.raiche@internode.on.net> > h.raiche@internode.on.net> > Date: Tuesday, September 15, 2015 at 20:18 > To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" > <gnso-ppsai3@icann.org> > Cc: "Williams, Todd" < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com>, Sara Bockey < <mailto:sbockey@godaddy.com> > sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > Folks > > I apologise for not participating over the past week - I¹ve been away. > > My question is, next to the headings on request for templates, the words > after requester provides to the service provider, the words verifiable > evidence of wrong doing, including¹. > > What that implies is that the following text lists what would constitute > verifiable evidence¹ and indeed, the word including¹ suggests that > other elements can also constitute verifiable evidence¹. Has the group > agreed on this? > > My impression was that we had not yet agreed what the term meant, but > that it must be evidence of a very high standard - impliedly something > that could be used in court processes. I am not convinced that the > elements listed under Heading II meet that test. > > So Mary, others, was this agreed? > > Thanks > > Holly > On 15 Sep 2015, at 7:11 am, Sara Bockey < <mailto:sbockey@godaddy.com> > sbockey@godaddy.com> wrote: > > > > > Thanks, Todd. > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 1:18 PM > To: Sara Bockey, Mary Wong, " <mailto:gnso-ppsai3@icann.org> > gnso-ppsai3@icann.org" > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > Thanks Sara. I¹m still confused. In order: > > · I still don¹t see any mention in the CDT comment re: removal of > alleged infringing materials in lieu of disclosure. I do see support > for the additional language that the attached draft adds to III(C)(vii) > about ³specific information, facts and/or circumstances showing that > disclosure to the Requester will endanger the safety of the Customer² > (in fact, that language was added specifically to capture the point of > the paragraph from the CDT comment that you¹ve quoted below). But that > is completely different from what you¹ve added, for which I cannot find > any support in any of the public comments. I also don¹t understand your > claim that ³rights and actions available to the registrant are sorely > lacking in Annex E² given that Annex E explicitly contemplates notice > to the registrant and contemplates input from the registrant in Sections > III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and > III(C)(vii). > · The portion of the NCSG comment that you¹ve cited addressed the > appeals mechanism of Section III(F), not the reconsideration mechanism > of III(E). In fact, the attached draft removes the appeal mechanism of > III(F) precisely because of the language that you quoted below from the > NCSG comment (among others). But that language has nothing to do with > III(E). > · I don¹t understand what the comments from Key Systems, Ralf > Haring, or Adam Creighton have to do with III(E) which again, is only > talking about a request for reconsideration. Moreover, the Key Systems > comment is simply inaccurate: the Disclosure Framework never ³assume[d] > disclosure if certain process steps are followed regardless of the > merits of the complaint² a point that the attached revised draft now > makes explicit in the preamble (³by not requiring that disclosure > automatically follow any given request²). > > Just to reiterate: I¹ve always viewed our job in the two documents that > our sub-team has drafted as being to accurately report to the larger WG > what the comments that we¹ve reviewed say. Which means two things: 1) > we have to be true to the comments, and not reinterpret them to say > something they don¹t; and 2) we have to reserve our advocacy for or > against certain points from those comments for the larger WG discussion. > That¹s what I tried to do in the attached. So if you want to argue > against Annex E, that¹s fine do so on the call tomorrow. In fact, I¹m > planning to argue against several of the proposed changes that are > included in the attached. But I still included those proposed changes > in the attached draft, and accurately noted which comments they were > based on because to do otherwise would be misleading to the larger WG. > > From: Sara Bockey [ <mailto:sbockey@godaddy.com> > mailto:sbockey@godaddy.com] > Sent: Monday, September 14, 2015 3:50 PM > To: Williams, Todd < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com>; Mary Wong < <mailto:mary.wong@icann.org> > mary.wong@icann.org>; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Cc: Sara Bockey < <mailto:sbockey@godaddy.com> sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > Todd, > > Please see my comments inline below. > > Disclaimer: I do not support Annex E. > > Sara > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 11:57 AM > To: Sara Bockey, Mary Wong, " <mailto:gnso-ppsai3@icann.org> > gnso-ppsai3@icann.org" > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > Sara: > > Two quick questions on this as I was getting ready for our call > tomorrow: > > 1) Your addition of a new III(C)(v) stating ³the Customer has > removed the infringing trademark and/or copyright material in lieu of > disclosure² what public comment that we reviewed was that change based > on? > > Based on CDT¹s comment re registrant¹s ability to respond to allegations > removal of alleged infringing materials in lieu of disclosure would > fall into this category. Rights and actions available to the registrant > are sorely lacking in Annex E. > > Mere allegation of infringement or illegality is insufficient cause for > a provider to disclose a customer¹s data to a third party; it is > frequently trivially easy for a party abusing the system to allege > frivolous or nonexistent civil claims to justify a demand for personal > information. Registrants should have the ability and opportunity to > respond to the allegations and to the dangers to which they, their > families, and their organizations might be subjected, and to obtain > counsel on these matters. > Revealing a customer¹s registration data should only occur when there > has been a substantial > showing of likelihood of abuse and only after due process. > > > > 2)Can you show me where in the NCSG comment (here: > > <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS > 3q.pdf> > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3 > q.pdf > ) the NCSG argued for the addition of the clause ³in instances where > Requester has discovered and submitted additional evidence or > information which warrants consideration² to III(E)? You noted that > this change was based on the NCSG comment, but I can¹t find anything in > that comment that mentions III(E) though admittedly I could have > missed it. > > > Based on NCSG comment re unlimited appeals . > > Under no circumstances should Intellectual Property Interests, Law > Enforcement or any other Requestors have unlimited appeals to third > party dispute resolution providers. It will be far more than an > implementation detail to define this appellate procedure but a whole > new arbitration forum of its own will need to be created and a UDRP > process undiscussed and unplanned by this Working Group. All > deliberation about appeal mechanisms should be set aside at this time. > Any Intellectual Property owner or group that feels a Provider is > routinely denying appropriate requests will have full access to the > growing and increasingly responsive ICANN Compliance Team which will > be accessible to Complainers through the accreditation process now being > created. > > Key Systems¹ comment would also support this addition: > > We do not support the proposed Disclosure Framework as it assumes > disclosure if certain process steps are followed regardless of the > merits of the complaint. > > As well as Ralf Haring¹s comment: > > [Disagree with proposal that] Providers can be forced to give your > private contact details to anyone complaining that your site violates > their copyright or trademark. > > And Adam Creighton¹s comment: > > I think the language is too loose, and opens individuals up to frivolous > litigation from IP rights owners and third-party agencies whose > contracted relationship is to expand IP brand presence. > > Thanks. > > Todd. > > From: Sara Bockey [ <mailto:sbockey@godaddy.com> > mailto:sbockey@godaddy.com] > Sent: Friday, September 04, 2015 4:40 PM > To: Williams, Todd < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com>; Mary Wong < <mailto:mary.wong@icann.org> > mary.wong@icann.org>; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Cc: Sara Bockey < <mailto:sbockey@godaddy.com> sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > Hi all, > > As promised, attached is a redline of my input to the proposed changes > Todd drafted. Todd was pretty thorough and had included several > revisions I had in mind based on the comments so my edits are limited to > a few comments and additions. > > Best regards, > > Sara > > > From: < <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" > Date: Wednesday, September 2, 2015 at 2:58 PM > To: Mary Wong, " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > All: > > As promised on our call, attached is a redline of the Draft Disclosure > Framework, with annotations noting the source of each proposed change. > Several notes as you review: > > · I know that we¹ve debated whether ³verifiable evidence² means > more than what is currently in Sections II(A), (B), and (C). You¹ll see > that I¹ve added the exact wording from the savedomainprivacy.org > <http://savedomainprivacy.org/> petition ³verifiable evidence of > wrongdoing² to those sections. I think that is a good fit, as of > right now. But for Sara, Kathy, and the others on our sub-team who have > argued that ³verifiable evidence² means something higher let us know > how you would further edit Sections II(A), (B), and (C) to meet whatever > ³higher² standard you have in mind. > · You¹ll note that I briefly added a reference to the comment from > Com Laude (which I think we had omitted from our summary). And that I > did not reference the comment from Aaron Myers (which we¹ve referenced > in our summary, but which doesn¹t really offer any edits to the > Disclosure Framework). Otherwise I think I¹ve covered everything that > we reviewed in terms of edits to the Disclosure Framework though let > me know if anybody sees anything I¹ve missed. > · Just to be clear for the record: the attached is a revised > Disclosure Framework that illustrates and attempts to account for all of > the proposed edits that we received from the public comments, for the > larger Working Group¹s reference. But it is not how I would have edited > the Disclosure Framework. In fact, I¹ll reserve the right to argue > against some of these proposed edits, once we get into the larger WG > discussion. Just wanted to make that clear so that nobody thinks these > edits are mine (since I¹m the one who drafted the document). > > Thanks. > > Todd. > > From: <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org > <mailto:gnso-ppsai3-bounces@icann.org> ] On Behalf Of Mary Wong > Sent: Wednesday, September 02, 2015 6:59 AM > To: gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> > Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration > > Hello again everyone, > > As you look through the proposed revised summary document (below), you > may also wish to consider whether some of the additional comments that > were included in Part 4 of the overall WG Public Comment Review Tool > might be useful such that additional notes or recommendations can be > made, or existing language amended. For your convenience I¹ve extracted > ten such comments which, while not sent in as specific responses to the > Preliminary Recommendations and Annex E that this Sub Team is analysing, > nonetheless seem relevant generally. > > I attach these ten comments in tabular form to this email, and welcome > the Sub Team¹s discussion and comments on whether any of them ought to > be considered as well as your thoughts on the summary document. > > As the Sub Team is due to report back to the full WG next Tuesday, > please let me know also if you think a call before then amongst the Sub > Team members might be needed. > > Thanks and cheers > Mary > > Mary Wong > Senior Policy Director > Internet Corporation for Assigned Names & Numbers (ICANN) > Telephone: +1 603 574 4889 > Email: mary.wong@icann.org <mailto:mary.wong@icann.org> > > > From: Mary Wong < <mailto:mary.wong@icann.org> mary.wong@icann.org> > Date: Monday, August 31, 2015 at 15:46 > To: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < > <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > Hello everyone, in an attempt to facilitate further dialogue and, > hopefully, consensus on a way forward on this issue, I¹ve taken the > liberty of amending Kathy¹s document to take into account Holly¹s > comments as well as to attempt to place certain comments (e.g. the > ICA¹s, EasyDNS¹) more specifically within a particular category. I > attach both a redlined and clean copy of this latest updated version > (with the clean copy including yellow highlighted portions where the > most significant language changes are suggested). I have not yet broken > the comments down further into the registrant/provider distinction that > Todd noted, but can of course do so if this is viewed as useful. > > Please note that this is not a staff position that is being suggested, > but merely an attempt to document where the Sub Team¹s discussion seems > to be at the moment. I hope this is helpful. > > Cheers > Mary > > Mary Wong > Senior Policy Director > Internet Corporation for Assigned Names & Numbers (ICANN) > Telephone: +1 603 574 4889 > Email: mary.wong@icann.org <mailto:mary.wong@icann.org> > > > From: < <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" < > <mailto:Todd.Williams@turner.com> Todd.Williams@turner.com> > Date: Friday, August 28, 2015 at 22:40 > To: Kathy Kleiman < <mailto:kathy@kathykleiman.com> > kathy@kathykleiman.com>, " <mailto:gnso-ppsai3@icann.org> > gnso-ppsai3@icann.org" < <mailto:gnso-ppsai3@icann.org> > gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > Thanks Kathy. I both agree and disagree with what you¹ve said below. > > I strongly agree that ³the key is the quotes that have come out of the > comments.² I¹ve said repeatedly that our job as a sub-team is not to > advocate, but to simply present the comments to the WG in as accurate > and objective a way as possible. To the extent that we then want to > advocate for our own positions as part of the larger WG, we can do so. > Moreover, part of the reason why I feel so strongly that ³the key is the > quotes² is that I think we have to take the comments at face value, and > then debate as WG whether we can reach consensus on what they actually > say not on what we want them to say. That¹s why I felt so strongly > that ³verifiable evidence² should not be reinterpreted to mean a court > order. It is also what animated my email exchange with Stephanie in the > larger WG (attached). > > And if we are in fact faithful to what the comments actually say, then > it is a mistake to lump all of the ³court order² comments into one > monolithic group. I¹ve given some examples of substantive differences > below. But let me give another one: if we look at what they actually > say, the ³court order² comments are very much divided based on whether > the comment came from an individual registrant or from a > registrar/provider. Which of course makes sense: a registrant will tend > to look at these issues very differently than a provider. Specifically, > as you correctly note in our draft, the vast majority of comments > (11,000+) from individuals/registrants said that ³Everyone deserves the > right to privacy² and that ³No one¹s personal information should be > revealed without a court order, regardless of whether the request comes > from a private individual or law enforcement agency.² And of course, we > can understand why registrants would argue that their right to privacy > is inviolate, and that it should never be abrogated unless a court > blesses it. > > But note that the registrar/provider comments in the ³court order² group > do NOT say the same thing. Rather, they are focused on retaining their > discretion as to when to disclose or publish, and do not want an > accreditation standard that requires them to do so absent a court order. > Hence my point about the word ³require² in the Blacknight comment. See > also the Key Systems comment: ³Disclosure or publication should never be > the automatic result of a process, but rather remain an option of the > provider.² And others. So one key distinction b/w the > registrant/individual comments and the registrar/provider comments is > that the registrant comments do not want disclosure or publication EVER > unless following a court order, while the provider comments want a court > order first if SOMEBODY ELSE wants them to disclose or publish, but not > if THEY want to disclose or publish. And we can understand why, given > how many provider Terms of Service include language that gives them > discretion to basically turn off a P/P Service whenever they want (for > example, if the registrant stops paying them), without any kind of > process beforehand (due process or otherwise). See below (among many > others): > > · Blacknight: https://www.blacknight.com/acceptable-usage.html > <https://www.blacknight.com/acceptable-usage.html> . > · Whoisprivacy.com <http://whoisprivacy.com/> , Ltd.: > <http://www.whoisprivacyservices.com.au/terms.htm> > http://www.whoisprivacyservices.com.au/terms.htm. > · EuroDNS S.A.: > <https://www.eurodns.com/terms-and-conditions/whois-privacy> > https://www.eurodns.com/terms-and-conditions/whois-privacy. > · 1&1 Internet, Inc.: <http://www.1and1.com/TcPdr?__lf=Static> > http://www.1and1.com/TcPdr?__lf=Static. > · Domain.com <http://domain.com/> , LLC: > <http://www.domain.com/legal/legal_domain.bml#domain-privacy-service> > http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. > · DomainIt, Inc.: <https://www.domainit.com/terms.html> > https://www.domainit.com/terms.html. > · Moniker Privacy Services, LLC: > http://www.moniker.com/legal/registration-agreement > <http://www.moniker.com/legal/registration-agreement> . > > So we can understand why providers would not want an accreditation > regime that requires them to get a court order before they turn off a > registrant¹s privacy service (and to rewrite their Terms of Service > accordingly). In fact, Volker has already admitted both on the email > list (see attached) and on our weekly calls (see transcript of 8-11-15 > call) that such an accreditation requirement would have such a ³severe > impact² on the economic realities of providers (in other words, would > cost them so much money), that they could never agree to such a > requirement. But of course, if I¹m an individual registrant concerned > about my privacy and due process, then I could care less about the > ³economic realities² of providers. > > My point is only that we can¹t gloss over that important distinction > (and others) by lumping all of the ³court order² comments together as if > they were coming from the same place and advocating for the same thing. > They¹re not. > > From: Kathy Kleiman [ <mailto:kathy@kathykleiman.com> > mailto:kathy@kathykleiman.com] > Sent: Friday, August 28, 2015 8:44 AM > To: Williams, Todd < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com>; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > Hi Todd, > The entire WG is now looking to our comments to show what supports Annex > E (deemed generally to be a lower standard than court order) and Court > Order (deemed to be a much higher standard than Annex E). What we are > talking about is the floor, not the ceiling, right, for accreditation? > Namely, what is the minimum requirement for disclosure of proxied data? > I see it as really quite binary - up or down (Annex E or court order for > private requests to p/p providers) - but I can understand if the subteam > thinks differently. > > What I think is key is the quotes that have come out of the comments. > Provided we keep the quotes, I'm good.I can rework, but not until end of > weekend or early next week. > > Best, > Kathy > : > Thanks Kathy. > > · When you say that ³in the weeks since the original draft, I > think the discussion has evolved from a multipart one . . . to a binary > one² what are you basing that on? Can you point to any transcripts or > emails? I certainly don¹t remember being part of those discussions. > · Moreover, had I been involved in those discussions, I would have > objected, because I think that lumping the comments together in the way > that you have, and ignoring the categories that our sub-team had already > agreed upon, does a disservice to the nuance of the comments from > Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a > court. I think that is an important distinction between Categories 2 > and 3. And the fact that the ICA and EasyDNS comments would allow for > ³some exceptions for cases of abuse² is another important distinction > that the broader WG ought to know about. I¹m fine if we want to include > some sort of introductory sentence saying that __ comments opposed the > basic premise of Annex E (which we do). But to then argue that those > comments are monolithic, or that they all oppose the premise of Annex E > in the same way, is not accurate. > · I simply understood the ISPCP comment to mean that allegations > of infringement should not always be automatically taken as true (³not > indisputably wronged parties²), and that some independent adjudicator > (meaning, somebody other than the IP owner who is making the allegation) > should evaluate the merits of those claims. Annex E as currently > drafted provides for that. But I also don¹t think that you or I should > necessarily be the ones to decide this argument. Why can¹t we just say > that we weren¹t quite sure what to do with this one (as was true with > some others), and take it to the larger WG for their consideration. > · I think you¹re missing my point on Blacknight. My point is that > the key word is ³require.² As I mentioned below, nothing in Annex E > ³requires² Blacknight to disclose (merely to give reasons if they refuse > to disclose). So I don¹t see anything in their comment that is > inconsistent with Annex E. > · On the APC comment: I don¹t disagree with you that the comment > has important value for the WG. But that¹s not the same thing as saying > that it advocates for disclosure only following a court order. It > doesn¹t. > > From: Kathy Kleiman [ <mailto:kathy@kathykleiman.com> > mailto:kathy@kathykleiman.com] > Sent: Wednesday, August 26, 2015 10:59 PM > To: Williams, Todd <mailto:Todd.Williams@turner.com> > <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com> ; > gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > Hi Todd, > Tx you for the close read. In the weeks since the original draft, I > think the discussion has evolved from a multipart one - such as the 5 > categories originally created in Section III -- to a more binary one: do > commenters support a system such as Annex E or do they want court order > prior to the reveal of the data? > > With apologies, I don't understand the differentiation into Categories > 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and > others not, but that does not take away from the totality of the > commenters who want court orders -- or want court orders for certain > categories of requests such as privacy requests to p/p providers from > third parties, such as intellectual property requests. To divide up > these comments really dilutes the argument, I think, as these commenters > favor court order for the key issue we are evaluating. > > So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy > DNS together in Category 2. > > The ISPCP Constituency Comments call for an "independent adjudicator" to > "determine the merits of their ("intellectual property rights holders") > claims. I thought that was pretty clear reference to a judge or > magistrate, but if you see it differently, please let me know. > > Re Blacknight, on the issue of Annex E or court order, the comments > appear to come down squarely for court orders. For LEA, it recommends a > different approach, but there is no reference to Annex E, only "a > request from law enforcement, Irish consumer protection agencies or a > court order with jurisdiction over us." The intellectual property > requests falls into the final category -- court order -- and as such, > this comment would be properly listed here. > > Re: APC, Alliance for Progressive Communications, you are right that I > missed a step in putting this comment forward. The question this quote > addresses, and it is a valuable one, is court orders and jurisdiction -- > from which jurisdiction are court orders are valid? Here APC provides > us with unique insight, very worth passing onto the WG: that release of > domain name data in some countries has and will continue to result in > arrest, prosecution, conviction, etc. of "domain owners" who are > "exercising activism" online. This is a very tough issue that we > discussed in the WG, and APC is on the ground in Africa and near the > Middle East to see abuses first hand. > > As the WG explores the issue of court orders, the next question is: from > what jurisdiction should/must p/p provider accept a court order? The APC > comment reminds us that what is clearly legal in one country is > punishable in another -- and that jurisdictional issues for court orders > are a key part of what we (the WG) have to keep in mind. If you would > like to create a introductory paragraph, or new section, for this type > of discussion, I would certainly welcome it! > > Best, > Kathy > : > Thanks Kathy. One minor formatting suggestion: > > I think the spectrum that we outline on page 5 (Categories 1-4) is > useful, because not all of these comments are advocating for the same > thing. Yet the quotes that we¹ve added from the comments are all > included under Category 2, which is somewhat confusing. I would suggest > that we move: > > · The quotes from the comments from Google, Endurance > International Group, and Jeff Wheelhouse to the paragraph on Category 3. > · The quotes from the comments from ICA and Easy DNS to the > paragraph on Category 4. > > Also, I saw that you added quotes from the comments from ISPCPC, > Blacknight, and the Association for Progressive Communications, even > though those weren¹t in our initial summary and don¹t specifically > mention Annex E. My thoughts on each: > > · Here¹s the full ISPCPC quote, from a section titled ³Regarding > LEA definitions & differentiations²: ³While we respect the desire to > utilize the official ICANN definition of Law Enforcement Agent (LEA), we > acknowledge that intellectual property rights holders and private anti > abuse organizations should be treated as complainants and not > indisputably wronged parties, and accordingly an independent adjudicator > should determine the merits of their claim before rights that users > would otherwise have are abrogated by reason of those lawyers' claims.² > To be honest, I¹m not really sure what to make of that (especially given > that it is included under a heading about LEA definitions). But I¹m not > sure that we can assume that it means disclosure only following a court > order. Why would Annex E as currently drafted not satisfy the standard > of ³an independent adjudicator should determine the merits of their > claim²? > · I also don¹t understand why we would think that the Blacknight > quote is incompatible with Annex E. All it says is that ³any policy > that would require us to divulge our client¹s information in the absence > of either a request from law enforcement, Irish consumer protection > agencies or a court order with jurisdiction over us is incompatible with > Irish law.² But Annex E as currently drafted doesn¹t require Blacknight > to divulge its client¹s information. Rather, it gives Blacknight the > discretion to make that decision; all it requires is that Blacknight > provide the complainant with its reasoning if it chooses to refuse. > · I don¹t understand why we¹d include a quote from the APC comment > in this section, given that it does not mention Annex E, and that it > expressly endorsed the NCSG comment (see: > <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0 > i9.pdf> > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i > 9.pdf), which we analyze in the previous section that supports the > premise of Annex E. > > From: <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org > <mailto:gnso-ppsai3-bounces@icann.org> ] On Behalf Of Kathy Kleiman > Sent: Wednesday, August 26, 2015 5:17 PM > To: gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > Hi All, > Tx to Darcy for the Overview work. I've taken her draft and added to it > my work on Section III as promised on the last call. I added more quotes > from commenters seeking court orders and the use of existing legal due > process mechanisms prior to disclosure of proxied data. There was a wide > array of comments on this issue, including from ISPs, individuals, > organizations, and companies. > > I used Darcy's version as the base. Both her edits (Overview) and my > edits (Section III) are shown in "track changes." > > Best, > Kathy > > : > Hi, all! > In follow up to our call earlier this week, attached is an updated > Sub-team 3 analysis draft with the overview added at the beginning. I > redlined my changes so you can clearly see what I¹ve done. I hope you > find that I present a clear and accurate overview. > > I also made some minor revisions to Section V (³Comments that did not > fit neatly into any of the above categories²) that I realized after > submitting my original draft of that section made a bit more sense. > Again, I¹ve redlined the changes so you can easily see what changed. > > Please let me know if there are any questions. > > Thanks, > Darcy > > > > > > > > > > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > <https://mm.icann.org/mailman/listinfo/gnso-ppsai3> > > > > <Revised Illustrative Disclosure Framework for Intellectual Property > Righ...[2][1].docx>_______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > <https://mm.icann.org/mailman/listinfo/gnso-ppsai3> > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 >
Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-ppsai3
Mary, I’ve provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? Seems we need to clarify “objectives”. Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers’ perspective Agree. - saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [<mailto:gnso-ppsai3-bounces@icann.org>mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone – can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [<mailto:gnso-ppsai3-bounces@icann.org>mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): “for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.” From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [<mailto:gnso-ppsai3-bounces@icann.org>mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <<mailto:h.raiche@internode.on.net>h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I’ve been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’…. What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I’m still confused. In order: · I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”). Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG. From: Sara Bockey [<mailto:sbockey@godaddy.com>mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on? Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer’s registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pdf>http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pdf ) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created. Key Systems’ comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring’s comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton’s comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [<mailto:sbockey@godaddy.com>mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind. · You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how I would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document). Thanks. Todd. From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <<mailto:kathy@kathykleiman.com>kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you’ve said below. I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: <http://www.whoisprivacyservices.com.au/terms.htm> http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: <https://www.eurodns.com/terms-and-conditions/whois-privacy> https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: <http://www.1and1.com/TcPdr?__lf=Static> http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: <http://www.domain.com/legal/legal_domain.bml#domain-privacy-service> http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: <https://www.domainit.com/terms.html> https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers. My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not. From: Kathy Kleiman [<mailto:kathy@kathykleiman.com>mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t. From: Kathy Kleiman [<mailto:kathy@kathykleiman.com>mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <mailto:Todd.Williams@turner.com> <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each: · Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”? · I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...> http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Thanks much, Sara! Everyone it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that¹s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven¹t heard from many Sub Team members that they can do a Friday call, I¹m going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org From: Sara Bockey <sbockey@godaddy.com> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I¹ve provided feedback in red below.
Sara
From: <gnso-ppsai3-bounces@icann.org> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team¹s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained.
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that¹s sent to them? Seems we need to clarify ³objectives². Limited to original request?
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers¹ perspective Agree. - saying ³encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than ³surrender², and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate.
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes.
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: <gnso-ppsai3-bounces@icann.org> on behalf of Kathy Kleiman <kathy@kathykleiman.com> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd < <mailto:Todd.Williams@turner.com> Todd.Williams@turner.com> wrote:
Works for me. Thanks Mary.
From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org [ <mailto:gnso-ppsai3-bounces@icann.org> mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org
From: Mary Wong <mary.wong@icann.org> Date: Tuesday, September 22, 2015 at 23:12 Cc: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org
From: "Williams, Todd" < <mailto:Todd.Williams@turner.com> Todd.Williams@turner.com> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org> Cc: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org [ <mailto:gnso-ppsai3-bounces@icann.org> mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org
From: Mary Wong < <mailto:mary.wong@icann.org> mary.wong@icann.org> Date: Wednesday, September 16, 2015 at 16:27 Cc: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> Subject: Follow up from WG call yesterday
> Hello everybody, > > Here are the notes I captured from the WG discussion yesterday; we > should have the full transcript and MP3 recording uploaded by tomorrow > at the latest but I thought these notes might be helpful, at least as an > initial framework for the next Sub Team discussion: > > Section I.B.(iii): > - Need to discuss retaining it in some form; costs are real for > providers > > Section II: > - Should there be provision for indemnification to provider against > misuse of data? (NOTE: unlikely to gain support, so possibly no need to > add) > - A(6)(b)(ii): can a requester under the new wording keep/use the data > to assocate with other information about the registrant e.g. for future > or other requests? Does reverse apply to registrar/provider ie do they > keep data that's sent to them? > > Section III: > - III.B: Secure communications may not be as easily or readily done as > might be desired (so revision is well-intended but maybe not entirely > practical) > - 5 calendar days rather than 3 is more reasonable from providers' > perspective > - saying "encouraged" but not mandating action would nullify need for > this section B (NOTE: many people on the call agree with this, one > objected) > - III.C.: use some other word than ³surrender², and one that makes clear > this does not mean a transfer; in any event, clarify that it's a > deletion at the option of a customer (NOTE: there was some discussion > over whether providers must be required to offer this option; reminder > that previous WG discussions had led to agreement to NOT make it > mandatory due to varying provider practices) > - III.C.(v) & (vi): do they overlap? Should they be merged? > > Annex I: > - Keep both options to clarify they are two possible ways of dealing > with the issues? > > Would you like to do a Sub Team call to walk through these suggestions, > or should we continue to discuss first by email? I will check with the > WG co-chairs when they would like a revised, more finalized, set of > recommendations to be presented to the WG (if possible). > > Thanks and cheers > Mary > > Mary Wong > Senior Policy Director > Internet Corporation for Assigned Names & Numbers (ICANN) > Telephone: +1 603 574 4889 > Email: <mailto:mary.wong@icann.org> mary.wong@icann.org > > > > From: "Williams, Todd" < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com> > Date: Tuesday, September 15, 2015 at 21:19 > To: Holly Raiche <h.raiche@internode.on.net>, Mary Wong > <mary.wong@icann.org> > Cc: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < > <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > Thanks Holly. As I mentioned when I circulated the draft (see attached > email): > > ³for Sara, Kathy, and the others on our sub-team who have argued that > ³verifiable evidence² means something higher let us know how you would > further edit Sections II(A), (B), and (C) to meet whatever ³higher² > standard you have in mind.² > > From: <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org [ <mailto:gnso-ppsai3-bounces@icann.org> > mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche > Sent: Tuesday, September 15, 2015 8:43 AM > To: Mary Wong <mary.wong@icann.org> > Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > Yes, it does help - particularly since I recognise my words in the > extract. What it suggests, however, is acceptance that the elements a > requested gives to a provider amounts to the standard of evidence that > is verifiable¹ - as described below. My question to the group, > therefore, is whether the addition of those words has been agreed upon > by the group. If not, the words should not be there; their mere > presence suggests agreement, and puts the onus on those of us who don¹t > agree to argue for the removal of words that were not agreed to. > > Sorry to be pedantic, folks, but the presence of those words suggests a > level of agreement that I am not aware of. > > Holly > On 15 Sep 2015, at 10:27 pm, Mary Wong < <mailto:mary.wong@icann.org> > mary.wong@icann.org> wrote: > > > > > Hi Holly and everyone, > > As Todd noted in his report to the full WG last week on behalf of the > Sub Team, the document doesn¹t represent the finished consensus product > of the Sub Team but rather is being presented as a tool for further WG > discussion. The document includes certain revisions that were added to > more fully reflect the comments that were received, and as such could be > one form of a revised Annex E however, as Todd mentioned, it isn¹t the > agreed result of the Sub Team¹s substantive analysis. > > Similarly, in the summary document that was also sent out in tandem, > here is how the Sub Team¹s discussion on the question of ³verifiable > evidence² was presented: > > "Further, the Save Domain Privacy petition, which had 10,042 signatories > and also included [x] number of additional statements, argued that > ³privacy providers should not be forced to reveal my private information > without verifiable evidence of wrongdoing.² We as a sub-team could not > agree on how to interpret ³verifiable evidence,² and will leave that > discussion to the larger WG. Some on the sub-team viewed these comments > as supporting Annex E because the requirements in Annex E as currently > formulated can be interpreted as constituting verifiable evidence, while > others on the sub-team interpret verifiable evidence¹ as requiring a > court order and therefore not in support of Annex E. However, some also > noted that the word ³verifiable² does not imply that the evidence has > been tested through a legal process; rather, it simply points toward > requiring that evidence provided must be credible/provable enough so > that, in a legal proceeding, it would withstand legal scrutiny, but does > not necessarily imply that there must have been a court process in all > cases." > > Does this help? > > Cheers > Mary > > Mary Wong > Senior Policy Director > Internet Corporation for Assigned Names & Numbers (ICANN) > Telephone: +1 603 574 4889 > Email: <mailto:mary.wong@icann.org> mary.wong@icann.org > > > > From: Holly Raiche < <mailto:h.raiche@internode.on.net> > h.raiche@internode.on.net> > Date: Tuesday, September 15, 2015 at 20:18 > To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" > <gnso-ppsai3@icann.org> > Cc: "Williams, Todd" < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com>, Sara Bockey < <mailto:sbockey@godaddy.com> > sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > Folks > > I apologise for not participating over the past week - I¹ve been away. > > My question is, next to the headings on request for templates, the words > after requester provides to the service provider, the words verifiable > evidence of wrong doing, including¹. > > What that implies is that the following text lists what would constitute > verifiable evidence¹ and indeed, the word including¹ suggests that > other elements can also constitute verifiable evidence¹. Has the group > agreed on this? > > My impression was that we had not yet agreed what the term meant, but > that it must be evidence of a very high standard - impliedly something > that could be used in court processes. I am not convinced that the > elements listed under Heading II meet that test. > > So Mary, others, was this agreed? > > Thanks > > Holly > On 15 Sep 2015, at 7:11 am, Sara Bockey < <mailto:sbockey@godaddy.com> > sbockey@godaddy.com> wrote: > > > > > Thanks, Todd. > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 1:18 PM > To: Sara Bockey, Mary Wong, " <mailto:gnso-ppsai3@icann.org> > gnso-ppsai3@icann.org" > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > Thanks Sara. I¹m still confused. In order: > > · I still don¹t see any mention in the CDT comment re: removal of > alleged infringing materials in lieu of disclosure. I do see support > for the additional language that the attached draft adds to III(C)(vii) > about ³specific information, facts and/or circumstances showing that > disclosure to the Requester will endanger the safety of the Customer² > (in fact, that language was added specifically to capture the point of > the paragraph from the CDT comment that you¹ve quoted below). But that > is completely different from what you¹ve added, for which I cannot find > any support in any of the public comments. I also don¹t understand your > claim that ³rights and actions available to the registrant are sorely > lacking in Annex E² given that Annex E explicitly contemplates notice > to the registrant and contemplates input from the registrant in Sections > III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and > III(C)(vii). > · The portion of the NCSG comment that you¹ve cited addressed the > appeals mechanism of Section III(F), not the reconsideration mechanism > of III(E). In fact, the attached draft removes the appeal mechanism of > III(F) precisely because of the language that you quoted below from the > NCSG comment (among others). But that language has nothing to do with > III(E). > · I don¹t understand what the comments from Key Systems, Ralf > Haring, or Adam Creighton have to do with III(E) which again, is only > talking about a request for reconsideration. Moreover, the Key Systems > comment is simply inaccurate: the Disclosure Framework never ³assume[d] > disclosure if certain process steps are followed regardless of the > merits of the complaint² a point that the attached revised draft now > makes explicit in the preamble (³by not requiring that disclosure > automatically follow any given request²). > > Just to reiterate: I¹ve always viewed our job in the two documents that > our sub-team has drafted as being to accurately report to the larger WG > what the comments that we¹ve reviewed say. Which means two things: 1) > we have to be true to the comments, and not reinterpret them to say > something they don¹t; and 2) we have to reserve our advocacy for or > against certain points from those comments for the larger WG discussion. > That¹s what I tried to do in the attached. So if you want to argue > against Annex E, that¹s fine do so on the call tomorrow. In fact, I¹m > planning to argue against several of the proposed changes that are > included in the attached. But I still included those proposed changes > in the attached draft, and accurately noted which comments they were > based on because to do otherwise would be misleading to the larger WG. > > From: Sara Bockey [ <mailto:sbockey@godaddy.com> > mailto:sbockey@godaddy.com] > Sent: Monday, September 14, 2015 3:50 PM > To: Williams, Todd < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com>; Mary Wong < <mailto:mary.wong@icann.org> > mary.wong@icann.org>; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Cc: Sara Bockey < <mailto:sbockey@godaddy.com> sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > Todd, > > Please see my comments inline below. > > Disclaimer: I do not support Annex E. > > Sara > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 11:57 AM > To: Sara Bockey, Mary Wong, " <mailto:gnso-ppsai3@icann.org> > gnso-ppsai3@icann.org" > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > Sara: > > Two quick questions on this as I was getting ready for our call > tomorrow: > > 1) Your addition of a new III(C)(v) stating ³the Customer has > removed the infringing trademark and/or copyright material in lieu of > disclosure² what public comment that we reviewed was that change based > on? > > Based on CDT¹s comment re registrant¹s ability to respond to allegations > removal of alleged infringing materials in lieu of disclosure would > fall into this category. Rights and actions available to the registrant > are sorely lacking in Annex E. > > Mere allegation of infringement or illegality is insufficient cause for > a provider to disclose a customer¹s data to a third party; it is > frequently trivially easy for a party abusing the system to allege > frivolous or nonexistent civil claims to justify a demand for personal > information. Registrants should have the ability and opportunity to > respond to the allegations and to the dangers to which they, their > families, and their organizations might be subjected, and to obtain > counsel on these matters. > Revealing a customer¹s registration data should only occur when there > has been a substantial > showing of likelihood of abuse and only after due process. > > > > 2)Can you show me where in the NCSG comment (here: > > <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS > 3q.pdf> > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3 > q.pdf > ) the NCSG argued for the addition of the clause ³in instances where > Requester has discovered and submitted additional evidence or > information which warrants consideration² to III(E)? You noted that > this change was based on the NCSG comment, but I can¹t find anything in > that comment that mentions III(E) though admittedly I could have > missed it. > > > Based on NCSG comment re unlimited appeals . > > Under no circumstances should Intellectual Property Interests, Law > Enforcement or any other Requestors have unlimited appeals to third > party dispute resolution providers. It will be far more than an > implementation detail to define this appellate procedure but a whole > new arbitration forum of its own will need to be created and a UDRP > process undiscussed and unplanned by this Working Group. All > deliberation about appeal mechanisms should be set aside at this time. > Any Intellectual Property owner or group that feels a Provider is > routinely denying appropriate requests will have full access to the > growing and increasingly responsive ICANN Compliance Team which will > be accessible to Complainers through the accreditation process now being > created. > > Key Systems¹ comment would also support this addition: > > We do not support the proposed Disclosure Framework as it assumes > disclosure if certain process steps are followed regardless of the > merits of the complaint. > > As well as Ralf Haring¹s comment: > > [Disagree with proposal that] Providers can be forced to give your > private contact details to anyone complaining that your site violates > their copyright or trademark. > > And Adam Creighton¹s comment: > > I think the language is too loose, and opens individuals up to frivolous > litigation from IP rights owners and third-party agencies whose > contracted relationship is to expand IP brand presence. > > Thanks. > > Todd. > > From: Sara Bockey [ <mailto:sbockey@godaddy.com> > mailto:sbockey@godaddy.com] > Sent: Friday, September 04, 2015 4:40 PM > To: Williams, Todd < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com>; Mary Wong < <mailto:mary.wong@icann.org> > mary.wong@icann.org>; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Cc: Sara Bockey < <mailto:sbockey@godaddy.com> sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > Hi all, > > As promised, attached is a redline of my input to the proposed changes > Todd drafted. Todd was pretty thorough and had included several > revisions I had in mind based on the comments so my edits are limited to > a few comments and additions. > > Best regards, > > Sara > > > From: < <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" > Date: Wednesday, September 2, 2015 at 2:58 PM > To: Mary Wong, " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > All: > > As promised on our call, attached is a redline of the Draft Disclosure > Framework, with annotations noting the source of each proposed change. > Several notes as you review: > > · I know that we¹ve debated whether ³verifiable evidence² means > more than what is currently in Sections II(A), (B), and (C). You¹ll see > that I¹ve added the exact wording from the savedomainprivacy.org > <http://savedomainprivacy.org/> petition ³verifiable evidence of > wrongdoing² to those sections. I think that is a good fit, as of > right now. But for Sara, Kathy, and the others on our sub-team who have > argued that ³verifiable evidence² means something higher let us know > how you would further edit Sections II(A), (B), and (C) to meet whatever > ³higher² standard you have in mind. > · You¹ll note that I briefly added a reference to the comment from > Com Laude (which I think we had omitted from our summary). And that I > did not reference the comment from Aaron Myers (which we¹ve referenced > in our summary, but which doesn¹t really offer any edits to the > Disclosure Framework). Otherwise I think I¹ve covered everything that > we reviewed in terms of edits to the Disclosure Framework though let > me know if anybody sees anything I¹ve missed. > · Just to be clear for the record: the attached is a revised > Disclosure Framework that illustrates and attempts to account for all of > the proposed edits that we received from the public comments, for the > larger Working Group¹s reference. But it is not how I would have edited > the Disclosure Framework. In fact, I¹ll reserve the right to argue > against some of these proposed edits, once we get into the larger WG > discussion. Just wanted to make that clear so that nobody thinks these > edits are mine (since I¹m the one who drafted the document). > > Thanks. > > Todd. > > From: <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org > <mailto:gnso-ppsai3-bounces@icann.org> ] On Behalf Of Mary Wong > Sent: Wednesday, September 02, 2015 6:59 AM > To: gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> > Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration > > Hello again everyone, > > As you look through the proposed revised summary document (below), you > may also wish to consider whether some of the additional comments that > were included in Part 4 of the overall WG Public Comment Review Tool > might be useful such that additional notes or recommendations can be > made, or existing language amended. For your convenience I¹ve extracted > ten such comments which, while not sent in as specific responses to the > Preliminary Recommendations and Annex E that this Sub Team is analysing, > nonetheless seem relevant generally. > > I attach these ten comments in tabular form to this email, and welcome > the Sub Team¹s discussion and comments on whether any of them ought to > be considered as well as your thoughts on the summary document. > > As the Sub Team is due to report back to the full WG next Tuesday, > please let me know also if you think a call before then amongst the Sub > Team members might be needed. > > Thanks and cheers > Mary > > Mary Wong > Senior Policy Director > Internet Corporation for Assigned Names & Numbers (ICANN) > Telephone: +1 603 574 4889 > Email: mary.wong@icann.org <mailto:mary.wong@icann.org> > > > From: Mary Wong < <mailto:mary.wong@icann.org> mary.wong@icann.org> > Date: Monday, August 31, 2015 at 15:46 > To: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < > <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > Hello everyone, in an attempt to facilitate further dialogue and, > hopefully, consensus on a way forward on this issue, I¹ve taken the > liberty of amending Kathy¹s document to take into account Holly¹s > comments as well as to attempt to place certain comments (e.g. the > ICA¹s, EasyDNS¹) more specifically within a particular category. I > attach both a redlined and clean copy of this latest updated version > (with the clean copy including yellow highlighted portions where the > most significant language changes are suggested). I have not yet broken > the comments down further into the registrant/provider distinction that > Todd noted, but can of course do so if this is viewed as useful. > > Please note that this is not a staff position that is being suggested, > but merely an attempt to document where the Sub Team¹s discussion seems > to be at the moment. I hope this is helpful. > > Cheers > Mary > > Mary Wong > Senior Policy Director > Internet Corporation for Assigned Names & Numbers (ICANN) > Telephone: +1 603 574 4889 > Email: mary.wong@icann.org <mailto:mary.wong@icann.org> > > > From: < <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" < > <mailto:Todd.Williams@turner.com> Todd.Williams@turner.com> > Date: Friday, August 28, 2015 at 22:40 > To: Kathy Kleiman < <mailto:kathy@kathykleiman.com> > kathy@kathykleiman.com>, " <mailto:gnso-ppsai3@icann.org> > gnso-ppsai3@icann.org" < <mailto:gnso-ppsai3@icann.org> > gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > Thanks Kathy. I both agree and disagree with what you¹ve said below. > > I strongly agree that ³the key is the quotes that have come out of the > comments.² I¹ve said repeatedly that our job as a sub-team is not to > advocate, but to simply present the comments to the WG in as accurate > and objective a way as possible. To the extent that we then want to > advocate for our own positions as part of the larger WG, we can do so. > Moreover, part of the reason why I feel so strongly that ³the key is the > quotes² is that I think we have to take the comments at face value, and > then debate as WG whether we can reach consensus on what they actually > say not on what we want them to say. That¹s why I felt so strongly > that ³verifiable evidence² should not be reinterpreted to mean a court > order. It is also what animated my email exchange with Stephanie in the > larger WG (attached). > > And if we are in fact faithful to what the comments actually say, then > it is a mistake to lump all of the ³court order² comments into one > monolithic group. I¹ve given some examples of substantive differences > below. But let me give another one: if we look at what they actually > say, the ³court order² comments are very much divided based on whether > the comment came from an individual registrant or from a > registrar/provider. Which of course makes sense: a registrant will tend > to look at these issues very differently than a provider. Specifically, > as you correctly note in our draft, the vast majority of comments > (11,000+) from individuals/registrants said that ³Everyone deserves the > right to privacy² and that ³No one¹s personal information should be > revealed without a court order, regardless of whether the request comes > from a private individual or law enforcement agency.² And of course, we > can understand why registrants would argue that their right to privacy > is inviolate, and that it should never be abrogated unless a court > blesses it. > > But note that the registrar/provider comments in the ³court order² group > do NOT say the same thing. Rather, they are focused on retaining their > discretion as to when to disclose or publish, and do not want an > accreditation standard that requires them to do so absent a court order. > Hence my point about the word ³require² in the Blacknight comment. See > also the Key Systems comment: ³Disclosure or publication should never be > the automatic result of a process, but rather remain an option of the > provider.² And others. So one key distinction b/w the > registrant/individual comments and the registrar/provider comments is > that the registrant comments do not want disclosure or publication EVER > unless following a court order, while the provider comments want a court > order first if SOMEBODY ELSE wants them to disclose or publish, but not > if THEY want to disclose or publish. And we can understand why, given > how many provider Terms of Service include language that gives them > discretion to basically turn off a P/P Service whenever they want (for > example, if the registrant stops paying them), without any kind of > process beforehand (due process or otherwise). See below (among many > others): > > · Blacknight: https://www.blacknight.com/acceptable-usage.html > <https://www.blacknight.com/acceptable-usage.html> . > · Whoisprivacy.com <http://whoisprivacy.com/> , Ltd.: > <http://www.whoisprivacyservices.com.au/terms.htm> > http://www.whoisprivacyservices.com.au/terms.htm. > · EuroDNS S.A.: > <https://www.eurodns.com/terms-and-conditions/whois-privacy> > https://www.eurodns.com/terms-and-conditions/whois-privacy. > · 1&1 Internet, Inc.: <http://www.1and1.com/TcPdr?__lf=Static> > http://www.1and1.com/TcPdr?__lf=Static. > · Domain.com <http://domain.com/> , LLC: > <http://www.domain.com/legal/legal_domain.bml#domain-privacy-service> > http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. > · DomainIt, Inc.: <https://www.domainit.com/terms.html> > https://www.domainit.com/terms.html. > · Moniker Privacy Services, LLC: > http://www.moniker.com/legal/registration-agreement > <http://www.moniker.com/legal/registration-agreement> . > > So we can understand why providers would not want an accreditation > regime that requires them to get a court order before they turn off a > registrant¹s privacy service (and to rewrite their Terms of Service > accordingly). In fact, Volker has already admitted both on the email > list (see attached) and on our weekly calls (see transcript of 8-11-15 > call) that such an accreditation requirement would have such a ³severe > impact² on the economic realities of providers (in other words, would > cost them so much money), that they could never agree to such a > requirement. But of course, if I¹m an individual registrant concerned > about my privacy and due process, then I could care less about the > ³economic realities² of providers. > > My point is only that we can¹t gloss over that important distinction > (and others) by lumping all of the ³court order² comments together as if > they were coming from the same place and advocating for the same thing. > They¹re not. > > From: Kathy Kleiman [ <mailto:kathy@kathykleiman.com> > mailto:kathy@kathykleiman.com] > Sent: Friday, August 28, 2015 8:44 AM > To: Williams, Todd < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com>; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > Hi Todd, > The entire WG is now looking to our comments to show what supports Annex > E (deemed generally to be a lower standard than court order) and Court > Order (deemed to be a much higher standard than Annex E). What we are > talking about is the floor, not the ceiling, right, for accreditation? > Namely, what is the minimum requirement for disclosure of proxied data? > I see it as really quite binary - up or down (Annex E or court order for > private requests to p/p providers) - but I can understand if the subteam > thinks differently. > > What I think is key is the quotes that have come out of the comments. > Provided we keep the quotes, I'm good.I can rework, but not until end of > weekend or early next week. > > Best, > Kathy > : > Thanks Kathy. > > · When you say that ³in the weeks since the original draft, I > think the discussion has evolved from a multipart one . . . to a binary > one² what are you basing that on? Can you point to any transcripts or > emails? I certainly don¹t remember being part of those discussions. > · Moreover, had I been involved in those discussions, I would have > objected, because I think that lumping the comments together in the way > that you have, and ignoring the categories that our sub-team had already > agreed upon, does a disservice to the nuance of the comments from > Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a > court. I think that is an important distinction between Categories 2 > and 3. And the fact that the ICA and EasyDNS comments would allow for > ³some exceptions for cases of abuse² is another important distinction > that the broader WG ought to know about. I¹m fine if we want to include > some sort of introductory sentence saying that __ comments opposed the > basic premise of Annex E (which we do). But to then argue that those > comments are monolithic, or that they all oppose the premise of Annex E > in the same way, is not accurate. > · I simply understood the ISPCP comment to mean that allegations > of infringement should not always be automatically taken as true (³not > indisputably wronged parties²), and that some independent adjudicator > (meaning, somebody other than the IP owner who is making the allegation) > should evaluate the merits of those claims. Annex E as currently > drafted provides for that. But I also don¹t think that you or I should > necessarily be the ones to decide this argument. Why can¹t we just say > that we weren¹t quite sure what to do with this one (as was true with > some others), and take it to the larger WG for their consideration. > · I think you¹re missing my point on Blacknight. My point is that > the key word is ³require.² As I mentioned below, nothing in Annex E > ³requires² Blacknight to disclose (merely to give reasons if they refuse > to disclose). So I don¹t see anything in their comment that is > inconsistent with Annex E. > · On the APC comment: I don¹t disagree with you that the comment > has important value for the WG. But that¹s not the same thing as saying > that it advocates for disclosure only following a court order. It > doesn¹t. > > From: Kathy Kleiman [ <mailto:kathy@kathykleiman.com> > mailto:kathy@kathykleiman.com] > Sent: Wednesday, August 26, 2015 10:59 PM > To: Williams, Todd <mailto:Todd.Williams@turner.com> > <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com> ; > gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > Hi Todd, > Tx you for the close read. In the weeks since the original draft, I > think the discussion has evolved from a multipart one - such as the 5 > categories originally created in Section III -- to a more binary one: do > commenters support a system such as Annex E or do they want court order > prior to the reveal of the data? > > With apologies, I don't understand the differentiation into Categories > 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and > others not, but that does not take away from the totality of the > commenters who want court orders -- or want court orders for certain > categories of requests such as privacy requests to p/p providers from > third parties, such as intellectual property requests. To divide up > these comments really dilutes the argument, I think, as these commenters > favor court order for the key issue we are evaluating. > > So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy > DNS together in Category 2. > > The ISPCP Constituency Comments call for an "independent adjudicator" to > "determine the merits of their ("intellectual property rights holders") > claims. I thought that was pretty clear reference to a judge or > magistrate, but if you see it differently, please let me know. > > Re Blacknight, on the issue of Annex E or court order, the comments > appear to come down squarely for court orders. For LEA, it recommends a > different approach, but there is no reference to Annex E, only "a > request from law enforcement, Irish consumer protection agencies or a > court order with jurisdiction over us." The intellectual property > requests falls into the final category -- court order -- and as such, > this comment would be properly listed here. > > Re: APC, Alliance for Progressive Communications, you are right that I > missed a step in putting this comment forward. The question this quote > addresses, and it is a valuable one, is court orders and jurisdiction -- > from which jurisdiction are court orders are valid? Here APC provides > us with unique insight, very worth passing onto the WG: that release of > domain name data in some countries has and will continue to result in > arrest, prosecution, conviction, etc. of "domain owners" who are > "exercising activism" online. This is a very tough issue that we > discussed in the WG, and APC is on the ground in Africa and near the > Middle East to see abuses first hand. > > As the WG explores the issue of court orders, the next question is: from > what jurisdiction should/must p/p provider accept a court order? The APC > comment reminds us that what is clearly legal in one country is > punishable in another -- and that jurisdictional issues for court orders > are a key part of what we (the WG) have to keep in mind. If you would > like to create a introductory paragraph, or new section, for this type > of discussion, I would certainly welcome it! > > Best, > Kathy > : > Thanks Kathy. One minor formatting suggestion: > > I think the spectrum that we outline on page 5 (Categories 1-4) is > useful, because not all of these comments are advocating for the same > thing. Yet the quotes that we¹ve added from the comments are all > included under Category 2, which is somewhat confusing. I would suggest > that we move: > > · The quotes from the comments from Google, Endurance > International Group, and Jeff Wheelhouse to the paragraph on Category 3. > · The quotes from the comments from ICA and Easy DNS to the > paragraph on Category 4. > > Also, I saw that you added quotes from the comments from ISPCPC, > Blacknight, and the Association for Progressive Communications, even > though those weren¹t in our initial summary and don¹t specifically > mention Annex E. My thoughts on each: > > · Here¹s the full ISPCPC quote, from a section titled ³Regarding > LEA definitions & differentiations²: ³While we respect the desire to > utilize the official ICANN definition of Law Enforcement Agent (LEA), we > acknowledge that intellectual property rights holders and private anti > abuse organizations should be treated as complainants and not > indisputably wronged parties, and accordingly an independent adjudicator > should determine the merits of their claim before rights that users > would otherwise have are abrogated by reason of those lawyers' claims.² > To be honest, I¹m not really sure what to make of that (especially given > that it is included under a heading about LEA definitions). But I¹m not > sure that we can assume that it means disclosure only following a court > order. Why would Annex E as currently drafted not satisfy the standard > of ³an independent adjudicator should determine the merits of their > claim²? > · I also don¹t understand why we would think that the Blacknight > quote is incompatible with Annex E. All it says is that ³any policy > that would require us to divulge our client¹s information in the absence > of either a request from law enforcement, Irish consumer protection > agencies or a court order with jurisdiction over us is incompatible with > Irish law.² But Annex E as currently drafted doesn¹t require Blacknight > to divulge its client¹s information. Rather, it gives Blacknight the > discretion to make that decision; all it requires is that Blacknight > provide the complainant with its reasoning if it chooses to refuse. > · I don¹t understand why we¹d include a quote from the APC comment > in this section, given that it does not mention Annex E, and that it > expressly endorsed the NCSG comment (see: > <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0 > i9.pdf> > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i > 9.pdf), which we analyze in the previous section that supports the > premise of Annex E. > > From: <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org > <mailto:gnso-ppsai3-bounces@icann.org> ] On Behalf Of Kathy Kleiman > Sent: Wednesday, August 26, 2015 5:17 PM > To: gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > Hi All, > Tx to Darcy for the Overview work. I've taken her draft and added to it > my work on Section III as promised on the last call. I added more quotes > from commenters seeking court orders and the use of existing legal due > process mechanisms prior to disclosure of proxied data. There was a wide > array of comments on this issue, including from ISPs, individuals, > organizations, and companies. > > I used Darcy's version as the base. Both her edits (Overview) and my > edits (Section III) are shown in "track changes." > > Best, > Kathy > > : > Hi, all! > In follow up to our call earlier this week, attached is an updated > Sub-team 3 analysis draft with the overview added at the beginning. I > redlined my changes so you can clearly see what I¹ve done. I hope you > find that I present a clear and accurate overview. > > I also made some minor revisions to Section V (³Comments that did not > fit neatly into any of the above categories²) that I realized after > submitting my original draft of that section made a bit more sense. > Again, I¹ve redlined the changes so you can easily see what changed. > > Please let me know if there are any questions. > > Thanks, > Darcy > > > > > > > > > > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > <https://mm.icann.org/mailman/listinfo/gnso-ppsai3> > > > > <Revised Illustrative Disclosure Framework for Intellectual Property > Righ...[2][1].docx>_______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > <https://mm.icann.org/mailman/listinfo/gnso-ppsai3> > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 >
Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-ppsai3
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: * I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? * II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. * III(B): ? 5 calendar days: agree. See Transcript at 18. ? Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. ? "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. ? I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. * III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. * III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. * Annex One keep both options: agree. See Transcript at 26-27. From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: * I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). * The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). * I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: * I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. * You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. * Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): * Blacknight: https://www.blacknight.com/acceptable-usage.html. * Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. * EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. * 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. * Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. * DomainIt, Inc.: https://www.domainit.com/terms.html. * Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. * When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. * Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. * I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. * I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. * On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: * The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. * The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: * Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? * I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. * I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org From: "Williams, Todd" <Todd.Williams@turner.com> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn¹t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we¹ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don¹t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ ³Shall² over ³encouraged but not required to²: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation ³the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration² instead of the new proposed formulation ³name, mailing address, and contact information for service of process that it has for Customer.² See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that¹s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of ³optional² vs. ³mandatory² for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don¹t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don¹t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that¹s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that¹s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven¹t heard from many Sub Team members that they can do a Friday call, I¹m going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org
From: Sara Bockey <sbockey@godaddy.com> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I¹ve provided feedback in red below.
Sara
From: <gnso-ppsai3-bounces@icann.org> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team¹s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers I support this being retained.
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it.
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that¹s sent to them? Seems we need to clarify ³objectives². Limited to original request?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers¹ perspective Agree.
- saying ³encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree
- III.C.: use some other word than ³surrender², and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree
- III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate.
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? Yes.
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org
From: <gnso-ppsai3-bounces@icann.org> on behalf of Kathy Kleiman <kathy@kathykleiman.com> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com> wrote:
Works for me. Thanks Mary.
From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org
From: Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org> > Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> > Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org
From: "Williams, Todd" <Todd.Williams@turner.com> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org> > Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday)
> > Thank you Mary. I think a call is a good idea. Friday at or after 1900 > UTC is better for me. Though if we want to do tomorrow, I could do > 1400-1500 UTC or 1600-1800 UTC. > > > > Todd. > > > > From: gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong > Sent: Tuesday, September 22, 2015 5:05 AM > Cc: gnso-ppsai3@icann.org > Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call > yesterday) > Importance: High > > > > Hello again everyone, > > > > Following a discussion with the WG co-chairs yesterday, we would like to > suggest that the Sub Team consider doing a call this week to review the > notes from the last WG call (see below), with the goal of presenting > recommendations and/or alternative proposals to the full WG for > discussion next week (i.e. Tuesday 29 September). > > > > If you are able to do a call this week, would either Wednesday (at or > after 1400 UTC) or Friday (at or after 1900 UTC) work for you? > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > From: Mary Wong <mary.wong@icann.org> > Date: Wednesday, September 16, 2015 at 16:27 > Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: Follow up from WG call yesterday > > > > Hello everybody, > > > > Here are the notes I captured from the WG discussion yesterday; we > should have the full transcript and MP3 recording uploaded by tomorrow > at the latest but I thought these notes might be helpful, at least as an > initial framework for the next Sub Team discussion: > > > > Section I.B.(iii): > > - Need to discuss retaining it in some form; costs are real for > providers > > > > Section II: > > - Should there be provision for indemnification to provider against > misuse of data? (NOTE: unlikely to gain support, so possibly no need to > add) > > - A(6)(b)(ii): can a requester under the new wording keep/use the data > to assocate with other information about the registrant e.g. for future > or other requests? Does reverse apply to registrar/provider ie do they > keep data that's sent to them? > > > > Section III: > > - III.B: Secure communications may not be as easily or readily done as > might be desired (so revision is well-intended but maybe not entirely > practical) > > - 5 calendar days rather than 3 is more reasonable from providers' > perspective > > - saying "encouraged" but not mandating action would nullify need for > this section B (NOTE: many people on the call agree with this, one > objected) > > - III.C.: use some other word than ³surrender², and one that makes clear > this does not mean a transfer; in any event, clarify that it's a > deletion at the option of a customer (NOTE: there was some discussion > over whether providers must be required to offer this option; reminder > that previous WG discussions had led to agreement to NOT make it > mandatory due to varying provider practices) > > - III.C.(v) & (vi): do they overlap? Should they be merged? > > > > Annex I: > > - Keep both options to clarify they are two possible ways of dealing > with the issues? > > > > Would you like to do a Sub Team call to walk through these suggestions, > or should we continue to discuss first by email? I will check with the > WG co-chairs when they would like a revised, more finalized, set of > recommendations to be presented to the WG (if possible). > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > > > From: "Williams, Todd" <Todd.Williams@turner.com> > Date: Tuesday, September 15, 2015 at 21:19 > To: Holly Raiche <h.raiche@internode.on.net > <mailto:h.raiche@internode.on.net> >, Mary Wong <mary.wong@icann.org > <mailto:mary.wong@icann.org> > > Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Thanks Holly. As I mentioned when I circulated the draft (see attached > email): > > > > ³for Sara, Kathy, and the others on our sub-team who have argued that > ³verifiable evidence² means something higher let us know how you would > further edit Sections II(A), (B), and (C) to meet whatever ³higher² > standard you have in mind.² > > > > From:gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche > Sent: Tuesday, September 15, 2015 8:43 AM > To: Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org> > > Cc: gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Yes, it does help - particularly since I recognise my words in the > extract. What it suggests, however, is acceptance that the elements a > requested gives to a provider amounts to the standard of evidence that > is verifiable¹ - as described below. My question to the group, > therefore, is whether the addition of those words has been agreed upon > by the group. If not, the words should not be there; their mere > presence suggests agreement, and puts the onus on those of us who don¹t > agree to argue for the removal of words that were not agreed to. > > > > Sorry to be pedantic, folks, but the presence of those words suggests a > level of agreement that I am not aware of. > > > > Holly > > On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org> wrote: > > > > > > > Hi Holly and everyone, > > > > As Todd noted in his report to the full WG last week on behalf of the > Sub Team, the document doesn¹t represent the finished consensus product > of the Sub Team but rather is being presented as a tool for further WG > discussion. The document includes certain revisions that were added to > more fully reflect the comments that were received, and as such could be > one form of a revised Annex E however, as Todd mentioned, it isn¹t the > agreed result of the Sub Team¹s substantive analysis. > > > > Similarly, in the summary document that was also sent out in tandem, > here is how the Sub Team¹s discussion on the question of ³verifiable > evidence² was presented: > > > > "Further, the Save Domain Privacy petition, which had 10,042 signatories > and also included [x] number of additional statements, argued that > ³privacy providers should not be forced to reveal my private information > without verifiable evidence of wrongdoing.² We as a sub-team could not > agree on how to interpret ³verifiable evidence,² and will leave that > discussion to the larger WG. Some on the sub-team viewed these comments > as supporting Annex E because the requirements in Annex E as currently > formulated can be interpreted as constituting verifiable evidence, while > others on the sub-team interpret verifiable evidence¹ as requiring a > court order and therefore not in support of Annex E. However, some also > noted that the word ³verifiable² does not imply that the evidence has > been tested through a legal process; rather, it simply points toward > requiring that evidence provided must be credible/provable enough so > that, in a legal proceeding, it would withstand legal scrutiny, but does > not necessarily imply that there must have been a court process in all > cases." > > > > Does this help? > > > > Cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > > > From: Holly Raiche <h.raiche@internode.on.net> > Date: Tuesday, September 15, 2015 at 20:18 > To: Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org> >, > "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> " > <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> > > Cc: "Williams, Todd" <Todd.Williams@turner.com>, Sara Bockey > <sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Folks > > > > I apologise for not participating over the past week - I¹ve been away. > > > > My question is, next to the headings on request for templates, the words > after requester provides to the service provider, the words verifiable > evidence of wrong doing, including¹. > > > > What that implies is that the following text lists what would constitute > verifiable evidence¹ and indeed, the word including¹ suggests that > other elements can also constitute verifiable evidence¹. Has the group > agreed on this? > > > > My impression was that we had not yet agreed what the term meant, but > that it must be evidence of a very high standard - impliedly something > that could be used in court processes. I am not convinced that the > elements listed under Heading II meet that test. > > > > So Mary, others, was this agreed? > > > > Thanks > > > > Holly > > On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com> wrote: > > > > > > > Thanks, Todd. > > > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 1:18 PM > To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org" > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Thanks Sara. I¹m still confused. In order: > > > > · I still don¹t see any mention in the CDT comment re: removal of > alleged infringing materials in lieu of disclosure. I do see support > for the additional language that the attached draft adds to III(C)(vii) > about ³specific information, facts and/or circumstances showing that > disclosure to the Requester will endanger the safety of the Customer² > (in fact, that language was added specifically to capture the point of > the paragraph from the CDT comment that you¹ve quoted below). But that > is completely different from what you¹ve added, for which I cannot find > any support in any of the public comments. I also don¹t understand your > claim that ³rights and actions available to the registrant are sorely > lacking in Annex E² given that Annex E explicitly contemplates notice > to the registrant and contemplates input from the registrant in Sections > III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and > III(C)(vii). > > · The portion of the NCSG comment that you¹ve cited addressed the > appeals mechanism of Section III(F), not the reconsideration mechanism > of III(E). In fact, the attached draft removes the appeal mechanism of > III(F) precisely because of the language that you quoted below from the > NCSG comment (among others). But that language has nothing to do with > III(E). > > · I don¹t understand what the comments from Key Systems, Ralf > Haring, or Adam Creighton have to do with III(E) which again, is only > talking about a request for reconsideration. Moreover, the Key Systems > comment is simply inaccurate: the Disclosure Framework never ³assume[d] > disclosure if certain process steps are followed regardless of the > merits of the complaint² a point that the attached revised draft now > makes explicit in the preamble (³by not requiring that disclosure > automatically follow any given request²). > > > > Just to reiterate: I¹ve always viewed our job in the two documents that > our sub-team has drafted as being to accurately report to the larger WG > what the comments that we¹ve reviewed say. Which means two things: 1) > we have to be true to the comments, and not reinterpret them to say > something they don¹t; and 2) we have to reserve our advocacy for or > against certain points from those comments for the larger WG discussion. > That¹s what I tried to do in the attached. So if you want to argue > against Annex E, that¹s fine do so on the call tomorrow. In fact, I¹m > planning to argue against several of the proposed changes that are > included in the attached. But I still included those proposed changes > in the attached draft, and accurately noted which comments they were > based on because to do otherwise would be misleading to the larger WG. > > > > From: Sara Bockey [mailto:sbockey@godaddy.com] > Sent: Monday, September 14, 2015 3:50 PM > To: Williams, Todd <Todd.Williams@turner.com>; Mary Wong > <mary.wong@icann.org>; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Cc: Sara Bockey <sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Todd, > > > > Please see my comments inline below. > > > > Disclaimer: I do not support Annex E. > > > > Sara > > > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 11:57 AM > To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org" > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Sara: > > > > Two quick questions on this as I was getting ready for our call > tomorrow: > > > > 1) Your addition of a new III(C)(v) stating ³the Customer has > removed the infringing trademark and/or copyright material in lieu of > disclosure² what public comment that we reviewed was that change based > on? > > > > Based on CDT¹s comment re registrant¹s ability to respond to allegations > removal of alleged infringing materials in lieu of disclosure would > fall into this category. Rights and actions available to the registrant > are sorely lacking in Annex E. > > > Mere allegation of infringement or illegality is insufficient cause for > a provider to disclose a customer¹s data to a third party; it is > frequently trivially easy for a party abusing the system to allege > frivolous or nonexistent civil claims to justify a demand for personal > information. Registrants should have the ability and opportunity to > respond to the allegations and to the dangers to which they, their > families, and their organizations might be subjected, and to obtain > counsel on these matters. > Revealing a customer¹s registration data should only occur when there > has been a substantial > showing of likelihood of abuse and only after due process. > > > > > > 2)Can you show me where in the NCSG comment (here: > > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3 > q.pdf > > ) the NCSG argued for the addition of the clause ³in instances where > Requester has discovered and submitted additional evidence or > information which warrants consideration² to III(E)? You noted that > this change was based on the NCSG comment, but I can¹t find anything in > that comment that mentions III(E) though admittedly I could have > missed it. > > > > > Based on NCSG comment re unlimited appeals . > > Under no circumstances should Intellectual Property Interests, Law > Enforcement or any other Requestors have unlimited appeals to third > party dispute resolution providers. It will be far more than an > implementation detail to define this appellate procedure but a whole > new arbitration forum of its own will need to be created and a UDRP > process undiscussed and unplanned by this Working Group. All > deliberation about appeal mechanisms should be set aside at this time. > Any Intellectual Property owner or group that feels a Provider is > routinely denying appropriate requests will have full access to the > growing and increasingly responsive ICANN Compliance Team which will > be accessible to Complainers through the accreditation process now being > created. > > Key Systems¹ comment would also support this addition: > > We do not support the proposed Disclosure Framework as it assumes > disclosure if certain process steps are followed regardless of the > merits of the complaint. > > As well as Ralf Haring¹s comment: > > [Disagree with proposal that] Providers can be forced to give your > private contact details to anyone complaining that your site violates > their copyright or trademark. > > And Adam Creighton¹s comment: > > I think the language is too loose, and opens individuals up to frivolous > litigation from IP rights owners and third-party agencies whose > contracted relationship is to expand IP brand presence. > > > Thanks. > > > Todd. > > > > From: Sara Bockey [mailto:sbockey@godaddy.com] > Sent: Friday, September 04, 2015 4:40 PM > To: Williams, Todd <Todd.Williams@turner.com>; Mary Wong > <mary.wong@icann.org>; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Cc: Sara Bockey <sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Hi all, > > > > As promised, attached is a redline of my input to the proposed changes > Todd drafted. Todd was pretty thorough and had included several > revisions I had in mind based on the comments so my edits are limited to > a few comments and additions. > > > > Best regards, > > > > Sara > > > > > > From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" > Date: Wednesday, September 2, 2015 at 2:58 PM > To: Mary Wong, "gnso-ppsai3@icann.org" > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > All: > > > > As promised on our call, attached is a redline of the Draft Disclosure > Framework, with annotations noting the source of each proposed change. > Several notes as you review: > > > > · I know that we¹ve debated whether ³verifiable evidence² means > more than what is currently in Sections II(A), (B), and (C). You¹ll see > that I¹ve added the exact wording from the savedomainprivacy.org > <http://savedomainprivacy.org/> petition ³verifiable evidence of > wrongdoing² to those sections. I think that is a good fit, as of > right now. But for Sara, Kathy, and the others on our sub-team who have > argued that ³verifiable evidence² means something higher let us know > how you would further edit Sections II(A), (B), and (C) to meet whatever > ³higher² standard you have in mind. > > · You¹ll note that I briefly added a reference to the comment from > Com Laude (which I think we had omitted from our summary). And that I > did not reference the comment from Aaron Myers (which we¹ve referenced > in our summary, but which doesn¹t really offer any edits to the > Disclosure Framework). Otherwise I think I¹ve covered everything that > we reviewed in terms of edits to the Disclosure Framework though let > me know if anybody sees anything I¹ve missed. > > · Just to be clear for the record: the attached is a revised > Disclosure Framework that illustrates and attempts to account for all of > the proposed edits that we received from the public comments, for the > larger Working Group¹s reference. But it is not how I would have edited > the Disclosure Framework. In fact, I¹ll reserve the right to argue > against some of these proposed edits, once we get into the larger WG > discussion. Just wanted to make that clear so that nobody thinks these > edits are mine (since I¹m the one who drafted the document). > > > > Thanks. > > > > Todd. > > > > From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org > <mailto:gnso-ppsai3-bounces@icann.org> ] On Behalf Of Mary Wong > Sent: Wednesday, September 02, 2015 6:59 AM > To: gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> > Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration > > > > Hello again everyone, > > > > As you look through the proposed revised summary document (below), you > may also wish to consider whether some of the additional comments that > were included in Part 4 of the overall WG Public Comment Review Tool > might be useful such that additional notes or recommendations can be > made, or existing language amended. For your convenience I¹ve extracted > ten such comments which, while not sent in as specific responses to the > Preliminary Recommendations and Annex E that this Sub Team is analysing, > nonetheless seem relevant generally. > > > > I attach these ten comments in tabular form to this email, and welcome > the Sub Team¹s discussion and comments on whether any of them ought to > be considered as well as your thoughts on the summary document. > > > > As the Sub Team is due to report back to the full WG next Tuesday, > please let me know also if you think a call before then amongst the Sub > Team members might be needed. > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org <mailto:mary.wong@icann.org> > > > > > > From: Mary Wong <mary.wong@icann.org> > Date: Monday, August 31, 2015 at 15:46 > To: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hello everyone, in an attempt to facilitate further dialogue and, > hopefully, consensus on a way forward on this issue, I¹ve taken the > liberty of amending Kathy¹s document to take into account Holly¹s > comments as well as to attempt to place certain comments (e.g. the > ICA¹s, EasyDNS¹) more specifically within a particular category. I > attach both a redlined and clean copy of this latest updated version > (with the clean copy including yellow highlighted portions where the > most significant language changes are suggested). I have not yet broken > the comments down further into the registrant/provider distinction that > Todd noted, but can of course do so if this is viewed as useful. > > > > Please note that this is not a staff position that is being suggested, > but merely an attempt to document where the Sub Team¹s discussion seems > to be at the moment. I hope this is helpful. > > > > Cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org <mailto:mary.wong@icann.org> > > > > > > From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" > <Todd.Williams@turner.com> > Date: Friday, August 28, 2015 at 22:40 > To: Kathy Kleiman <kathy@kathykleiman.com>, "gnso-ppsai3@icann.org" > <gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Thanks Kathy. I both agree and disagree with what you¹ve said below. > > > > I strongly agree that ³the key is the quotes that have come out of the > comments.² I¹ve said repeatedly that our job as a sub-team is not to > advocate, but to simply present the comments to the WG in as accurate > and objective a way as possible. To the extent that we then want to > advocate for our own positions as part of the larger WG, we can do so. > Moreover, part of the reason why I feel so strongly that ³the key is the > quotes² is that I think we have to take the comments at face value, and > then debate as WG whether we can reach consensus on what they actually > say not on what we want them to say. That¹s why I felt so strongly > that ³verifiable evidence² should not be reinterpreted to mean a court > order. It is also what animated my email exchange with Stephanie in the > larger WG (attached). > > > > And if we are in fact faithful to what the comments actually say, then > it is a mistake to lump all of the ³court order² comments into one > monolithic group. I¹ve given some examples of substantive differences > below. But let me give another one: if we look at what they actually > say, the ³court order² comments are very much divided based on whether > the comment came from an individual registrant or from a > registrar/provider. Which of course makes sense: a registrant will tend > to look at these issues very differently than a provider. Specifically, > as you correctly note in our draft, the vast majority of comments > (11,000+) from individuals/registrants said that ³Everyone deserves the > right to privacy² and that ³No one¹s personal information should be > revealed without a court order, regardless of whether the request comes > from a private individual or law enforcement agency.² And of course, we > can understand why registrants would argue that their right to privacy > is inviolate, and that it should never be abrogated unless a court > blesses it. > > > > But note that the registrar/provider comments in the ³court order² group > do NOT say the same thing. Rather, they are focused on retaining their > discretion as to when to disclose or publish, and do not want an > accreditation standard that requires them to do so absent a court order. > Hence my point about the word ³require² in the Blacknight comment. See > also the Key Systems comment: ³Disclosure or publication should never be > the automatic result of a process, but rather remain an option of the > provider.² And others. So one key distinction b/w the > registrant/individual comments and the registrar/provider comments is > that the registrant comments do not want disclosure or publication EVER > unless following a court order, while the provider comments want a court > order first if SOMEBODY ELSE wants them to disclose or publish, but not > if THEY want to disclose or publish. And we can understand why, given > how many provider Terms of Service include language that gives them > discretion to basically turn off a P/P Service whenever they want (for > example, if the registrant stops paying them), without any kind of > process beforehand (due process or otherwise). See below (among many > others): > > > > · Blacknight: https://www.blacknight.com/acceptable-usage.html > <https://www.blacknight.com/acceptable-usage.html> . > > · Whoisprivacy.com <http://whoisprivacy.com/> , Ltd.: > http://www.whoisprivacyservices.com.au/terms.htm. > > · EuroDNS S.A.: > https://www.eurodns.com/terms-and-conditions/whois-privacy. > > · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. > > · Domain.com <http://domain.com/> , LLC: > http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. > > · DomainIt, Inc.: https://www.domainit.com/terms.html. > > · Moniker Privacy Services, LLC: > http://www.moniker.com/legal/registration-agreement > <http://www.moniker.com/legal/registration-agreement> . > > > > So we can understand why providers would not want an accreditation > regime that requires them to get a court order before they turn off a > registrant¹s privacy service (and to rewrite their Terms of Service > accordingly). In fact, Volker has already admitted both on the email > list (see attached) and on our weekly calls (see transcript of 8-11-15 > call) that such an accreditation requirement would have such a ³severe > impact² on the economic realities of providers (in other words, would > cost them so much money), that they could never agree to such a > requirement. But of course, if I¹m an individual registrant concerned > about my privacy and due process, then I could care less about the > ³economic realities² of providers. > > > > My point is only that we can¹t gloss over that important distinction > (and others) by lumping all of the ³court order² comments together as if > they were coming from the same place and advocating for the same thing. > They¹re not. > > > > From: Kathy Kleiman [mailto:kathy@kathykleiman.com] > Sent: Friday, August 28, 2015 8:44 AM > To: Williams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi Todd, > The entire WG is now looking to our comments to show what supports Annex > E (deemed generally to be a lower standard than court order) and Court > Order (deemed to be a much higher standard than Annex E). What we are > talking about is the floor, not the ceiling, right, for accreditation? > Namely, what is the minimum requirement for disclosure of proxied data? > I see it as really quite binary - up or down (Annex E or court order for > private requests to p/p providers) - but I can understand if the subteam > thinks differently. > > What I think is key is the quotes that have come out of the comments. > Provided we keep the quotes, I'm good.I can rework, but not until end of > weekend or early next week. > > Best, > Kathy > : > > Thanks Kathy. > > > > · When you say that ³in the weeks since the original draft, I > think the discussion has evolved from a multipart one . . . to a binary > one² what are you basing that on? Can you point to any transcripts or > emails? I certainly don¹t remember being part of those discussions. > > · Moreover, had I been involved in those discussions, I would have > objected, because I think that lumping the comments together in the way > that you have, and ignoring the categories that our sub-team had already > agreed upon, does a disservice to the nuance of the comments from > Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a > court. I think that is an important distinction between Categories 2 > and 3. And the fact that the ICA and EasyDNS comments would allow for > ³some exceptions for cases of abuse² is another important distinction > that the broader WG ought to know about. I¹m fine if we want to include > some sort of introductory sentence saying that __ comments opposed the > basic premise of Annex E (which we do). But to then argue that those > comments are monolithic, or that they all oppose the premise of Annex E > in the same way, is not accurate. > > · I simply understood the ISPCP comment to mean that allegations > of infringement should not always be automatically taken as true (³not > indisputably wronged parties²), and that some independent adjudicator > (meaning, somebody other than the IP owner who is making the allegation) > should evaluate the merits of those claims. Annex E as currently > drafted provides for that. But I also don¹t think that you or I should > necessarily be the ones to decide this argument. Why can¹t we just say > that we weren¹t quite sure what to do with this one (as was true with > some others), and take it to the larger WG for their consideration. > > · I think you¹re missing my point on Blacknight. My point is that > the key word is ³require.² As I mentioned below, nothing in Annex E > ³requires² Blacknight to disclose (merely to give reasons if they refuse > to disclose). So I don¹t see anything in their comment that is > inconsistent with Annex E. > > · On the APC comment: I don¹t disagree with you that the comment > has important value for the WG. But that¹s not the same thing as saying > that it advocates for disclosure only following a court order. It > doesn¹t. > > > > From: Kathy Kleiman [mailto:kathy@kathykleiman.com] > Sent: Wednesday, August 26, 2015 10:59 PM > To: Williams, Todd <Todd.Williams@turner.com> > <mailto:Todd.Williams@turner.com> ; gnso-ppsai3@icann.org > <mailto:gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi Todd, > Tx you for the close read. In the weeks since the original draft, I > think the discussion has evolved from a multipart one - such as the 5 > categories originally created in Section III -- to a more binary one: do > commenters support a system such as Annex E or do they want court order > prior to the reveal of the data? > > With apologies, I don't understand the differentiation into Categories > 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and > others not, but that does not take away from the totality of the > commenters who want court orders -- or want court orders for certain > categories of requests such as privacy requests to p/p providers from > third parties, such as intellectual property requests. To divide up > these comments really dilutes the argument, I think, as these commenters > favor court order for the key issue we are evaluating. > > So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy > DNS together in Category 2. > > The ISPCP Constituency Comments call for an "independent adjudicator" to > "determine the merits of their ("intellectual property rights holders") > claims. I thought that was pretty clear reference to a judge or > magistrate, but if you see it differently, please let me know. > > Re Blacknight, on the issue of Annex E or court order, the comments > appear to come down squarely for court orders. For LEA, it recommends a > different approach, but there is no reference to Annex E, only "a > request from law enforcement, Irish consumer protection agencies or a > court order with jurisdiction over us." The intellectual property > requests falls into the final category -- court order -- and as such, > this comment would be properly listed here. > > Re: APC, Alliance for Progressive Communications, you are right that I > missed a step in putting this comment forward. The question this quote > addresses, and it is a valuable one, is court orders and jurisdiction -- > from which jurisdiction are court orders are valid? Here APC provides > us with unique insight, very worth passing onto the WG: that release of > domain name data in some countries has and will continue to result in > arrest, prosecution, conviction, etc. of "domain owners" who are > "exercising activism" online. This is a very tough issue that we > discussed in the WG, and APC is on the ground in Africa and near the > Middle East to see abuses first hand. > > As the WG explores the issue of court orders, the next question is: from > what jurisdiction should/must p/p provider accept a court order? The APC > comment reminds us that what is clearly legal in one country is > punishable in another -- and that jurisdictional issues for court orders > are a key part of what we (the WG) have to keep in mind. If you would > like to create a introductory paragraph, or new section, for this type > of discussion, I would certainly welcome it! > > Best, > Kathy > : > > Thanks Kathy. One minor formatting suggestion: > > > > I think the spectrum that we outline on page 5 (Categories 1-4) is > useful, because not all of these comments are advocating for the same > thing. Yet the quotes that we¹ve added from the comments are all > included under Category 2, which is somewhat confusing. I would suggest > that we move: > > > > · The quotes from the comments from Google, Endurance > International Group, and Jeff Wheelhouse to the paragraph on Category 3. > > · The quotes from the comments from ICA and Easy DNS to the > paragraph on Category 4. > > > > Also, I saw that you added quotes from the comments from ISPCPC, > Blacknight, and the Association for Progressive Communications, even > though those weren¹t in our initial summary and don¹t specifically > mention Annex E. My thoughts on each: > > > > · Here¹s the full ISPCPC quote, from a section titled ³Regarding > LEA definitions & differentiations²: ³While we respect the desire to > utilize the official ICANN definition of Law Enforcement Agent (LEA), we > acknowledge that intellectual property rights holders and private anti > abuse organizations should be treated as complainants and not > indisputably wronged parties, and accordingly an independent adjudicator > should determine the merits of their claim before rights that users > would otherwise have are abrogated by reason of those lawyers' claims.² > To be honest, I¹m not really sure what to make of that (especially given > that it is included under a heading about LEA definitions). But I¹m not > sure that we can assume that it means disclosure only following a court > order. Why would Annex E as currently drafted not satisfy the standard > of ³an independent adjudicator should determine the merits of their > claim²? > > · I also don¹t understand why we would think that the Blacknight > quote is incompatible with Annex E. All it says is that ³any policy > that would require us to divulge our client¹s information in the absence > of either a request from law enforcement, Irish consumer protection > agencies or a court order with jurisdiction over us is incompatible with > Irish law.² But Annex E as currently drafted doesn¹t require Blacknight > to divulge its client¹s information. Rather, it gives Blacknight the > discretion to make that decision; all it requires is that Blacknight > provide the complainant with its reasoning if it chooses to refuse. > > · I don¹t understand why we¹d include a quote from the APC comment > in this section, given that it does not mention Annex E, and that it > expressly endorsed the NCSG comment (see: > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i > 9.pdf), which we analyze in the previous section that supports the > premise of Annex E. > > > > From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org > <mailto:gnso-ppsai3-bounces@icann.org> ] On Behalf Of Kathy Kleiman > Sent: Wednesday, August 26, 2015 5:17 PM > To: gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi All, > Tx to Darcy for the Overview work. I've taken her draft and added to it > my work on Section III as promised on the last call. I added more quotes > from commenters seeking court orders and the use of existing legal due > process mechanisms prior to disclosure of proxied data. There was a wide > array of comments on this issue, including from ISPs, individuals, > organizations, and companies. > > I used Darcy's version as the base. Both her edits (Overview) and my > edits (Section III) are shown in "track changes." > > Best, > Kathy > > : > > Hi, all! > > In follow up to our call earlier this week, attached is an updated > Sub-team 3 analysis draft with the overview added at the beginning. I > redlined my changes so you can clearly see what I¹ve done. I hope you > find that I present a clear and accurate overview. > > > > I also made some minor revisions to Section V (³Comments that did not > fit neatly into any of the above categories²) that I realized after > submitting my original draft of that section made a bit more sense. > Again, I¹ve redlined the changes so you can easily see what changed. > > > > Please let me know if there are any questions. > > > > Thanks, > > Darcy > > > > > > > > > > > > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > <https://mm.icann.org/mailman/listinfo/gnso-ppsai3> > > > > > > > <Revised Illustrative Disclosure Framework for Intellectual Property > Righ...[2][1].docx>_______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > <https://mm.icann.org/mailman/listinfo/gnso-ppsai3> > > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > <https://mm.icann.org/mailman/listinfo/gnso-ppsai3> > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green *From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: _Sub Team members to circulate to this email list their comments/suggestions_on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers * I support this being retained.**I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. * ** Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.**+1* - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. * * Limited to original request? **Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). * *According to comments received, we should * * a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments],* *b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here]* *c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, * *d) create a penalty sufficiently severe to deter violations (perhaps a bond).* ** */The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. /* Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree. * - saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree **Sorry, but I don’t see how using the word encouraged nullifies Section B. * * - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** * ** - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree**; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. * ** - III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate. **Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. * Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.**I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)* Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org <mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
·I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
·II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
·III(B):
§5 calendar days: agree. See Transcript at 18.
§Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§“Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
·III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
·III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
·Annex One keep both options: agree. See Transcript at 26-27.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red*below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
·I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
·The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
·I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1)Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
·I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
·You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
·Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
·Blacknight:https://www.blacknight.com/acceptable-usage.html.
·Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
·EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
·1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
·Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
·DomainIt, Inc.:https://www.domainit.com/terms.html.
·Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
·When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
·Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
·I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
·I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
·On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
·The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
·The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
·Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
·I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
·I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Thanks for doing this, Kathy. I'd offered on Friday to update the document for circulation to the WG, on the understanding that the revisions would not have been discussed fully by the sub team. As you've indicated that you plan to address Todd's comments, shall I hold off? I'm about to get on a flight back to Boston from San Francisco and will try to get on wifi during the flight. In the meantime I'll await suggestions from Kathy and other sub team members on this. Cheers Mary Sent from my iPhone
On Sep 28, 2015, at 11:11, Kathy Kleiman <kathy@kathykleiman.com> wrote:
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters.
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? Seems we need to clarify “objectives”.
Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should
a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond).
The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation.
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective Agree.
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don’t see how using the word encouraged nullifies Section B.
- **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.**
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer.
- III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked.
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in red below.
Sara
From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained.
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? Seems we need to clarify “objectives”. Limited to original request?
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers’ perspective Agree. - saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate.
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes.
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <<mailto:kathy@kathykleiman.com>kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <<mailto:h.raiche@internode.on.net>h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Holly Raiche <<mailto:h.raiche@internode.on.net>h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
From: Sara Bockey [<mailto:sbockey@godaddy.com>mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer’s registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
From: Sara Bockey [<mailto:sbockey@godaddy.com>mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind. · You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how I would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <<mailto:kathy@kathykleiman.com>kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: <http://www.whoisprivacyservices.com.au/terms.htm> http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: <https://www.eurodns.com/terms-and-conditions/whois-privacy> https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: <http://www.1and1.com/TcPdr?__lf=Static> http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: <http://www.domain.com/legal/legal_domain.bml#domain-privacy-service> http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: <https://www.domainit.com/terms.html> https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
From: Kathy Kleiman [<mailto:kathy@kathykleiman.com>mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy : Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
From: Kathy Kleiman [<mailto:kathy@kathykleiman.com>mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <mailto:Todd.Williams@turner.com> <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy : Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”? · I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...> http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
: Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks, Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list <mailto:Gnso-ppsai3@icann.org>Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list <mailto:Gnso-ppsai3@icann.org>Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hi Mary, Yes, I would certainly hold off. Tx you! Kathy Hi Mary, Todd, Sara and All, Before any further edits go in, I do think we need a subteam call. We seem to be editing language that many commenters felt was fixed and on which support for the WG's work was based (Section III) in particular. I have to object strongly to many of the edits particularly of Section III and Appendix (and still reviewing), so I would value: a) a discussion with the subteam and b) an opportunity to return to the original Annex E and edit from there together with the subteam since our discussion string does not include many of the substantive edits now included... Best, Kathy On 9/28/2015 2:22 PM, Mary Wong wrote:
Thanks for doing this, Kathy. I'd offered on Friday to update the document for circulation to the WG, on the understanding that the revisions would not have been discussed fully by the sub team.
As you've indicated that you plan to address Todd's comments, shall I hold off? I'm about to get on a flight back to Boston from San Francisco and will try to get on wifi during the flight. In the meantime I'll await suggestions from Kathy and other sub team members on this.
Cheers Mary
Sent from my iPhone
On Sep 28, 2015, at 11:11, Kathy Kleiman <kathy@kathykleiman.com> wrote:
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters.
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? Seems we need to clarify “objectives”.
Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should
a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond).
The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation.
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective Agree.
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don’t see how using the word encouraged nullifies Section B.
- **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.**
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer.
- III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked.
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in red below.
Sara
From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained.
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? Seems we need to clarify “objectives”. Limited to original request?
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers’ perspective Agree. - saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate.
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes.
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <<mailto:kathy@kathykleiman.com>kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <<mailto:h.raiche@internode.on.net>h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Holly Raiche <<mailto:h.raiche@internode.on.net>h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
From: Sara Bockey [<mailto:sbockey@godaddy.com>mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer’s registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
From: Sara Bockey [<mailto:sbockey@godaddy.com>mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind. · You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how I would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <<mailto:kathy@kathykleiman.com>kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: <http://www.whoisprivacyservices.com.au/terms.htm> http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: <https://www.eurodns.com/terms-and-conditions/whois-privacy> https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: <http://www.1and1.com/TcPdr?__lf=Static> http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: <http://www.domain.com/legal/legal_domain.bml#domain-privacy-service> http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: <https://www.domainit.com/terms.html> https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
From: Kathy Kleiman [<mailto:kathy@kathykleiman.com>mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy : Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
From: Kathy Kleiman [<mailto:kathy@kathykleiman.com>mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <mailto:Todd.Williams@turner.com> <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy : Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”? · I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...> http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
: Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks, Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list <mailto:Gnso-ppsai3@icann.org>Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list <mailto:Gnso-ppsai3@icann.org>Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
For me, the way proposed changes have been presented recently has been confusing and trying to find the “current” document to compare to problematic. Referring to things piecemeal is not productive, IMHO. We really should be able to see a redline or something that displays the entire document/whole picture. Sara On 9/28/15, 11:41 AM, "gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> on behalf of Kathy Kleiman" <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> on behalf of kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> wrote: Hi Mary, Yes, I would certainly hold off. Tx you! Kathy Hi Mary, Todd, Sara and All, Before any further edits go in, I do think we need a subteam call. We seem to be editing language that many commenters felt was fixed and on which support for the WG's work was based (Section III) in particular. I have to object strongly to many of the edits particularly of Section III and Appendix (and still reviewing), so I would value: a) a discussion with the subteam and b) an opportunity to return to the original Annex E and edit from there together with the subteam since our discussion string does not include many of the substantive edits now included... Best, Kathy On 9/28/2015 2:22 PM, Mary Wong wrote: Thanks for doing this, Kathy. I'd offered on Friday to update the document for circulation to the WG, on the understanding that the revisions would not have been discussed fully by the sub team. As you've indicated that you plan to address Todd's comments, shall I hold off? I'm about to get on a flight back to Boston from San Francisco and will try to get on wifi during the flight. In the meantime I'll await suggestions from Kathy and other sub team members on this. Cheers Mary Sent from my iPhone On Sep 28, 2015, at 11:11, Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> wrote: Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org><mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? Seems we need to clarify “objectives”. Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers’ perspective Agree. - saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don’t see how using the word encouraged nullifies Section B. - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org><mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org><mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine. · Annex One keep both options: agree. See Transcript at 26-27. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org><mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org><mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com><mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I’ve provided feedback in red below. Sara From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? Seems we need to clarify “objectives”. Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers’ perspective Agree. - saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org><mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org><mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <<mailto:kathy@kathykleiman.com>kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org><mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone – can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org><mailto:mary.wong@icann.org> From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org><mailto:mary.wong@icann.org> From: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org><mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org><mailto:mary.wong@icann.org> From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org><mailto:mary.wong@icann.org> From: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <<mailto:h.raiche@internode.on.net>h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): “for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.” From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org><mailto:mary.wong@icann.org> From: Holly Raiche <<mailto:h.raiche@internode.on.net>h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I’ve been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’…. What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I’m still confused. In order: · I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”). Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG. From: Sara Bockey [<mailto:sbockey@godaddy.com>mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on? Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer’s registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created. Key Systems’ comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring’s comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton’s comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [<mailto:sbockey@godaddy.com>mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind. · You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how I would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document). Thanks. Todd. From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org><mailto:mary.wong@icann.org> From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org><mailto:mary.wong@icann.org> From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <<mailto:kathy@kathykleiman.com>kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you’ve said below. I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: <http://www.whoisprivacyservices.com.au/terms.htm> http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: <https://www.eurodns.com/terms-and-conditions/whois-privacy> https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: <http://www.1and1.com/TcPdr?__lf=Static> http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: <http://www.domain.com/legal/legal_domain.bml#domain-privacy-service> http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: <https://www.domainit.com/terms.html> https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers. My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not. From: Kathy Kleiman [<mailto:kathy@kathykleiman.com>mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t. From: Kathy Kleiman [<mailto:kathy@kathykleiman.com>mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <mailto:Todd.Williams@turner.com> <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each: · Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”? · I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...> http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org><mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list <mailto:Gnso-ppsai3@icann.org>Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list <mailto:Gnso-ppsai3@icann.org>Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org><mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org><mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org><mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hi Kathy and everyone - I don't think we will be able to do a sub team call before the WG call tomorrow. As such, perhaps I can just update the document with those comments that seemed to get some support from sub team members for WG circulation, leaving the others to be framed for WG deliberation by the sub team in accordance with this email discussion. Will that work? I'm conscious it's now Monday afternoon and evening for North America and Europe, and late night/early morning for the APAC region especially, and would like to get something out to the WG in good time. To that end, hopefully sub team members will have the chance to review the transcript and/or recording of the WG call from 15 September before tomorrow, as some of that discussion may be helpful in guiding the WG toward progress on this issue over the WG going back to restart earlier discussions. Thanks and cheers Mary Sent from my iPhone
On Sep 28, 2015, at 11:43, Kathy Kleiman <kathy@kathykleiman.com> wrote:
Hi Mary, Yes, I would certainly hold off. Tx you! Kathy
Hi Mary, Todd, Sara and All, Before any further edits go in, I do think we need a subteam call. We seem to be editing language that many commenters felt was fixed and on which support for the WG's work was based (Section III) in particular. I have to object strongly to many of the edits particularly of Section III and Appendix (and still reviewing), so I would value: a) a discussion with the subteam and b) an opportunity to return to the original Annex E and edit from there together with the subteam since our discussion string does not include many of the substantive edits now included...
Best, Kathy
On 9/28/2015 2:22 PM, Mary Wong wrote: Thanks for doing this, Kathy. I'd offered on Friday to update the document for circulation to the WG, on the understanding that the revisions would not have been discussed fully by the sub team.
As you've indicated that you plan to address Todd's comments, shall I hold off? I'm about to get on a flight back to Boston from San Francisco and will try to get on wifi during the flight. In the meantime I'll await suggestions from Kathy and other sub team members on this.
Cheers Mary
Sent from my iPhone
On Sep 28, 2015, at 11:11, Kathy Kleiman <kathy@kathykleiman.com> wrote:
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters.
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? Seems we need to clarify “objectives”.
Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should
a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond).
The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation.
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective Agree.
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don’t see how using the word encouraged nullifies Section B.
- **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.**
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer.
- III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked.
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in red below.
Sara
From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained.
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? Seems we need to clarify “objectives”. Limited to original request?
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers’ perspective Agree. - saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate.
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes.
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <<mailto:kathy@kathykleiman.com>kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <<mailto:h.raiche@internode.on.net>h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Holly Raiche <<mailto:h.raiche@internode.on.net>h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
From: Sara Bockey [<mailto:sbockey@godaddy.com>mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer’s registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
From: Sara Bockey [<mailto:sbockey@godaddy.com>mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind. · You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how I would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org>
From: <<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <<mailto:kathy@kathykleiman.com>kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: <http://www.whoisprivacyservices.com.au/terms.htm> http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: <https://www.eurodns.com/terms-and-conditions/whois-privacy> https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: <http://www.1and1.com/TcPdr?__lf=Static> http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: <http://www.domain.com/legal/legal_domain.bml#domain-privacy-service> http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: <https://www.domainit.com/terms.html> https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
From: Kathy Kleiman [<mailto:kathy@kathykleiman.com>mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy : Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
From: Kathy Kleiman [<mailto:kathy@kathykleiman.com>mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <mailto:Todd.Williams@turner.com> <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy : Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”? · I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...> http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
: Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks, Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list <mailto:Gnso-ppsai3@icann.org>Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list <mailto:Gnso-ppsai3@icann.org>Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: * I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? * II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. * III(B): ? 5 calendar days: agree. See Transcript at 18. ? Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. ? "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. ? I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. * III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. * III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. * Annex One keep both options: agree. See Transcript at 26-27. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: * I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). * The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). * I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: * I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. * You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. * Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): * Blacknight: https://www.blacknight.com/acceptable-usage.html. * Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. * EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. * 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. * Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. * DomainIt, Inc.: https://www.domainit.com/terms.html. * Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. * When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. * Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. * I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. * I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. * On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: * The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. * The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: * Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? * I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. * I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: * I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? * II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. * III(B): ? 5 calendar days: agree. See Transcript at 18. ? Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. ? "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. ? I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. * III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. * III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. * Annex One keep both options: agree. See Transcript at 26-27. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: * I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). * The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). * I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: * I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. * You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. * Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): * Blacknight: https://www.blacknight.com/acceptable-usage.html. * Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. * EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. * 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. * Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. * DomainIt, Inc.: https://www.domainit.com/terms.html. * Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. * When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. * Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. * I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. * I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. * On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: * The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. * The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: * Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? * I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. * I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote:
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…...
*From:*gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Williams, Todd *Sent:* Monday, September 28, 2015 3:47 PM *To:* Kathy Kleiman <kathy@kathykleiman.com>; gnso-ppsai3@icann.org *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Can I ask what edits to III(C) you’re concerned about?
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Monday, September 28, 2015 2:09 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions *Importance:* High
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most –unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers ***I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. *
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it. +1*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify **“**objectives**”**. *****
* Limited to original request? ** Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). *
*According to comments received, we should *
* a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments],*
*b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here]*
*c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, *
*d) create a penalty sufficiently severe to deter violations (perhaps a bond). *
**
*/The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. /*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’perspective *Agree. *
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree Sorry, but I don**’**t see how using the word encouraged nullifies Section B. *
* - **I don**’**t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the **“**due process**”**protections that thousands of commenters sought to protect.** *
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree; I actually think the word **“**surrender**”**is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. *
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate. Let**’**s discuss the wording of vi. It**’**s getting close, but needs to be tweaked. *
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes. I think the edits as noted make sense **–**deletion of Option 1 and editing of Option 2 (now just Annex I)*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Friday, September 25, 2015 at 23:52 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
·I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
·II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
·III(B):
§5 calendar days: agree. See Transcript at 18.
§Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§“Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
·III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
·III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
·Annex One keep both options: agree. See Transcript at 26-27.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red*below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
·I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
·The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
·I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1)Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
·I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
·You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
·Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
·Blacknight:https://www.blacknight.com/acceptable-usage.html.
·Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
·EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
·1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
·Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
·DomainIt, Inc.:https://www.domainit.com/terms.html.
·Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
·When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
·Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
·I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
·I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
·On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
·The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
·The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
·Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
·I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
·I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team's work that you think "raises the standard for denial" in the manner that you've identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. · Annex One keep both options: agree. See Transcript at 26-27. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: · I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. · You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: · Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? · I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote:
Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team’s work that you think “raises the standard for denial” in the manner that you’ve identified?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:41 AM *To:* Williams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts.
Best, Kathy
On 9/29/2015 9:16 AM, Williams, Todd wrote:
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…...
*From:* gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Williams, Todd *Sent:* Monday, September 28, 2015 3:47 PM *To:* Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Can I ask what edits to III(C) you’re concerned about?
*From:* gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Monday, September 28, 2015 2:09 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions *Importance:* High
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. *
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it. +1*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. *
* Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). *
*According to comments received, we should *
* a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments],*
*b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here]*
*c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, *
*d) create a penalty sufficiently severe to deter violations (perhaps a bond). *
**
*/The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. /*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree. *
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree Sorry, but I don’t see how using the word encouraged nullifies Section B. *
* - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** *
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. *
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. *
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Friday, September 25, 2015 at 23:52 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
*From:* gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red* below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
· The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
· I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
· You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
· Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight:https://www.blacknight.com/acceptable-usage.html.
· Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
· EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
· 1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
· Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
· DomainIt, Inc.:https://www.domainit.com/terms.html.
· Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
· Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
· I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
· I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
· On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
· The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
· I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
· I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I'm even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG's Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don't understand your claim from your email yesterday (attached) that "I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form." From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team's work that you think "raises the standard for denial" in the manner that you've identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. · Annex One keep both options: agree. See Transcript at 26-27. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: · I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. · You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: · Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? · I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Per Mary's latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you'd like. From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kathykleiman.com>; gnso-ppsai3@icann.org Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I'm even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG's Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don't understand your claim from your email yesterday (attached) that "I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form." From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team's work that you think "raises the standard for denial" in the manner that you've identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. · Annex One keep both options: agree. See Transcript at 26-27. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: · I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. · You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: · Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? · I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Tx Todd, I'll be able to work on this tomorrow afternoon. Is there a number I might reach you at? Tx, Kathy :
Per Mary’s latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you’d like.
*From:*Williams, Todd *Sent:* Tuesday, September 29, 2015 11:42 AM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com>; gnso-ppsai3@icann.org *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I’m even more confused.
As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG’s Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did _not_ specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don’t understand your claim from your email yesterday (attached) that “I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form.”
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:54 AM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Hi Todd, Looking forward to seeing you on the call! Kathy
On 9/29/2015 9:46 AM, Williams, Todd wrote:
Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team’s work that you think “raises the standard for denial” in the manner that you’ve identified?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:41 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts.
Best, Kathy
On 9/29/2015 9:16 AM, Williams, Todd wrote:
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…...
*From:* gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Williams, Todd *Sent:* Monday, September 28, 2015 3:47 PM *To:* Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Can I ask what edits to III(C) you’re concerned about?
*From:* gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Monday, September 28, 2015 2:09 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions *Importance:* High
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. *
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it. +1*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. *
* Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). *
*According to comments received, we should *
* a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments],*
*b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here]*
*c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, *
*d) create a penalty sufficiently severe to deter violations (perhaps a bond). *
**
*/The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. /*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree. *
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree Sorry, but I don’t see how using the word encouraged nullifies Section B. *
* - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** *
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. *
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. *
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Friday, September 25, 2015 at 23:52 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
*From:* gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red* below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
· The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
· I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso -ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
· You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
· Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight:https://www.blacknight.com/acceptable-usage.html.
· Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
· EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
· 1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
· Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
· DomainIt, Inc.:https://www.domainit.com/terms.html.
· Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
· Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
· I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
· I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
· On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
· The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
· I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
· I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
All: Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I've flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference: · The language "comply with all applicable data protection laws while retaining Customer's contact details and" was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b). · The language "using secure communication channels" was added back to III(B)(i). As I told Kathy: I don't have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it. · On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed "a reasonable basis for" to "a basis for reasonably" in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made. · For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, "which all Providers must either allow or be allowed to allow." So that is what you see there. · We moved III(C)(vi) back to its own section - in the draft yesterday it had been collapsed into III(C)(v). · We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn't add any language per se - just added a note in the comment highlighting that point. Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend. Todd. From: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'Kathy Kleiman' <kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org' <gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary's latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you'd like. From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I'm even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG's Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don't understand your claim from your email yesterday (attached) that "I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form." From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team's work that you think "raises the standard for denial" in the manner that you've identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. · Annex One keep both options: agree. See Transcript at 26-27. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: · I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. · You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: · Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? · I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hi All, Tx to Todd for his time and notes! I look forward to reviewing the draft, as I hope you will. One quick note below... :
All:
Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I’ve flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference:
·The language “comply with all applicable data protection laws while retaining Customer’s contact details and” was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b).
==> this is an "add back." it was in the immediately prior versions (and the one we reviewed together on Tuesday), but removed due to something I said. Since I was referring to other parts of the subsection, but not this one, Todd and I added it back in.
·The language “using secure communication channels” was added back to III(B)(i). As I told Kathy: I don’t have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it.
·On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed “a reasonable basis for” to “a basis for reasonably” in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made.
·For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, “which all Providers must either allow or be allowed to allow.” So that is what you see there.
·We moved III(C)(vi) back to its own section – in the draft yesterday it had been collapsed into III(C)(v).
·We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn’t add any language /per se/ – just added a note in the comment highlighting that point.
Best and have a good weekend, Kathy
Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend.
Todd.
*From:*Williams, Todd *Sent:* Thursday, October 01, 2015 5:52 PM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org' <gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Per Mary’s latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you’d like.
*From:*Williams, Todd *Sent:* Tuesday, September 29, 2015 11:42 AM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I’m even more confused.
As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG’s Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did _not_ specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don’t understand your claim from your email yesterday (attached) that “I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form.”
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:54 AM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Hi Todd, Looking forward to seeing you on the call! Kathy
On 9/29/2015 9:46 AM, Williams, Todd wrote:
Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team’s work that you think “raises the standard for denial” in the manner that you’ve identified?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:41 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts.
Best, Kathy
On 9/29/2015 9:16 AM, Williams, Todd wrote:
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…...
*From:* gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Williams, Todd *Sent:* Monday, September 28, 2015 3:47 PM *To:* Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Can I ask what edits to III(C) you’re concerned about?
*From:* gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Monday, September 28, 2015 2:09 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions *Importance:* High
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. *
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it. +1*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. *
* Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). *
*According to comments received, we should *
* a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments],*
*b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here]*
*c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, *
*d) create a penalty sufficiently severe to deter violations (perhaps a bond). *
**
*/The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. /*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree. *
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree Sorry, but I don’t see how using the word encouraged nullifies Section B. *
* - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** *
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. *
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. *
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Friday, September 25, 2015 at 23:52 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
*From:* gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red* below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
· The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
· I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
· You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
· Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight:https://www.blacknight.com/acceptable-usage.html.
· Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
· EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
· 1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
· Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
· DomainIt, Inc.:https://www.domainit.com/terms.html.
· Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
· Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
· I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
· I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
· On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
· The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
· I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
· I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
Yes, good clarification, thanks Kathy. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, October 02, 2015 6:11 PM To: Williams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi All, Tx to Todd for his time and notes! I look forward to reviewing the draft, as I hope you will. One quick note below... : All: Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I've flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference: · The language "comply with all applicable data protection laws while retaining Customer's contact details and" was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b). ==> this is an "add back." it was in the immediately prior versions (and the one we reviewed together on Tuesday), but removed due to something I said. Since I was referring to other parts of the subsection, but not this one, Todd and I added it back in. · The language "using secure communication channels" was added back to III(B)(i). As I told Kathy: I don't have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it. · On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed "a reasonable basis for" to "a basis for reasonably" in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made. · For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, "which all Providers must either allow or be allowed to allow." So that is what you see there. · We moved III(C)(vi) back to its own section - in the draft yesterday it had been collapsed into III(C)(v). · We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn't add any language per se - just added a note in the comment highlighting that point. Best and have a good weekend, Kathy Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend. Todd. From: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'Kathy Kleiman' <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary's latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you'd like. From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I'm even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG's Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don't understand your claim from your email yesterday (attached) that "I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form." From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team's work that you think "raises the standard for denial" in the manner that you've identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. · Annex One keep both options: agree. See Transcript at 26-27. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: · I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. · You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: · Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? · I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Thanks, Kathy and Todd! Just wondering if it's ok to send this version to the WG with the usual caveats. As we're also expecting a document from sub team 4 my concern is that sending both on Monday night mean people have little time to review either. Please advise - thanks! Cheers Mary Sent from my iPhone On Oct 2, 2015, at 18:12, Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> wrote: Hi All, Tx to Todd for his time and notes! I look forward to reviewing the draft, as I hope you will. One quick note below... : All: Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I’ve flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference: · The language “comply with all applicable data protection laws while retaining Customer’s contact details and” was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b). ==> this is an "add back." it was in the immediately prior versions (and the one we reviewed together on Tuesday), but removed due to something I said. Since I was referring to other parts of the subsection, but not this one, Todd and I added it back in. · The language “using secure communication channels” was added back to III(B)(i). As I told Kathy: I don’t have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it. · On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed “a reasonable basis for” to “a basis for reasonably” in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made. · For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, “which all Providers must either allow or be allowed to allow.” So that is what you see there. · We moved III(C)(vi) back to its own section – in the draft yesterday it had been collapsed into III(C)(v). · We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn’t add any language per se – just added a note in the comment highlighting that point. Best and have a good weekend, Kathy Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend. Todd. From: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'Kathy Kleiman' <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary’s latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you’d like. From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I’m even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG’s Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...> http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don’t understand your claim from your email yesterday (attached) that “I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form.” From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team’s work that you think “raises the standard for denial” in the manner that you’ve identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…... From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you’re concerned about? From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? Seems we need to clarify “objectives”. Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers’ perspective Agree. - saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don’t see how using the word encouraged nullifies Section B. - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine. · Annex One keep both options: agree. See Transcript at 26-27. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I’ve provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? Seems we need to clarify “objectives”. Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers’ perspective Agree. - saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <<mailto:kathy@kathykleiman.com>kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone – can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <<mailto:h.raiche@internode.on.net>h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): “for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.” From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <<mailto:h.raiche@internode.on.net>h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I’ve been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’…. What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I’m still confused. In order: · I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”). Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG. From: Sara Bockey [<mailto:sbockey@godaddy.com>mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on? Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer’s registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pdf>http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pdf ) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created. Key Systems’ comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring’s comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton’s comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [<mailto:sbockey@godaddy.com>mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <<mailto:sbockey@godaddy.com>sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind. · You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how I would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document). Thanks. Todd. From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <<mailto:mary.wong@icann.org>mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: <mailto:mary.wong@icann.org> mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <<mailto:kathy@kathykleiman.com>kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <<mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you’ve said below. I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: <https://www.blacknight.com/acceptable-usage.html> https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: <http://www.whoisprivacyservices.com.au/terms.htm> http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: <https://www.eurodns.com/terms-and-conditions/whois-privacy> https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: <http://www.1and1.com/TcPdr?__lf=Static> http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: <http://www.domain.com/legal/legal_domain.bml#domain-privacy-service> http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: <https://www.domainit.com/terms.html> https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers. My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not. From: Kathy Kleiman [<mailto:kathy@kathykleiman.com>mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <<mailto:Todd.Williams@turner.com>Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t. From: Kathy Kleiman [<mailto:kathy@kathykleiman.com>mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <mailto:Todd.Williams@turner.com> <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each: · Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”? · I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...> http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:<mailto:gnso-ppsai3-bounces@icann.org>gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list <mailto:Gnso-ppsai3@icann.org>Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list <mailto:Gnso-ppsai3@icann.org>Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list <mailto:Gnso-ppsai3@icann.org>Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday. Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data? This is a huge open issues. Ideas welcome! Kathy -------- Forwarded Message -------- Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Date: Fri, 2 Oct 2015 21:35:30 +0000 From: Williams, Todd <Todd.Williams@turner.com> To: Kathy Kleiman <kathy@kathykleiman.com>, gnso-ppsai3@icann.org <gnso-ppsai3@icann.org> All: Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I’ve flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference: ·The language “comply with all applicable data protection laws while retaining Customer’s contact details and” was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b). ·The language “using secure communication channels” was added back to III(B)(i). As I told Kathy: I don’t have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it. ·On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed “a reasonable basis for” to “a basis for reasonably” in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made. ·For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, “which all Providers must either allow or be allowed to allow.” So that is what you see there. ·We moved III(C)(vi) back to its own section – in the draft yesterday it had been collapsed into III(C)(v). ·We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn’t add any language /per se/ – just added a note in the comment highlighting that point. Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend. Todd. *From:*Williams, Todd *Sent:* Thursday, October 01, 2015 5:52 PM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org' <gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary’s latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you’d like. *From:*Williams, Todd *Sent:* Tuesday, September 29, 2015 11:42 AM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I’m even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG’s Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did _not_ specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don’t understand your claim from your email yesterday (attached) that “I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form.” *From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:54 AM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team’s work that you think “raises the standard for denial” in the manner that you’ve identified? *From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:41 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…... *From:* gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Williams, Todd *Sent:* Monday, September 28, 2015 3:47 PM *To:* Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you’re concerned about? *From:* gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Monday, September 28, 2015 2:09 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions *Importance:* High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green *From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: _Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers * I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. * Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it. +1* - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. * * Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). * *According to comments received, we should * * a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments],* *b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here]* *c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, * *d) create a penalty sufficiently severe to deter violations (perhaps a bond). * ** */The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. /* Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree. * - saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree Sorry, but I don’t see how using the word encouraged nullifies Section B. * * - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** * - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. * - III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. * Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? *Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)* Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org <mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org <mailto:mary.wong@icann.org> *From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Friday, September 25, 2015 at 23:52 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine. · Annex One keep both options: agree. See Transcript at 26-27. *From:* gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org <mailto:mary.wong@icann.org> *From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I’ve provided feedback in *red* below. Sara *From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: _Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers * I support this being retained.* Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.* - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?* Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.* - saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree* - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree* - III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.* Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.* Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org <mailto:mary.wong@icann.org> *From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. *From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone – can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. *From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): “for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.” *From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I’ve been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’…. What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. *From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I’m still confused. In order: · I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”). Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG. *From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara *From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on? Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer’s registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created. Key Systems’ comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring’s comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton’s comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. *From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara *From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind. · You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document). Thanks. Todd. *From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email:mary.wong@icann.org <mailto:mary.wong@icann.org> *From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you’ve said below. I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight:https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static. · Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.:https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers. My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not. *From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t. *From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each: · Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”? · I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. *From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hope everybody enjoyed the rest of their time in Dublin. I've attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all. Todd. From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Sunday, October 04, 2015 2:31 PM To: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday. Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data? This is a huge open issues. Ideas welcome! Kathy -------- Forwarded Message -------- Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Date: Fri, 2 Oct 2015 21:35:30 +0000 From: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com> To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> All: Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I've flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference: · The language "comply with all applicable data protection laws while retaining Customer's contact details and" was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b). · The language "using secure communication channels" was added back to III(B)(i). As I told Kathy: I don't have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it. · On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed "a reasonable basis for" to "a basis for reasonably" in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made. · For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, "which all Providers must either allow or be allowed to allow." So that is what you see there. · We moved III(C)(vi) back to its own section - in the draft yesterday it had been collapsed into III(C)(v). · We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn't add any language per se - just added a note in the comment highlighting that point. Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend. Todd. From: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'Kathy Kleiman' <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary's latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you'd like. From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I'm even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG's Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don't understand your claim from your email yesterday (attached) that "I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form." From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team's work that you think "raises the standard for denial" in the manner that you've identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. · Annex One keep both options: agree. See Transcript at 26-27. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: · I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. · You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: · Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? · I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Todd, Thanks for taking the time to make the edit that follow upon our F2F discussion. I¹ve added a few edits and comments in he attached document. Best, Darcy From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" <Todd.Williams@turner.com> Date: Wednesday, October 28, 205 at 2:58 PM To: Kathy Kleiman <kathy@kathykleiman.com>, "gnso-ppsai3@icann.rg" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Commens and concerns about revisions Hope everybody enjoyed the rest of theirtime in Dublin. I¹ve attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edts that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-ublin (all are in Seion III, which begins on page 6). If anybody wants to change any of these, or has any ohers that they want to add to capture what we discussed in the F2F, please do so.
From our public meetng on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all. Todd. From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On ehalf Of Kathy Kleiman Sent: Sunday, October 04, 2015 2:31 PM To: gnso-ppsai3@cann.org Subject: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about reisions Hi All, This version has now been passed on to the WG co-chairs and is ikely to be queued up for discussion thisTuesday. Quick note: big remaining question is penalties (Annex 1, Option 1). Should weset up a whole new arbitration infrastructure or are there other ways to creae and enforce penalties for violating the Requestor's strict limitations n the use of the revealed proxied data? This is a huge open issues. Ideas wecome! Kathy -------- Forwarded Message -------- Subject: RE: [Gnso-ppsai3] [enamed] Comments and concerns about revisions Date: Fri, 2 Oct 2015 21:35:30+0000 From: Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turne.com> To: Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kthykleiman.com> , gnso-ppsai3@icann.org <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.rg> All: Kathy called me todayso that we could walk through the document, which was incredibly helpful. Thank you Kathyfor that. Based on that I have attached a new draft that captures the results o that call. I¹ve flagged in the Comments those areas that were changed rom what I sent yesterday based on our call. But just to highlight the for your ease of reference: · The language ³comply with all applicable data potection laws while retaining Customer¹s contact details and² was added to II(A)6)(b), II(B)(7)(c), and II(C)(6)(b). · The language ³using secure comunication channels² was added back to III(B)(i). As I told Kathy: I don¹t hae an opinion on that language. I had only removed it in what I sent yesteray to reflect the push-back against it that we had received in the 9-15 and 9-9 WG calls from Graeme, James, and other registrar rpresentatives. But if we as a sub-team want to put it back in over their objection, so e it. · On III(C)(ii) and (iii) (which were the two provisions that were he subject of my 9-29 email to Kathy below): Kathy agreed to include them in the raft if we changed ³a reasonable basis for² to ³a basis for reasonably² in orde to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), ad II(C)(6)(a) (which as I understand it was the original intent behind that laguage). So that change has been made. · For III(C)(iv): again, I hve no opinion on whether surrender should be optional or mandatory. My slection of optional in what I sent yesterday was only to reflect the push-bac against making it mandatory that we had heardin the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we alo add, as another potential formulation for the WG to consider, ³which all Providrs must either allow or be allowed to allow.² So that is what you see thre. · We moved III(C)(vi) back to its own section in the draft yesterday t had been collapsed into III(C)(v). · We also discussed whether to make anote alongside Option 1 in the Annex asking how much more work the WG might nee to do on Option #1 (e.g., what penalties would the abitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn¹t add any language per se just added a note in the comment highlighting that point. Katy: please correct me if any of what I said does not accurately reflect what wediscussed. Look forward to hearing the thoughts from the rest of the sub-eam. Thanks and have a good weekend. Todd. From: Williams, Todd Sent: Thursda, October 01, 2015 5:52 PM To: 'Kathy Kleiman' <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com> ; 'gnso-ppsai3icann.org' <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary¹s latest staus email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, ifyou¹d like. From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42AM To: 'Kathy Kleiman' <kathy@kathykleiman.com>; gnso-ppsai3@icann.org Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions ThanksKathy. Now that we had the WG call and you identified the specific language hat you were concerned about as III(C)(ii) and (iii), I¹m even more confused. s I mentioned on the call, the two alternative formulations for III(C)(ii) and iii) were included in the WG¹s Initial Report as alternative formulatins for which the WG was seeking community input. See Initial Report at pg. 91 (atached). While many commenters opined on which of the two they preferred (wth more preferring the second alternative), the NCSG in its comment did not specy a preference for either. See: http://forum.icann.org/lists/comments-ppsai-inital-05may15/pdfBoyWzlMS3q.pd f. Based on that history, I don¹t understand your clim from your email yesterday (attached) that ³I am very, very concerned about Setion III, as revised, and I am very certain that NCSG and many other commenters some following NCSG) would ever have supported Annex E in this revised form. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Wiliams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org Subject: Re: [Gso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking foward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd rote:
Thanks Kathy. Look forward to discussing in the WG call. I guess my quetion was more specific: what language has been changed in Section III as part o this sub-team¹s work that you think ³raises the standard for denial² in the> manner that you¹ve identified?
From: Kathy Kleiman [mailto:kathy@kthykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com> ; gnso-ppsai3@icann.or Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions> Todd, sorry for the delay. Much happening he in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as jdge and jury. I am also deeply concerned about a comment that I read that said we are giving copyight owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts.
Best, Kathy
On 9/29/2015 9:16 AM, Williams, Todd wrote:
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...
From:gnso-ppsai3-bounces@icann.or [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Mnday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com> mailto:kathy@kathykleiman.com> ; gnso-ppsai3@icann.org Subject: Re: [Gnso-psai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Can I ask what edits to III(C) you¹re concerned about?
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bunces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High
Hi All,
Here are my response to the template as it was reviewed on Friday b Sara. Sara's comments are in red, my comments are in green (at least accordng to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and man other commenters (some following NCSG) would ever have supported Annex in this revised form. Huge issue to discuss - and looking forward to doing> so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members o circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team¹s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I upport this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters.
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that¹s sent to them? Seems we need to clarify ³objectives².
Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should
a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond).
The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation.
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers¹ perspective Agree.
- saying ³encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don¹t see how using the word encouraged nullifies Section B.
- **I don¹t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the ³due process² protections that thousands of commenters sought to protect.**
- III.C.: use some other word than ³surrender², and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word ³surrender² is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer.
- III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let¹s discuss the wording of vi. It¹s getting close, but needs to be tweaked.
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense deletion of Option 1 and editing of Option 2 (now just Annex I)
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org
From: "Williams, Todd" <Todd.Williams@turner.com> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn¹t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we¹ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don¹t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ ³Shall² over ³encouraged but not required to²: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation ³the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration² instead of the new proposed formulation ³name, mailing address, and contact information for service of process that it has for Customer.² See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that¹s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of ³optional² vs. ³mandatory² for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don¹t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don¹t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that¹s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that¹s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven¹t heard from many Sub Team members that they can do a Friday call, I¹m going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org
From: Sara Bockey <sbockey@godaddy.com> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I¹ve provided feedback in red below.
Sara
From: <gnso-ppsai3-bounces@icann.org> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team¹s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers I support this being retained.
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it.
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that¹s sent to them? Seems we need to clarify ³objectives². Limited to original request?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers¹ perspective Agree.
- saying ³encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree
- III.C.: use some other word than ³surrender², and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree
- III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate.
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? Yes.
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org
From: <gnso-ppsai3-bounces@icann.org> on behalf of Kathy Kleiman <kathy@kathykleiman.com> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote: > > > On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com> > wrote: > > > Works for me. Thanks Mary. > > > > From: gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong > Sent: Wednesday, September 23, 2015 3:10 PM > Cc: gnso-ppsai3@icann.org > Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: > Follow up from WG call yesterday) > > > > Hello everyone can we do a call this Friday 25 September at 1900 UTC? > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > From: Mary Wong <mary.wong@icann.org> > Date: Tuesday, September 22, 2015 at 23:12 > Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) > > > > Thanks very much, Todd! Everyone can we ask that you let us know your > availability for a Sub Team call at any of the times indicated by Todd, > below? Thank you all! > > > > Cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > From: "Williams, Todd" <Todd.Williams@turner.com> > Date: Tuesday, September 22, 2015 at 23:00 > To: Mary Wong <mary.wong@icann.org> > Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) > > > > Thank you Mary. I think a call is a good idea. Friday at or after 1900 > UTC is better for me. Though if we want to do tomorrow, I could do > 1400-1500 UTC or 1600-1800 UTC. > > > > Todd. > > > > From: gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong > Sent: Tuesday, September 22, 2015 5:05 AM > Cc: gnso-ppsai3@icann.org > Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call > yesterday) > Importance: High > > > > Hello again everyone, > > > > Following a discussion with the WG co-chairs yesterday, we would like to > suggest that the Sub Team consider doing a call this week to review the > notes from the last WG call (see below), with the goal of presenting > recommendations and/or alternative proposals to the full WG for > discussion next week (i.e. Tuesday 29 September). > > > > If you are able to do a call this week, would either Wednesday (at or > after 1400 UTC) or Friday (at or after 1900 UTC) work for you? > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > From: Mary Wong <mary.wong@icann.org> > Date: Wednesday, September 16, 2015 at 16:27 > Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: Follow up from WG call yesterday > > > > Hello everybody, > > > > Here are the notes I captured from the WG discussion yesterday; we > should have the full transcript and MP3 recording uploaded by tomorrow > at the latest but I thought these notes might be helpful, at least as an > initial framework for the next Sub Team discussion: > > > > Section I.B.(iii): > > - Need to discuss retaining it in some form; costs are real for > providers > > > > Section II: > > - Should there be provision for indemnification to provider against > misuse of data? (NOTE: unlikely to gain support, so possibly no need to > add) > > - A(6)(b)(ii): can a requester under the new wording keep/use the data > to assocate with other information about the registrant e.g. for future > or other requests? Does reverse apply to registrar/provider ie do they > keep data that's sent to them? > > > > Section III: > > - III.B: Secure communications may not be as easily or readily done as > might be desired (so revision is well-intended but maybe not entirely > practical) > > - 5 calendar days rather than 3 is more reasonable from providers' > perspective > > - saying "encouraged" but not mandating action would nullify need for > this section B (NOTE: many people on the call agree with this, one > objected) > > - III.C.: use some other word than ³surrender², and one that makes clear > this does not mean a transfer; in any event, clarify that it's a > deletion at the option of a customer (NOTE: there was some discussion > over whether providers must be required to offer this option; reminder > that previous WG discussions had led to agreement to NOT make it > mandatory due to varying provider practices) > > - III.C.(v) & (vi): do they overlap? Should they be merged? > > > > Annex I: > > - Keep both options to clarify they are two possible ways of dealing > with the issues? > > > > Would you like to do a Sub Team call to walk through these suggestions, > or should we continue to discuss first by email? I will check with the > WG co-chairs when they would like a revised, more finalized, set of > recommendations to be presented to the WG (if possible). > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > > > From: "Williams, Todd" <Todd.Williams@turner.com> > Date: Tuesday, September 15, 2015 at 21:19 > To: Holly Raiche <h.raiche@internode.on.net>, Mary Wong > <mary.wong@icann.org> > Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Thanks Holly. As I mentioned when I circulated the draft (see attached > email): > > > > ³for Sara, Kathy, and the others on our sub-team who have argued that > ³verifiable evidence² means something higher let us know how you would > further edit Sections II(A), (B), and (C) to meet whatever ³higher² > standard you have in mind.² > > > > From:gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche > Sent: Tuesday, September 15, 2015 8:43 AM > To: Mary Wong <mary.wong@icann.org> > Cc: gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Yes, it does help - particularly since I recognise my words in the > extract. What it suggests, however, is acceptance that the elements a > requested gives to a provider amounts to the standard of evidence that > is verifiable¹ - as described below. My question to the group, > therefore, is whether the addition of those words has been agreed upon > by the group. If not, the words should not be there; their mere > presence suggests agreement, and puts the onus on those of us who don¹t > agree to argue for the removal of words that were not agreed to. > > > > Sorry to be pedantic, folks, but the presence of those words suggests a > level of agreement that I am not aware of. > > > > Holly > > On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org> wrote: > > > > > > Hi Holly and everyone, > > > > As Todd noted in his report to the full WG last week on behalf of the > Sub Team, the document doesn¹t represent the finished consensus product > of the Sub Team but rather is being presented as a tool for further WG > discussion. The document includes certain revisions that were added to > more fully reflect the comments that were received, and as such could be > one form of a revised Annex E however, as Todd mentioned, it isn¹t the > agreed result of the Sub Team¹s substantive analysis. > > > > Similarly, in the summary document that was also sent out in tandem, > here is how the Sub Team¹s discussion on the question of ³verifiable > evidence² was presented: > > > > "Further, the Save Domain Privacy petition, which had 10,042 signatories > and also included [x] number of additional statements, argued that > ³privacy providers should not be forced to reveal my private information > without verifiable evidence of wrongdoing.² We as a sub-team could not > agree on how to interpret ³verifiable evidence,² and will leave that > discussion to the larger WG. Some on the sub-team viewed these comments > as supporting Annex E because the requirements in Annex E as currently > formulated can be interpreted as constituting verifiable evidence, while > others on the sub-team interpret verifiable evidence¹ as requiring a > court order and therefore not in support of Annex E. However, some also > noted that the word ³verifiable² does not imply that the evidence has > been tested through a legal process; rather, it simply points toward > requiring that evidence provided must be credible/provable enough so > that, in a legal proceeding, it would withstand legal scrutiny, but does > not necessarily imply that there must have been a court process in all > cases." > > > > Does this help? > > > > Cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > > > From: Holly Raiche <h.raiche@internode.on.net> > Date: Tuesday, September 15, 2015 at 20:18 > To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" > <gnso-ppsai3@icann.org> > Cc: "Williams, Todd" <Todd.Williams@turner.com>, Sara Bockey > <sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Folks > > > > I apologise for not participating over the past week - I¹ve been away. > > > > My question is, next to the headings on request for templates, the words > after requester provides to the service provider, the words verifiable > evidence of wrong doing, including¹. > > > > What that implies is that the following text lists what would constitute > verifiable evidence¹ and indeed, the word including¹ suggests that > other elements can also constitute verifiable evidence¹. Has the group > agreed on this? > > > > My impression was that we had not yet agreed what the term meant, but > that it must be evidence of a very high standard - impliedly something > that could be used in court processes. I am not convinced that the > elements listed under Heading II meet that test. > > > > So Mary, others, was this agreed? > > > > Thanks > > > > Holly > > On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com> wrote: > > > > > > Thanks, Todd. > > > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 1:18 PM > To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org" > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Thanks Sara. I¹m still confused. In order: > > > > · I still don¹t see any mention in the CDT comment re: removal of > alleged infringing materials in lieu of disclosure. I do see support > for the additional language that the attached draft adds to III(C)(vii) > about ³specific information, facts and/or circumstances showing that > disclosure to the Requester will endanger the safety of the Customer² > (in fact, that language was added specifically to capture the point of > the paragraph from the CDT comment that you¹ve quoted below). But that > is completely different from what you¹ve added, for which I cannot find > any support in any of the public comments. I also don¹t understand your > claim that ³rights and actions available to the registrant are sorely > lacking in Annex E² given that Annex E explicitly contemplates notice > to the registrant and contemplates input from the registrant in Sections > III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and > III(C)(vii). > > · The portion of the NCSG comment that you¹ve cited addressed the > appeals mechanism of Section III(F), not the reconsideration mechanism > of III(E). In fact, the attached draft removes the appeal mechanism of > III(F) precisely because of the language that you quoted below from the > NCSG comment (among others). But that language has nothing to do with > III(E). > > · I don¹t understand what the comments from Key Systems, Ralf > Haring, or Adam Creighton have to do with III(E) which again, is only > talking about a request for reconsideration. Moreover, the Key Systems > comment is simply inaccurate: the Disclosure Framework never ³assume[d] > disclosure if certain process steps are followed regardless of the > merits of the complaint² a point that the attached revised draft now > makes explicit in the preamble (³by not requiring that disclosure > automatically follow any given request²). > > > > Just to reiterate: I¹ve always viewed our job in the two documents that > our sub-team has drafted as being to accurately report to the larger WG > what the comments that we¹ve reviewed say. Which means two things: 1) > we have to be true to the comments, and not reinterpret them to say > something they don¹t; and 2) we have to reserve our advocacy for or > against certain points from those comments for the larger WG discussion. > That¹s what I tried to do in the attached. So if you want to argue > against Annex E, that¹s fine do so on the call tomorrow. In fact, I¹m > planning to argue against several of the proposed changes that are > included in the attached. But I still included those proposed changes > in the attached draft, and accurately noted which comments they were > based on because to do otherwise would be misleading to the larger WG. > > > > From: Sara Bockey [mailto:sbockey@godaddy.com] > Sent: Monday, September 14, 2015 3:50 PM > To: Williams, Todd <Todd.Williams@turner.com>; Mary Wong > <mary.wong@icann.org>; gnso-ppsai3@icann.org > Cc: Sara Bockey <sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Todd, > > > > Please see my comments inline below. > > > > Disclaimer: I do not support Annex E. > > > > Sara > > > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 11:57 AM > To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org" > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Sara: > > > > Two quick questions on this as I was getting ready for our call > tomorrow: > > > > 1) Your addition of a new III(C)(v) stating ³the Customer has > removed the infringing trademark and/or copyright material in lieu of > disclosure² what public comment that we reviewed was that change based > on? > > > > Based on CDT¹s comment re registrant¹s ability to respond to allegations > removal of alleged infringing materials in lieu of disclosure would > fall into this category. Rights and actions available to the registrant > are sorely lacking in Annex E. > > > Mere allegation of infringement or illegality is insufficient cause for > a provider to disclose a customer¹s data to a third party; it is > frequently trivially easy for a party abusing the system to allege > frivolous or nonexistent civil claims to justify a demand for personal > information. Registrants should have the ability and opportunity to > respond to the allegations and to the dangers to which they, their > families, and their organizations might be subjected, and to obtain > counsel on these matters. > Revealing a customer¹s registration data should only occur when there > has been a substantial > showing of likelihood of abuse and only after due process. > > > > > > 2)Can you show me where in the NCSG comment (here: > > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3 > q.pdf > > ) the NCSG argued for the addition of the clause ³in instances where > Requester has discovered and submitted additional evidence or > information which warrants consideration² to III(E)? You noted that > this change was based on the NCSG comment, but I can¹t find anything in > that comment that mentions III(E) though admittedly I could have > missed it. > > > > > Based on NCSG comment re unlimited appeals . > > Under no circumstances should Intellectual Property Interests, Law > Enforcement or any other Requestors have unlimited appeals to third > party dispute resolution providers. It will be far more than an > implementation detail to define this appellate procedure but a whole > new arbitration forum of its own will need to be created and a UDRP > process undiscussed and unplanned by this Working Group. All > deliberation about appeal mechanisms should be set aside at this time. > Any Intellectual Property owner or group that feels a Provider is > routinely denying appropriate requests will have full access to the > growing and increasingly responsive ICANN Compliance Team which will > be accessible to Complainers through the accreditation process now being > created. > > Key Systems¹ comment would also support this addition: > > We do not support the proposed Disclosure Framework as it assumes > disclosure if certain process steps are followed regardless of the > merits of the complaint. > > As well as Ralf Haring¹s comment: > > [Disagree with proposal that] Providers can be forced to give your > private contact details to anyone complaining that your site violates > their copyright or trademark. > > And Adam Creighton¹s comment: > > I think the language is too loose, and opens individuals up to frivolous > litigation from IP rights owners and third-party agencies whose > contracted relationship is to expand IP brand presence. > > > Thanks. > > > Todd. > > > > From: Sara Bockey [mailto:sbockey@godaddy.com] > Sent: Friday, September 04, 2015 4:40 PM > To: Williams, Todd <Todd.Williams@turner.com>; Mary Wong > <mary.wong@icann.org>; gnso-ppsai3@icann.org > Cc: Sara Bockey <sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Hi all, > > > > As promised, attached is a redline of my input to the proposed changes > Todd drafted. Todd was pretty thorough and had included several > revisions I had in mind based on the comments so my edits are limited to > a few comments and additions. > > > > Best regards, > > > > Sara > > > > > > From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" > Date: Wednesday, September 2, 2015 at 2:58 PM > To: Mary Wong, "gnso-ppsai3@icann.org" > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > All: > > > > As promised on our call, attached is a redline of the Draft Disclosure > Framework, with annotations noting the source of each proposed change. > Several notes as you review: > > > > · I know that we¹ve debated whether ³verifiable evidence² means > more than what is currently in Sections II(A), (B), and (C). You¹ll see > that I¹ve added the exact wording from the savedomainprivacy.org > <http://savedomainprivacy.org/> petition ³verifiable evidence of > wrongdoing² to those sections. I think that is a good fit, as of > right now. But for Sara, Kathy, and the others on our sub-team who have > argued that ³verifiable evidence² means something higher let us know > how you would further edit Sections II(A), (B), and (C) to meet whatever > ³higher² standard you have in mind. > > · You¹ll note that I briefly added a reference to the comment from > Com Laude (which I think we had omitted from our summary). And that I > did not reference the comment from Aaron Myers (which we¹ve referenced > in our summary, but which doesn¹t really offer any edits to the > Disclosure Framework). Otherwise I think I¹ve covered everything that > we reviewed in terms of edits to the Disclosure Framework though let > me know if anybody sees anything I¹ve missed. > > · Just to be clear for the record: the attached is a revised > Disclosure Framework that illustrates and attempts to account for all of > the proposed edits that we received from the public comments, for the > larger Working Group¹s reference. But it is not how I would have edited > the Disclosure Framework. In fact, I¹ll reserve the right to argue > against some of these proposed edits, once we get into the larger WG > discussion. Just wanted to make that clear so that nobody thinks these > edits are mine (since I¹m the one who drafted the document). > > > > Thanks. > > > > Todd. > > > > From:gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong > Sent: Wednesday, September 02, 2015 6:59 AM > To: gnso-ppsai3@icann.org > Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration > > > > Hello again everyone, > > > > As you look through the proposed revised summary document (below), you > may also wish to consider whether some of the additional comments that > were included in Part 4 of the overall WG Public Comment Review Tool > might be useful such that additional notes or recommendations can be > made, or existing language amended. For your convenience I¹ve extracted > ten such comments which, while not sent in as specific responses to the > Preliminary Recommendations and Annex E that this Sub Team is analysing, > nonetheless seem relevant generally. > > > > I attach these ten comments in tabular form to this email, and welcome > the Sub Team¹s discussion and comments on whether any of them ought to > be considered as well as your thoughts on the summary document. > > > > As the Sub Team is due to report back to the full WG next Tuesday, > please let me know also if you think a call before then amongst the Sub > Team members might be needed. > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > From: Mary Wong <mary.wong@icann.org> > Date: Monday, August 31, 2015 at 15:46 > To: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hello everyone, in an attempt to facilitate further dialogue and, > hopefully, consensus on a way forward on this issue, I¹ve taken the > liberty of amending Kathy¹s document to take into account Holly¹s > comments as well as to attempt to place certain comments (e.g. the > ICA¹s, EasyDNS¹) more specifically within a particular category. I > attach both a redlined and clean copy of this latest updated version > (with the clean copy including yellow highlighted portions where the > most significant language changes are suggested). I have not yet broken > the comments down further into the registrant/provider distinction that > Todd noted, but can of course do so if this is viewed as useful. > > > > Please note that this is not a staff position that is being suggested, > but merely an attempt to document where the Sub Team¹s discussion seems > to be at the moment. I hope this is helpful. > > > > Cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" > <Todd.Williams@turner.com> > Date: Friday, August 28, 2015 at 22:40 > To: Kathy Kleiman <kathy@kathykleiman.com>, "gnso-ppsai3@icann.org" > <gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Thanks Kathy. I both agree and disagree with what you¹ve said below. > > > > I strongly agree that ³the key is the quotes that have come out of the > comments.² I¹ve said repeatedly that our job as a sub-team is not to > advocate, but to simply present the comments to the WG in as accurate > and objective a way as possible. To the extent that we then want to > advocate for our own positions as part of the larger WG, we can do so. > Moreover, part of the reason why I feel so strongly that ³the key is the > quotes² is that I think we have to take the comments at face value, and > then debate as WG whether we can reach consensus on what they actually > say not on what we want them to say. That¹s why I felt so strongly > that ³verifiable evidence² should not be reinterpreted to mean a court > order. It is also what animated my email exchange with Stephanie in the > larger WG (attached). > > > > And if we are in fact faithful to what the comments actually say, then > it is a mistake to lump all of the ³court order² comments into one > monolithic group. I¹ve given some examples of substantive differences > below. But let me give another one: if we look at what they actually > say, the ³court order² comments are very much divided based on whether > the comment came from an individual registrant or from a > registrar/provider. Which of course makes sense: a registrant will tend > to look at these issues very differently than a provider. Specifically, > as you correctly note in our draft, the vast majority of comments > (11,000+) from individuals/registrants said that ³Everyone deserves the > right to privacy² and that ³No one¹s personal information should be > revealed without a court order, regardless of whether the request comes > from a private individual or law enforcement agency.² And of course, we > can understand why registrants would argue that their right to privacy > is inviolate, and that it should never be abrogated unless a court > blesses it. > > > > But note that the registrar/provider comments in the ³court order² group > do NOT say the same thing. Rather, they are focused on retaining their > discretion as to when to disclose or publish, and do not want an > accreditation standard that requires them to do so absent a court order. > Hence my point about the word ³require² in the Blacknight comment. See > also the Key Systems comment: ³Disclosure or publication should never be > the automatic result of a process, but rather remain an option of the > provider.² And others. So one key distinction b/w the > registrant/individual comments and the registrar/provider comments is > that the registrant comments do not want disclosure or publication EVER > unless following a court order, while the provider comments want a court > order first if SOMEBODY ELSE wants them to disclose or publish, but not > if THEY want to disclose or publish. And we can understand why, given > how many provider Terms of Service include language that gives them > discretion to basically turn off a P/P Service whenever they want (for > example, if the registrant stops paying them), without any kind of > process beforehand (due process or otherwise). See below (among many > others): > > > > · Blacknight: https://www.blacknight.com/acceptable-usage.html. > > · Whoisprivacy.com <http://whoisprivacy.com/> , Ltd.: > http://www.whoisprivacyservices.com.au/terms.htm. > > · EuroDNS S.A.: > https://www.eurodns.com/terms-and-conditions/whois-privacy. > > · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. > > · Domain.com <http://domain.com/> , LLC: > http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. > > · DomainIt, Inc.: https://www.domainit.com/terms.html. > > · Moniker Privacy Services, LLC: > http://www.moniker.com/legal/registration-agreement. > > > > So we can understand why providers would not want an accreditation > regime that requires them to get a court order before they turn off a > registrant¹s privacy service (and to rewrite their Terms of Service > accordingly). In fact, Volker has already admitted both on the email > list (see attached) and on our weekly calls (see transcript of 8-11-15 > call) that such an accreditation requirement would have such a ³severe > impact² on the economic realities of providers (in other words, would > cost them so much money), that they could never agree to such a > requirement. But of course, if I¹m an individual registrant concerned > about my privacy and due process, then I could care less about the > ³economic realities² of providers. > > > > My point is only that we can¹t gloss over that important distinction > (and others) by lumping all of the ³court order² comments together as if > they were coming from the same place and advocating for the same thing. > They¹re not. > > > > From: Kathy Kleiman [mailto:kathy@kathykleiman.com] > Sent: Friday, August 28, 2015 8:44 AM > To: Williams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi Todd, > The entire WG is now looking to our comments to show what supports Annex > E (deemed generally to be a lower standard than court order) and Court > Order (deemed to be a much higher standard than Annex E). What we are > talking about is the floor, not the ceiling, right, for accreditation? > Namely, what is the minimum requirement for disclosure of proxied data? > I see it as really quite binary - up or down (Annex E or court order for > private requests to p/p providers) - but I can understand if the subteam > thinks differently. > > What I think is key is the quotes that have come out of the comments. > Provided we keep the quotes, I'm good.I can rework, but not until end of > weekend or early next week. > > Best, > Kathy > : > > Thanks Kathy. > > > > · When you say that ³in the weeks since the original draft, I > think the discussion has evolved from a multipart one . . . to a binary > one² what are you basing that on? Can you point to any transcripts or > emails? I certainly don¹t remember being part of those discussions. > > · Moreover, had I been involved in those discussions, I would have > objected, because I think that lumping the comments together in the way > that you have, and ignoring the categories that our sub-team had already > agreed upon, does a disservice to the nuance of the comments from > Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a > court. I think that is an important distinction between Categories 2 > and 3. And the fact that the ICA and EasyDNS comments would allow for > ³some exceptions for cases of abuse² is another important distinction > that the broader WG ought to know about. I¹m fine if we want to include > some sort of introductory sentence saying that __ comments opposed the > basic premise of Annex E (which we do). But to then argue that those > comments are monolithic, or that they all oppose the premise of Annex E > in the same way, is not accurate. > > · I simply understood the ISPCP comment to mean that allegations > of infringement should not always be automatically taken as true (³not > indisputably wronged parties²), and that some independent adjudicator > (meaning, somebody other than the IP owner who is making the allegation) > should evaluate the merits of those claims. Annex E as currently > drafted provides for that. But I also don¹t think that you or I should > necessarily be the ones to decide this argument. Why can¹t we just say > that we weren¹t quite sure what to do with this one (as was true with > some others), and take it to the larger WG for their consideration. > > · I think you¹re missing my point on Blacknight. My point is that > the key word is ³require.² As I mentioned below, nothing in Annex E > ³requires² Blacknight to disclose (merely to give reasons if they refuse > to disclose). So I don¹t see anything in their comment that is > inconsistent with Annex E. > > · On the APC comment: I don¹t disagree with you that the comment > has important value for the WG. But that¹s not the same thing as saying > that it advocates for disclosure only following a court order. It > doesn¹t. > > > > From: Kathy Kleiman [mailto:kathy@kathykleiman.com] > Sent: Wednesday, August 26, 2015 10:59 PM > To: Williams, Todd <Todd.Williams@turner.com> > <mailto:Todd.Williams@turner.com> ; gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi Todd, > Tx you for the close read. In the weeks since the original draft, I > think the discussion has evolved from a multipart one - such as the 5 > categories originally created in Section III -- to a more binary one: do > commenters support a system such as Annex E or do they want court order > prior to the reveal of the data? > > With apologies, I don't understand the differentiation into Categories > 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and > others not, but that does not take away from the totality of the > commenters who want court orders -- or want court orders for certain > categories of requests such as privacy requests to p/p providers from > third parties, such as intellectual property requests. To divide up > these comments really dilutes the argument, I think, as these commenters > favor court order for the key issue we are evaluating. > > So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy > DNS together in Category 2. > > The ISPCP Constituency Comments call for an "independent adjudicator" to > "determine the merits of their ("intellectual property rights holders") > claims. I thought that was pretty clear reference to a judge or > magistrate, but if you see it differently, please let me know. > > Re Blacknight, on the issue of Annex E or court order, the comments > appear to come down squarely for court orders. For LEA, it recommends a > different approach, but there is no reference to Annex E, only "a > request from law enforcement, Irish consumer protection agencies or a > court order with jurisdiction over us." The intellectual property > requests falls into the final category -- court order -- and as such, > this comment would be properly listed here. > > Re: APC, Alliance for Progressive Communications, you are right that I > missed a step in putting this comment forward. The question this quote > addresses, and it is a valuable one, is court orders and jurisdiction -- > from which jurisdiction are court orders are valid? Here APC provides > us with unique insight, very worth passing onto the WG: that release of > domain name data in some countries has and will continue to result in > arrest, prosecution, conviction, etc. of "domain owners" who are > "exercising activism" online. This is a very tough issue that we > discussed in the WG, and APC is on the ground in Africa and near the > Middle East to see abuses first hand. > > As the WG explores the issue of court orders, the next question is: from > what jurisdiction should/must p/p provider accept a court order? The APC > comment reminds us that what is clearly legal in one country is > punishable in another -- and that jurisdictional issues for court orders > are a key part of what we (the WG) have to keep in mind. If you would > like to create a introductory paragraph, or new section, for this type > of discussion, I would certainly welcome it! > > Best, > Kathy > : > > Thanks Kathy. One minor formatting suggestion: > > > > I think the spectrum that we outline on page 5 (Categories 1-4) is > useful, because not all of these comments are advocating for the same > thing. Yet the quotes that we¹ve added from the comments are all > included under Category 2, which is somewhat confusing. I would suggest > that we move: > > > > · The quotes from the comments from Google, Endurance > International Group, and Jeff Wheelhouse to the paragraph on Category 3. > > · The quotes from the comments from ICA and Easy DNS to the > paragraph on Category 4. > > > > Also, I saw that you added quotes from the comments from ISPCPC, > Blacknight, and the Association for Progressive Communications, even > though those weren¹t in our initial summary and don¹t specifically > mention Annex E. My thoughts on each: > > > > · Here¹s the full ISPCPC quote, from a section titled ³Regarding > LEA definitions & differentiations²: ³While we respect the desire to > utilize the official ICANN definition of Law Enforcement Agent (LEA), we > acknowledge that intellectual property rights holders and private anti > abuse organizations should be treated as complainants and not > indisputably wronged parties, and accordingly an independent adjudicator > should determine the merits of their claim before rights that users > would otherwise have are abrogated by reason of those lawyers' claims.² > To be honest, I¹m not really sure what to make of that (especially given > that it is included under a heading about LEA definitions). But I¹m not > sure that we can assume that it means disclosure only following a court > order. Why would Annex E as currently drafted not satisfy the standard > of ³an independent adjudicator should determine the merits of their > claim²? > > · I also don¹t understand why we would think that the Blacknight > quote is incompatible with Annex E. All it says is that ³any policy > that would require us to divulge our client¹s information in the absence > of either a request from law enforcement, Irish consumer protection > agencies or a court order with jurisdiction over us is incompatible with > Irish law.² But Annex E as currently drafted doesn¹t require Blacknight > to divulge its client¹s information. Rather, it gives Blacknight the > discretion to make that decision; all it requires is that Blacknight > provide the complainant with its reasoning if it chooses to refuse. > > · I don¹t understand why we¹d include a quote from the APC comment > in this section, given that it does not mention Annex E, and that it > expressly endorsed the NCSG comment (see: > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i > 9.pdf), which we analyze in the previous section that supports the > premise of Annex E. > > > > From:gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman > Sent: Wednesday, August 26, 2015 5:17 PM > To: gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi All, > Tx to Darcy for the Overview work. I've taken her draft and added to it > my work on Section III as promised on the last call. I added more quotes > from commenters seeking court orders and the use of existing legal due > process mechanisms prior to disclosure of proxied data. There was a wide > array of comments on this issue, including from ISPs, individuals, > organizations, and companies. > > I used Darcy's version as the base. Both her edits (Overview) and my > edits (Section III) are shown in "track changes." > > Best, > Kathy > > : > > Hi, all! > > In follow up to our call earlier this week, attached is an updated > Sub-team 3 analysis draft with the overview added at the beginning. I > redlined my changes so you can clearly see what I¹ve done. I hope you > find that I present a clear and accurate overview. > > > > I also made some minor revisions to Section V (³Comments that did not > fit neatly into any of the above categories²) that I realized after > submitting my original draft of that section made a bit more sense. > Again, I¹ve redlined the changes so you can easily see what changed. > > > > Please let me know if there are any questions. > > > > Thanks, > > Darcy > > > > > > > > > > > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > > > > > <Revised Illustrative Disclosure Framework for Intellectual Property > Righ...[2][1].docx>_______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-ppsai3 >
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Great, thanks Darcy. My thoughts on your points, in order: · Aren't Providers by definition accredited: good point; good change. · Automation: no, that language has always applied to everybody involved. · Choice of language to begin I(B): good point, we should pick one. I don't have a preference. Does anybody else? · On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester? I think the way it would work would be that the Requester, as part of what it submits under Section II, would also include in its submission an agreement to be bound by jurisdiction at the seat of the Provider. Then, if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information). Thanks! Todd. From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Wednesday, October 28, 2015 6:35 PM To: Williams, Todd <Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Todd, Thanks for taking the time to make the edits that follow upon our F2F discussion. I've added a few edits and comments in the attached document. Best, Darcy From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Wednesday, October 28, 2015 at 2:58 PM To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hope everybody enjoyed the rest of their time in Dublin. I've attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Sunday, October 04, 2015 2:31 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday. Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data? This is a huge open issues. Ideas welcome! Kathy -------- Forwarded Message -------- Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Date: Fri, 2 Oct 2015 21:35:30 +0000 From: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com> To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> All: Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I've flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference: · The language "comply with all applicable data protection laws while retaining Customer's contact details and" was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b). · The language "using secure communication channels" was added back to III(B)(i). As I told Kathy: I don't have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it. · On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed "a reasonable basis for" to "a basis for reasonably" in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made. · For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, "which all Providers must either allow or be allowed to allow." So that is what you see there. · We moved III(C)(vi) back to its own section - in the draft yesterday it had been collapsed into III(C)(v). · We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn't add any language per se - just added a note in the comment highlighting that point. Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend. Todd. From: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'Kathy Kleiman' <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary's latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you'd like. From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I'm even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG's Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don't understand your claim from your email yesterday (attached) that "I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form." From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team's work that you think "raises the standard for denial" in the manner that you've identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. · Annex One keep both options: agree. See Transcript at 26-27. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: · I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. · You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: · Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? · I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Thanks, Todd. Fr I(B), my preference is we use ³Nothing in this document prevents a Provider fm.² Regarding your last bullet, if the Requester refuses to include the consenin its Request, is the Provider allowed to refuse to process the Request? This cosent requirement isn¹t included in the rest of the Annex. Thanks, Darcy From: Williams, Todd" <Todd.Williams@turner.com> Date: Thursday, October 29, 2015 at 9:31 AM To: Darcy Southwell <darcysouthwell@endurance.com>, Kathy Kleiman <kathy@kathykleiman.com>, "gnso-ppsai3@icnn.org" <gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Great, thanks Darcy. My thoughts on your points, in order: · Aren¹t Providers by definitionaccredited: good point; good change. · Automation: no, that language has lways applied to everybody involved. · Choice of language to begin I(B: good point, we should pick one. I don¹t have a preference. Does anybody else? · On your concerns about the two options listed in Annex 1: agree, this is stil the only significant unresolved issue for the Disclosure Framework. Perhaps w should plan to talk about it on the WG call on Tuesday? The only answer I have o the good questions you raised is on the last one: how will Providers enfrce a jurisdiction selection when the contract is with the Customer and not the equester? I think the way it would work would be that the Requester, as part f what it submits under Section II, would also include in its submission an agrement to be bound by jurisdiction at the seat of the Provider. Then, if EITHE the Provider or the Customer later comes to believe that the Requester made knowngly false statements in its request, or knowingly misused information disclose to it in response to its request, then either the Provider or the Customer cold sue the Requester in the jurisdiction at the seat of the Provider, and the Reuester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that hey made a knowingly false statement or misused the information). Thanks! Tod. From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Wedneday, October 28, 2015 6:35 PM To: Williams, Todd <Todd.Williams@turner.com>; Kath Kleiman <kathy@kathykleiman.com>; gnso-ppsai3@icann.org Subject: Re: [Gns-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Todd, Tanks for taking the time to make the edits that follow upon our F2F discussion. I¹ve added a few edits and comments in the attached document. Best, Darcy From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" <Todd.Williams@turner.com> Date: Wednesday, October 28, 2015 at 2:58 PM To: Kathy Kleiman <kahy@kathykleiman.com>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hpe everybody enjoyed the rest of their time in Dublin. I¹ve attached a evised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-o-face (calendar days to business days, etc.). I included them all in blue so tht you can easily see which are new, post-Dublin (all are in Section III, whch begins on page 6) If anybody wants to change any of these, or has any others that they want to add to capure what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all. Todd. From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Sunda, October 04, 2015 2:31 PM To: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] Fw: RE: [renamed] Comments and concerns about revisions Hi All, This version has ow been passed on to the WG co-chairs and is likely to be queued up for discussin this Tuesday. Quick note: big remainin question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infastructure or are there other ways to create and enforce penalties for violatng the Requestor's strict limitations on the use of the revealed proxied ata? This is a huge open issues. Ideas welcome! Kathy -------- Forwarded Mssage -------- Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns abot revisions Date: Fri, 2 Oct 2015 21:35:30 +0000 From: Williams, Todd <Todd.illiams@turner.com> <mailto:Todd.Williams@turner.com> To: Kathy Kleiman <kathy@kahykleiman.com> <mailto:kathy@kathykleiman.com> , gnso-ppsai3@ican.org <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org> All: Kathy called me tday so that we could walk through th document, which was incredibly helpful. Thank you Kathy for that. Based on that I have ttached a new draft that captures the results of that call. I¹ve flagged in theComments those areas that were changed from what I sent yesterday based n our call. But just to highlight them for your ease of reference: · The language ³comply with all applicable data protection laws while retaining Cutomer¹s contact details and² was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)b). · The language ³using secure communication channels² was added bck to III(B)(i). As I told Kathy: I don¹t have an opinion on that language. had only removed it in what I sent yesterday to reflect the push-back agaist it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, ad other registrar representatives. But if we as a sb-team want to put it back in over their objection, so be it. · On III(C)(ii) and iii) (which were the two provisions that were the subject of my 9-29 email to Kthy below): Kathy agreed to include them in the draft if we changed ³a reasonablebasis for² to ³a basis for reasonably² in order to more precisely mirror the laguage from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I undersand it was the original intent behind that language). So that change has beenmade. · For III(C)(iv): again, I have no opinion on whether surrendr should be optional or mandatory. My selection of optional in what I set yesterday was only to reflect the push-back against making it mandatory tha we had heard in the 9-15 and 9-29 calls from he registrar representatives. But Kathy asked that we also add, as another potential formlation for the WG to consider, ³which all Providers must either allow or be allowd to allow.² So that is what you see there. · We moved III(C)(vi) ack to its own section in the draft yesterday it had been collapsed into III(C)v). · We also discussed whether to make a note alongside Option 1 in the Anex asking how much more work the WG might need to do on Option #1 (e.g., what enalties would the arbitrator be authorized to levy?) and how much of that should instead be left to implementation or a different PDP. We didn¹t add any language per se just added a note in the comment highlighting that point. Kathy: please correct me if any of wat I said does not accurately reflect what we discussed. Look forward to hearng the thoughts from the rest of the sub-team. Thanks and have a good weeend. Todd. From: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'athy Kleiman' <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com> ; 'gnso-ppsai3@icann.org' <gnso-ppsai3@icann.or> <mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary¹s latest status email (attached), I tried to evise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further yor concerns on III(C)(ii) and (iii) Kathy, if you¹d like. From: Williams, Tdd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kahykleiman.com>; gnso-ppsai3@icann.org Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG cll and you identified the specific language that you were concerned about as II(C)(ii) and (iii), I¹m even more confused. As I mentioned on the call, the to alternative formulations for III(C)(ii) and (iii) were included in the WG¹s Iitial Report as alternative formulations for which the WG was seeking ommunity input. See Initial Report at pg. 91 (attached). While many commenters pined on which of the two they preferred (with more preferring the second alernative), the NCSG in its comment did not specify a preference for either. Seehttp://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd f. ased on that history, I don¹t understand your claim from your email yesterday (atached) that ³I am very, very concerned about Section III, as revised, and I am vry certain that NCSG and many other commenters (some following NCSG) would ever ave supported Annex E in this revised form.² From: Kathy Kleiman [mailto:athy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turne.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [renamed] Comments an concerns about revisions Hi Todd, Looking forward to seeing you on the call! athy On 9/29/2015 9:46 AM, Williams, Todd wrote:
Thanks Kathy. Look forwrd to discussing in the WG call. I guess my question was more specific: what lnguage has been changed in Section III as part of this sub-team¹s work that youthink ³raises the standard for denial² in the manner that you¹ve identified?>
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday,September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com> ; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [rnamed] Comments and concerns about revisions
Todd, sorry for the delay.Much happening here in DC (including tons of traic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeplyconcerned about a comment that I read that said we are giving copyright owners a bypass of the leal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts.
Best, Kathy
On 9/29/2015 9:16 AM, Williams, Todd wrote:
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@ican.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM>> To: Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com> ;>> gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [renamed] Comments and conerns about revisions
Thanks Kathy. Can I ask what edits to III(C) ou¹re concerned about?
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf OfKathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High
Hi All, Here are my responseto the template as it was reviewed on Friday by Sara. Sara's comments are inred, my comments are in green (at least according to my screen). I will now ive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some followin NCSG) would ever have supported Annex E in this revised form. Huge isse to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members to circulate to this email list their commnts/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team¹s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We receivedcomments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters.
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that¹s sent to them? Seems we need to clarify ³objectives².
Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should
a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond).
The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation.
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers¹ perspective Agree.
- saying ³encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don¹t see how using the word encouraged nullifies Section B.
- **I don¹t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the ³due process² protections that thousands of commenters sought to protect.**
- III.C.: use some other word than ³surrender², and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word ³surrender² is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer.
- III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let¹s discuss the wording of vi. It¹s getting close, but needs to be tweaked.
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense deletion of Option 1 and editing of Option 2 (now just Annex I)
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org
From: "Williams, Todd" <Todd.Williams@turner.com> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn¹t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we¹ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don¹t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ ³Shall² over ³encouraged but not required to²: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation ³the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration² instead of the new proposed formulation ³name, mailing address, and contact information for service of process that it has for Customer.² See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that¹s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of ³optional² vs. ³mandatory² for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don¹t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don¹t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that¹s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that¹s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven¹t heard from many Sub Team members that they can do a Friday call, I¹m going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org
From: Sara Bockey <sbockey@godaddy.com> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I¹ve provided feedback in red below.
Sara
From: <gnso-ppsai3-bounces@icann.org> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team¹s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers I support this being retained.
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it.
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that¹s sent to them? Seems we need to clarify ³objectives². Limited to original request?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers¹ perspective Agree.
- saying ³encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree
- III.C.: use some other word than ³surrender², and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree
- III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate.
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? Yes.
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org
From: <gnso-ppsai3-bounces@icann.org> on behalf of Kathy Kleiman <kathy@kathykleiman.com> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote: > > > On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com> > wrote: > > > Works for me. Thanks Mary. > > > > From: gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong > Sent: Wednesday, September 23, 2015 3:10 PM > Cc: gnso-ppsai3@icann.org > Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: > Follow up from WG call yesterday) > > > > Hello everyone can we do a call this Friday 25 September at 1900 UTC? > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > From: Mary Wong <mary.wong@icann.org> > Date: Tuesday, September 22, 2015 at 23:12 > Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) > > > > Thanks very much, Todd! Everyone can we ask that you let us know your > availability for a Sub Team call at any of the times indicated by Todd, > below? Thank you all! > > > > Cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > From: "Williams, Todd" <Todd.Williams@turner.com> > Date: Tuesday, September 22, 2015 at 23:00 > To: Mary Wong <mary.wong@icann.org> > Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) > > > > Thank you Mary. I think a call is a good idea. Friday at or after 1900 > UTC is better for me. Though if we want to do tomorrow, I could do > 1400-1500 UTC or 1600-1800 UTC. > > > > Todd. > > > > From: gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong > Sent: Tuesday, September 22, 2015 5:05 AM > Cc: gnso-ppsai3@icann.org > Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call > yesterday) > Importance: High > > > > Hello again everyone, > > > > Following a discussion with the WG co-chairs yesterday, we would like to > suggest that the Sub Team consider doing a call this week to review the > notes from the last WG call (see below), with the goal of presenting > recommendations and/or alternative proposals to the full WG for > discussion next week (i.e. Tuesday 29 September). > > > > If you are able to do a call this week, would either Wednesday (at or > after 1400 UTC) or Friday (at or after 1900 UTC) work for you? > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > From: Mary Wong <mary.wong@icann.org> > Date: Wednesday, September 16, 2015 at 16:27 > Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: Follow up from WG call yesterday > > > > Hello everybody, > > > > Here are the notes I captured from the WG discussion yesterday; we > should have the full transcript and MP3 recording uploaded by tomorrow > at the latest but I thought these notes might be helpful, at least as an > initial framework for the next Sub Team discussion: > > > > Section I.B.(iii): > > - Need to discuss retaining it in some form; costs are real for > providers > > > > Section II: > > - Should there be provision for indemnification to provider against > misuse of data? (NOTE: unlikely to gain support, so possibly no need to > add) > > - A(6)(b)(ii): can a requester under the new wording keep/use the data > to assocate with other information about the registrant e.g. for future > or other requests? Does reverse apply to registrar/provider ie do they > keep data that's sent to them? > > > > Section III: > > - III.B: Secure communications may not be as easily or readily done as > might be desired (so revision is well-intended but maybe not entirely > practical) > > - 5 calendar days rather than 3 is more reasonable from providers' > perspective > > - saying "encouraged" but not mandating action would nullify need for > this section B (NOTE: many people on the call agree with this, one > objected) > > - III.C.: use some other word than ³surrender², and one that makes clear > this does not mean a transfer; in any event, clarify that it's a > deletion at the option of a customer (NOTE: there was some discussion > over whether providers must be required to offer this option; reminder > that previous WG discussions had led to agreement to NOT make it > mandatory due to varying provider practices) > > - III.C.(v) & (vi): do they overlap? Should they be merged? > > > > Annex I: > > - Keep both options to clarify they are two possible ways of dealing > with the issues? > > > > Would you like to do a Sub Team call to walk through these suggestions, > or should we continue to discuss first by email? I will check with the > WG co-chairs when they would like a revised, more finalized, set of > recommendations to be presented to the WG (if possible). > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > > > From: "Williams, Todd" <Todd.Williams@turner.com> > Date: Tuesday, September 15, 2015 at 21:19 > To: Holly Raiche <h.raiche@internode.on.net>, Mary Wong > <mary.wong@icann.org> > Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Thanks Holly. As I mentioned when I circulated the draft (see attached > email): > > > > ³for Sara, Kathy, and the others on our sub-team who have argued that > ³verifiable evidence² means something higher let us know how you would > further edit Sections II(A), (B), and (C) to meet whatever ³higher² > standard you have in mind.² > > > > From:gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche > Sent: Tuesday, September 15, 2015 8:43 AM > To: Mary Wong <mary.wong@icann.org> > Cc: gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Yes, it does help - particularly since I recognise my words in the > extract. What it suggests, however, is acceptance that the elements a > requested gives to a provider amounts to the standard of evidence that > is verifiable¹ - as described below. My question to the group, > therefore, is whether the addition of those words has been agreed upon > by the group. If not, the words should not be there; their mere > presence suggests agreement, and puts the onus on those of us who don¹t > agree to argue for the removal of words that were not agreed to. > > > > Sorry to be pedantic, folks, but the presence of those words suggests a > level of agreement that I am not aware of. > > > > Holly > > On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org> wrote: > > > > > > > Hi Holly and everyone, > > > > As Todd noted in his report to the full WG last week on behalf of the > Sub Team, the document doesn¹t represent the finished consensus product > of the Sub Team but rather is being presented as a tool for further WG > discussion. The document includes certain revisions that were added to > more fully reflect the comments that were received, and as such could be > one form of a revised Annex E however, as Todd mentioned, it isn¹t the > agreed result of the Sub Team¹s substantive analysis. > > > > Similarly, in the summary document that was also sent out in tandem, > here is how the Sub Team¹s discussion on the question of ³verifiable > evidence² was presented: > > > > "Further, the Save Domain Privacy petition, which had 10,042 signatories > and also included [x] number of additional statements, argued that > ³privacy providers should not be forced to reveal my private information > without verifiable evidence of wrongdoing.² We as a sub-team could not > agree on how to interpret ³verifiable evidence,² and will leave that > discussion to the larger WG. Some on the sub-team viewed these comments > as supporting Annex E because the requirements in Annex E as currently > formulated can be interpreted as constituting verifiable evidence, while > others on the sub-team interpret verifiable evidence¹ as requiring a > court order and therefore not in support of Annex E. However, some also > noted that the word ³verifiable² does not imply that the evidence has > been tested through a legal process; rather, it simply points toward > requiring that evidence provided must be credible/provable enough so > that, in a legal proceeding, it would withstand legal scrutiny, but does > not necessarily imply that there must have been a court process in all > cases." > > > > Does this help? > > > > Cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > > > From: Holly Raiche <h.raiche@internode.on.net> > Date: Tuesday, September 15, 2015 at 20:18 > To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" > <gnso-ppsai3@icann.org> > Cc: "Williams, Todd" <Todd.Williams@turner.com>, Sara Bockey > <sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Folks > > > > I apologise for not participating over the past week - I¹ve been away. > > > > My question is, next to the headings on request for templates, the words > after requester provides to the service provider, the words verifiable > evidence of wrong doing, including¹. > > > > What that implies is that the following text lists what would constitute > verifiable evidence¹ and indeed, the word including¹ suggests that > other elements can also constitute verifiable evidence¹. Has the group > agreed on this? > > > > My impression was that we had not yet agreed what the term meant, but > that it must be evidence of a very high standard - impliedly something > that could be used in court processes. I am not convinced that the > elements listed under Heading II meet that test. > > > > So Mary, others, was this agreed? > > > > Thanks > > > > Holly > > On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com> wrote: > > > > > > > Thanks, Todd. > > > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 1:18 PM > To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org" > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Thanks Sara. I¹m still confused. In order: > > > > · I still don¹t see any mention in the CDT comment re: removal of > alleged infringing materials in lieu of disclosure. I do see support > for the additional language that the attached draft adds to III(C)(vii) > about ³specific information, facts and/or circumstances showing that > disclosure to the Requester will endanger the safety of the Customer² > (in fact, that language was added specifically to capture the point of > the paragraph from the CDT comment that you¹ve quoted below). But that > is completely different from what you¹ve added, for which I cannot find > any support in any of the public comments. I also don¹t understand your > claim that ³rights and actions available to the registrant are sorely > lacking in Annex E² given that Annex E explicitly contemplates notice > to the registrant and contemplates input from the registrant in Sections > III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and > III(C)(vii). > > · The portion of the NCSG comment that you¹ve cited addressed the > appeals mechanism of Section III(F), not the reconsideration mechanism > of III(E). In fact, the attached draft removes the appeal mechanism of > III(F) precisely because of the language that you quoted below from the > NCSG comment (among others). But that language has nothing to do with > III(E). > > · I don¹t understand what the comments from Key Systems, Ralf > Haring, or Adam Creighton have to do with III(E) which again, is only > talking about a request for reconsideration. Moreover, the Key Systems > comment is simply inaccurate: the Disclosure Framework never ³assume[d] > disclosure if certain process steps are followed regardless of the > merits of the complaint² a point that the attached revised draft now > makes explicit in the preamble (³by not requiring that disclosure > automatically follow any given request²). > > > > Just to reiterate: I¹ve always viewed our job in the two documents that > our sub-team has drafted as being to accurately report to the larger WG > what the comments that we¹ve reviewed say. Which means two things: 1) > we have to be true to the comments, and not reinterpret them to say > something they don¹t; and 2) we have to reserve our advocacy for or > against certain points from those comments for the larger WG discussion. > That¹s what I tried to do in the attached. So if you want to argue > against Annex E, that¹s fine do so on the call tomorrow. In fact, I¹m > planning to argue against several of the proposed changes that are > included in the attached. But I still included those proposed changes > in the attached draft, and accurately noted which comments they were > based on because to do otherwise would be misleading to the larger WG. > > > > From: Sara Bockey [mailto:sbockey@godaddy.com] > Sent: Monday, September 14, 2015 3:50 PM > To: Williams, Todd <Todd.Williams@turner.com>; Mary Wong > <mary.wong@icann.org>; gnso-ppsai3@icann.org > Cc: Sara Bockey <sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Todd, > > > > Please see my comments inline below. > > > > Disclaimer: I do not support Annex E. > > > > Sara > > > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 11:57 AM > To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org" > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Sara: > > > > Two quick questions on this as I was getting ready for our call > tomorrow: > > > > 1) Your addition of a new III(C)(v) stating ³the Customer has > removed the infringing trademark and/or copyright material in lieu of > disclosure² what public comment that we reviewed was that change based > on? > > > > Based on CDT¹s comment re registrant¹s ability to respond to allegations > removal of alleged infringing materials in lieu of disclosure would > fall into this category. Rights and actions available to the registrant > are sorely lacking in Annex E. > > > Mere allegation of infringement or illegality is insufficient cause for > a provider to disclose a customer¹s data to a third party; it is > frequently trivially easy for a party abusing the system to allege > frivolous or nonexistent civil claims to justify a demand for personal > information. Registrants should have the ability and opportunity to > respond to the allegations and to the dangers to which they, their > families, and their organizations might be subjected, and to obtain > counsel on these matters. > Revealing a customer¹s registration data should only occur when there > has been a substantial > showing of likelihood of abuse and only after due process. > > > > > > 2)Can you show me where in the NCSG comment (here: > > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3 > q.pdf > > ) the NCSG argued for the addition of the clause ³in instances where > Requester has discovered and submitted additional evidence or > information which warrants consideration² to III(E)? You noted that > this change was based on the NCSG comment, but I can¹t find anything in > that comment that mentions III(E) though admittedly I could have > missed it. > > > > > Based on NCSG comment re unlimited appeals . > > Under no circumstances should Intellectual Property Interests, Law > Enforcement or any other Requestors have unlimited appeals to third > party dispute resolution providers. It will be far more than an > implementation detail to define this appellate procedure but a whole > new arbitration forum of its own will need to be created and a UDRP > process undiscussed and unplanned by this Working Group. All > deliberation about appeal mechanisms should be set aside at this time. > Any Intellectual Property owner or group that feels a Provider is > routinely denying appropriate requests will have full access to the > growing and increasingly responsive ICANN Compliance Team which will > be accessible to Complainers through the accreditation process now being > created. > > Key Systems¹ comment would also support this addition: > > We do not support the proposed Disclosure Framework as it assumes > disclosure if certain process steps are followed regardless of the > merits of the complaint. > > As well as Ralf Haring¹s comment: > > [Disagree with proposal that] Providers can be forced to give your > private contact details to anyone complaining that your site violates > their copyright or trademark. > > And Adam Creighton¹s comment: > > I think the language is too loose, and opens individuals up to frivolous > litigation from IP rights owners and third-party agencies whose > contracted relationship is to expand IP brand presence. > > > Thanks. > > > Todd. > > > > From: Sara Bockey [mailto:sbockey@godaddy.com] > Sent: Friday, September 04, 2015 4:40 PM > To: Williams, Todd <Todd.Williams@turner.com>; Mary Wong > <mary.wong@icann.org>; gnso-ppsai3@icann.org > Cc: Sara Bockey <sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Hi all, > > > > As promised, attached is a redline of my input to the proposed changes > Todd drafted. Todd was pretty thorough and had included several > revisions I had in mind based on the comments so my edits are limited to > a few comments and additions. > > > > Best regards, > > > > Sara > > > > > > From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" > Date: Wednesday, September 2, 2015 at 2:58 PM > To: Mary Wong, "gnso-ppsai3@icann.org" > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > All: > > > > As promised on our call, attached is a redline of the Draft Disclosure > Framework, with annotations noting the source of each proposed change. > Several notes as you review: > > > > · I know that we¹ve debated whether ³verifiable evidence² means > more than what is currently in Sections II(A), (B), and (C). You¹ll see > that I¹ve added the exact wording from the savedomainprivacy.org > <http://savedomainprivacy.org/> petition ³verifiable evidence of > wrongdoing² to those sections. I think that is a good fit, as of > right now. But for Sara, Kathy, and the others on our sub-team who have > argued that ³verifiable evidence² means something higher let us know > how you would further edit Sections II(A), (B), and (C) to meet whatever > ³higher² standard you have in mind. > > · You¹ll note that I briefly added a reference to the comment from > Com Laude (which I think we had omitted from our summary). And that I > did not reference the comment from Aaron Myers (which we¹ve referenced > in our summary, but which doesn¹t really offer any edits to the > Disclosure Framework). Otherwise I think I¹ve covered everything that > we reviewed in terms of edits to the Disclosure Framework though let > me know if anybody sees anything I¹ve missed. > > · Just to be clear for the record: the attached is a revised > Disclosure Framework that illustrates and attempts to account for all of > the proposed edits that we received from the public comments, for the > larger Working Group¹s reference. But it is not how I would have edited > the Disclosure Framework. In fact, I¹ll reserve the right to argue > against some of these proposed edits, once we get into the larger WG > discussion. Just wanted to make that clear so that nobody thinks these > edits are mine (since I¹m the one who drafted the document). > > > > Thanks. > > > > Todd. > > > > From:gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong > Sent: Wednesday, September 02, 2015 6:59 AM > To: gnso-ppsai3@icann.org > Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration > > > > Hello again everyone, > > > > As you look through the proposed revised summary document (below), you > may also wish to consider whether some of the additional comments that > were included in Part 4 of the overall WG Public Comment Review Tool > might be useful such that additional notes or recommendations can be > made, or existing language amended. For your convenience I¹ve extracted > ten such comments which, while not sent in as specific responses to the > Preliminary Recommendations and Annex E that this Sub Team is analysing, > nonetheless seem relevant generally. > > > > I attach these ten comments in tabular form to this email, and welcome > the Sub Team¹s discussion and comments on whether any of them ought to > be considered as well as your thoughts on the summary document. > > > > As the Sub Team is due to report back to the full WG next Tuesday, > please let me know also if you think a call before then amongst the Sub > Team members might be needed. > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > From: Mary Wong <mary.wong@icann.org> > Date: Monday, August 31, 2015 at 15:46 > To: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hello everyone, in an attempt to facilitate further dialogue and, > hopefully, consensus on a way forward on this issue, I¹ve taken the > liberty of amending Kathy¹s document to take into account Holly¹s > comments as well as to attempt to place certain comments (e.g. the > ICA¹s, EasyDNS¹) more specifically within a particular category. I > attach both a redlined and clean copy of this latest updated version > (with the clean copy including yellow highlighted portions where the > most significant language changes are suggested). I have not yet broken > the comments down further into the registrant/provider distinction that > Todd noted, but can of course do so if this is viewed as useful. > > > > Please note that this is not a staff position that is being suggested, > but merely an attempt to document where the Sub Team¹s discussion seems > to be at the moment. I hope this is helpful. > > > > Cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" > <Todd.Williams@turner.com> > Date: Friday, August 28, 2015 at 22:40 > To: Kathy Kleiman <kathy@kathykleiman.com>, "gnso-ppsai3@icann.org" > <gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Thanks Kathy. I both agree and disagree with what you¹ve said below. > > > > I strongly agree that ³the key is the quotes that have come out of the > comments.² I¹ve said repeatedly that our job as a sub-team is not to > advocate, but to simply present the comments to the WG in as accurate > and objective a way as possible. To the extent that we then want to > advocate for our own positions as part of the larger WG, we can do so. > Moreover, part of the reason why I feel so strongly that ³the key is the > quotes² is that I think we have to take the comments at face value, and > then debate as WG whether we can reach consensus on what they actually > say not on what we want them to say. That¹s why I felt so strongly > that ³verifiable evidence² should not be reinterpreted to mean a court > order. It is also what animated my email exchange with Stephanie in the > larger WG (attached). > > > > And if we are in fact faithful to what the comments actually say, then > it is a mistake to lump all of the ³court order² comments into one > monolithic group. I¹ve given some examples of substantive differences > below. But let me give another one: if we look at what they actually > say, the ³court order² comments are very much divided based on whether > the comment came from an individual registrant or from a > registrar/provider. Which of course makes sense: a registrant will tend > to look at these issues very differently than a provider. Specifically, > as you correctly note in our draft, the vast majority of comments > (11,000+) from individuals/registrants said that ³Everyone deserves the > right to privacy² and that ³No one¹s personal information should be > revealed without a court order, regardless of whether the request comes > from a private individual or law enforcement agency.² And of course, we > can understand why registrants would argue that their right to privacy > is inviolate, and that it should never be abrogated unless a court > blesses it. > > > > But note that the registrar/provider comments in the ³court order² group > do NOT say the same thing. Rather, they are focused on retaining their > discretion as to when to disclose or publish, and do not want an > accreditation standard that requires them to do so absent a court order. > Hence my point about the word ³require² in the Blacknight comment. See > also the Key Systems comment: ³Disclosure or publication should never be > the automatic result of a process, but rather remain an option of the > provider.² And others. So one key distinction b/w the > registrant/individual comments and the registrar/provider comments is > that the registrant comments do not want disclosure or publication EVER > unless following a court order, while the provider comments want a court > order first if SOMEBODY ELSE wants them to disclose or publish, but not > if THEY want to disclose or publish. And we can understand why, given > how many provider Terms of Service include language that gives them > discretion to basically turn off a P/P Service whenever they want (for > example, if the registrant stops paying them), without any kind of > process beforehand (due process or otherwise). See below (among many > others): > > > > · Blacknight: https://www.blacknight.com/acceptable-usage.html. > > · Whoisprivacy.com <http://whoisprivacy.com/> , Ltd.: > http://www.whoisprivacyservices.com.au/terms.htm. > > · EuroDNS S.A.: > https://www.eurodns.com/terms-and-conditions/whois-privacy. > > · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. > > · Domain.com <http://domain.com/> , LLC: > http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. > > · DomainIt, Inc.: https://www.domainit.com/terms.html. > > · Moniker Privacy Services, LLC: > http://www.moniker.com/legal/registration-agreement. > > > > So we can understand why providers would not want an accreditation > regime that requires them to get a court order before they turn off a > registrant¹s privacy service (and to rewrite their Terms of Service > accordingly). In fact, Volker has already admitted both on the email > list (see attached) and on our weekly calls (see transcript of 8-11-15 > call) that such an accreditation requirement would have such a ³severe > impact² on the economic realities of providers (in other words, would > cost them so much money), that they could never agree to such a > requirement. But of course, if I¹m an individual registrant concerned > about my privacy and due process, then I could care less about the > ³economic realities² of providers. > > > > My point is only that we can¹t gloss over that important distinction > (and others) by lumping all of the ³court order² comments together as if > they were coming from the same place and advocating for the same thing. > They¹re not. > > > > From: Kathy Kleiman [mailto:kathy@kathykleiman.com] > Sent: Friday, August 28, 2015 8:44 AM > To: Williams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi Todd, > The entire WG is now looking to our comments to show what supports Annex > E (deemed generally to be a lower standard than court order) and Court > Order (deemed to be a much higher standard than Annex E). What we are > talking about is the floor, not the ceiling, right, for accreditation? > Namely, what is the minimum requirement for disclosure of proxied data? > I see it as really quite binary - up or down (Annex E or court order for > private requests to p/p providers) - but I can understand if the subteam > thinks differently. > > What I think is key is the quotes that have come out of the comments. > Provided we keep the quotes, I'm good.I can rework, but not until end of > weekend or early next week. > > Best, > Kathy > : > > Thanks Kathy. > > > > · When you say that ³in the weeks since the original draft, I > think the discussion has evolved from a multipart one . . . to a binary > one² what are you basing that on? Can you point to any transcripts or > emails? I certainly don¹t remember being part of those discussions. > > · Moreover, had I been involved in those discussions, I would have > objected, because I think that lumping the comments together in the way > that you have, and ignoring the categories that our sub-team had already > agreed upon, does a disservice to the nuance of the comments from > Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a > court. I think that is an important distinction between Categories 2 > and 3. And the fact that the ICA and EasyDNS comments would allow for > ³some exceptions for cases of abuse² is another important distinction > that the broader WG ought to know about. I¹m fine if we want to include > some sort of introductory sentence saying that __ comments opposed the > basic premise of Annex E (which we do). But to then argue that those > comments are monolithic, or that they all oppose the premise of Annex E > in the same way, is not accurate. > > · I simply understood the ISPCP comment to mean that allegations > of infringement should not always be automatically taken as true (³not > indisputably wronged parties²), and that some independent adjudicator > (meaning, somebody other than the IP owner who is making the allegation) > should evaluate the merits of those claims. Annex E as currently > drafted provides for that. But I also don¹t think that you or I should > necessarily be the ones to decide this argument. Why can¹t we just say > that we weren¹t quite sure what to do with this one (as was true with > some others), and take it to the larger WG for their consideration. > > · I think you¹re missing my point on Blacknight. My point is that > the key word is ³require.² As I mentioned below, nothing in Annex E > ³requires² Blacknight to disclose (merely to give reasons if they refuse > to disclose). So I don¹t see anything in their comment that is > inconsistent with Annex E. > > · On the APC comment: I don¹t disagree with you that the comment > has important value for the WG. But that¹s not the same thing as saying > that it advocates for disclosure only following a court order. It > doesn¹t. > > > > From: Kathy Kleiman [mailto:kathy@kathykleiman.com] > Sent: Wednesday, August 26, 2015 10:59 PM > To: Williams, Todd <Todd.Williams@turner.com> > <mailto:Todd.Williams@turner.com> ; gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi Todd, > Tx you for the close read. In the weeks since the original draft, I > think the discussion has evolved from a multipart one - such as the 5 > categories originally created in Section III -- to a more binary one: do > commenters support a system such as Annex E or do they want court order > prior to the reveal of the data? > > With apologies, I don't understand the differentiation into Categories > 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and > others not, but that does not take away from the totality of the > commenters who want court orders -- or want court orders for certain > categories of requests such as privacy requests to p/p providers from > third parties, such as intellectual property requests. To divide up > these comments really dilutes the argument, I think, as these commenters > favor court order for the key issue we are evaluating. > > So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy > DNS together in Category 2. > > The ISPCP Constituency Comments call for an "independent adjudicator" to > "determine the merits of their ("intellectual property rights holders") > claims. I thought that was pretty clear reference to a judge or > magistrate, but if you see it differently, please let me know. > > Re Blacknight, on the issue of Annex E or court order, the comments > appear to come down squarely for court orders. For LEA, it recommends a > different approach, but there is no reference to Annex E, only "a > request from law enforcement, Irish consumer protection agencies or a > court order with jurisdiction over us." The intellectual property > requests falls into the final category -- court order -- and as such, > this comment would be properly listed here. > > Re: APC, Alliance for Progressive Communications, you are right that I > missed a step in putting this comment forward. The question this quote > addresses, and it is a valuable one, is court orders and jurisdiction -- > from which jurisdiction are court orders are valid? Here APC provides > us with unique insight, very worth passing onto the WG: that release of > domain name data in some countries has and will continue to result in > arrest, prosecution, conviction, etc. of "domain owners" who are > "exercising activism" online. This is a very tough issue that we > discussed in the WG, and APC is on the ground in Africa and near the > Middle East to see abuses first hand. > > As the WG explores the issue of court orders, the next question is: from > what jurisdiction should/must p/p provider accept a court order? The APC > comment reminds us that what is clearly legal in one country is > punishable in another -- and that jurisdictional issues for court orders > are a key part of what we (the WG) have to keep in mind. If you would > like to create a introductory paragraph, or new section, for this type > of discussion, I would certainly welcome it! > > Best, > Kathy > : > > Thanks Kathy. One minor formatting suggestion: > > > > I think the spectrum that we outline on page 5 (Categories 1-4) is > useful, because not all of these comments are advocating for the same > thing. Yet the quotes that we¹ve added from the comments are all > included under Category 2, which is somewhat confusing. I would suggest > that we move: > > > > · The quotes from the comments from Google, Endurance > International Group, and Jeff Wheelhouse to the paragraph on Category 3. > > · The quotes from the comments from ICA and Easy DNS to the > paragraph on Category 4. > > > > Also, I saw that you added quotes from the comments from ISPCPC, > Blacknight, and the Association for Progressive Communications, even > though those weren¹t in our initial summary and don¹t specifically > mention Annex E. My thoughts on each: > > > > · Here¹s the full ISPCPC quote, from a section titled ³Regarding > LEA definitions & differentiations²: ³While we respect the desire to > utilize the official ICANN definition of Law Enforcement Agent (LEA), we > acknowledge that intellectual property rights holders and private anti > abuse organizations should be treated as complainants and not > indisputably wronged parties, and accordingly an independent adjudicator > should determine the merits of their claim before rights that users > would otherwise have are abrogated by reason of those lawyers' claims.² > To be honest, I¹m not really sure what to make of that (especially given > that it is included under a heading about LEA definitions). But I¹m not > sure that we can assume that it means disclosure only following a court > order. Why would Annex E as currently drafted not satisfy the standard > of ³an independent adjudicator should determine the merits of their > claim²? > > · I also don¹t understand why we would think that the Blacknight > quote is incompatible with Annex E. All it says is that ³any policy > that would require us to divulge our client¹s information in the absence > of either a request from law enforcement, Irish consumer protection > agencies or a court order with jurisdiction over us is incompatible with > Irish law.² But Annex E as currently drafted doesn¹t require Blacknight > to divulge its client¹s information. Rather, it gives Blacknight the > discretion to make that decision; all it requires is that Blacknight > provide the complainant with its reasoning if it chooses to refuse. > > · I don¹t understand why we¹d include a quote from the APC comment > in this section, given that it does not mention Annex E, and that it > expressly endorsed the NCSG comment (see: > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i > 9.pdf), which we analyze in the previous section that supports the > premise of Annex E. > > > > From:gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman > Sent: Wednesday, August 26, 2015 5:17 PM > To: gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi All, > Tx to Darcy for the Overview work. I've taken her draft and added to it > my work on Section III as promised on the last call. I added more quotes > from commenters seeking court orders and the use of existing legal due > process mechanisms prior to disclosure of proxied data. There was a wide > array of comments on this issue, including from ISPs, individuals, > organizations, and companies. > > I used Darcy's version as the base. Both her edits (Overview) and my > edits (Section III) are shown in "track changes." > > Best, > Kathy > > : > > Hi, all! > > In follow up to our call earlier this week, attached is an updated > Sub-team 3 analysis draft with the overview added at the beginning. I > redlined my changes so you can clearly see what I¹ve done. I hope you > find that I present a clear and accurate overview. > > > > I also made some minor revisions to Section V (³Comments that did not > fit neatly into any of the above categories²) that I realized after > submitting my original draft of that section made a bit more sense. > Again, I¹ve redlined the changes so you can easily see what changed. > > > > Please let me know if there are any questions. > > > > Thanks, > > Darcy > > > > > > > > > > > > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > > > > > <Revised Illustrative Disclosure Framework for Intellectual Property > Righ...[2][1].docx>_______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-ppsai3 >
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Thanks Darcy. On your second question I think the answer is yes: if that is the option that the WG selects (of the two), I think that is how it would work. From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Thursday, October 29, 2015 9:39 AM To: Williams, Todd <Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Thanks, Todd. For I(B), my preference is we use "Nothing in this document prevents a Provider from...." Regarding your last bullet, if the Requester refuses to include the consent in its Request, is the Provider allowed to refuse to process the Request? This consent requirement isn't included in the rest of the Annex. Thanks, Darcy From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Thursday, October 29, 2015 at 9:31 AM To: Darcy Southwell <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>>, Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Great, thanks Darcy. My thoughts on your points, in order: · Aren't Providers by definition accredited: good point; good change. · Automation: no, that language has always applied to everybody involved. · Choice of language to begin I(B): good point, we should pick one. I don't have a preference. Does anybody else? · On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester? I think the way it would work would be that the Requester, as part of what it submits under Section II, would also include in its submission an agreement to be bound by jurisdiction at the seat of the Provider. Then, if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information). Thanks! Todd. From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Wednesday, October 28, 2015 6:35 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Todd, Thanks for taking the time to make the edits that follow upon our F2F discussion. I've added a few edits and comments in the attached document. Best, Darcy From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Wednesday, October 28, 2015 at 2:58 PM To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hope everybody enjoyed the rest of their time in Dublin. I've attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Sunday, October 04, 2015 2:31 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday. Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data? This is a huge open issues. Ideas welcome! Kathy -------- Forwarded Message -------- Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Date: Fri, 2 Oct 2015 21:35:30 +0000 From: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com> To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> All: Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I've flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference: · The language "comply with all applicable data protection laws while retaining Customer's contact details and" was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b). · The language "using secure communication channels" was added back to III(B)(i). As I told Kathy: I don't have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it. · On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed "a reasonable basis for" to "a basis for reasonably" in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made. · For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, "which all Providers must either allow or be allowed to allow." So that is what you see there. · We moved III(C)(vi) back to its own section - in the draft yesterday it had been collapsed into III(C)(v). · We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn't add any language per se - just added a note in the comment highlighting that point. Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend. Todd. From: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'Kathy Kleiman' <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary's latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you'd like. From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I'm even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG's Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don't understand your claim from your email yesterday (attached) that "I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form." From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team's work that you think "raises the standard for denial" in the manner that you've identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. · Annex One keep both options: agree. See Transcript at 26-27. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: · I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. · You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: · Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? · I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hi All, This is my first of two emails. I want to respond to the issues raised below. Then for clarity I'll introduce a new issue - and some suggested wording - in the next email. Basically, I'm find with Darcy's choice of options in I(B). Best, Kathy On 10/29/2015 9:51 AM, Williams, Todd wrote:
Thanks Darcy. On your second question I think the answer is yes: if that is the option that the WG selects (of the two), I think that is how it would work.
*From:*Darcy Southwell [mailto:darcy.southwell@endurance.com] *Sent:* Thursday, October 29, 2015 9:39 AM *To:* Williams, Todd <Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com>; gnso-ppsai3@icann.org *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Thanks, Todd.
For I(B), my preference is we use “Nothing in this document prevents a Provider from….”
Regarding your last bullet, if the Requester refuses to include the consent in its Request, is the Provider allowed to refuse to process the Request? This consent requirement isn’t included in the rest of the Annex.
Thanks,
Darcy
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Thursday, October 29, 2015 at 9:31 AM *To: *Darcy Southwell <darcy.southwell@endurance.com <mailto:darcy.southwell@endurance.com>>, Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Great, thanks Darcy. My thoughts on your points, in order:
·Aren’t Providers by definition accredited: good point; good change.
·Automation: no, that language has always applied to everybody involved.
·Choice of language to begin I(B): good point, we should pick one. I don’t have a preference. Does anybody else?
·On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester? I think the way it would work would be that the Requester, as part of what it submits under Section II, would also include in its submission an agreement to be bound by jurisdiction at the seat of the Provider. Then, if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information).
Thanks!
Todd.
*From:*Darcy Southwell [mailto:darcy.southwell@endurance.com] *Sent:* Wednesday, October 28, 2015 6:35 PM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Todd,
Thanks for taking the time to make the edits that follow upon our F2F discussion. I’ve added a few edits and comments in the attached document.
Best,
Darcy
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Wednesday, October 28, 2015 at 2:58 PM *To: *Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hope everybody enjoyed the rest of their time in Dublin. I’ve attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Sunday, October 04, 2015 2:31 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday.
Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data?
This is a huge open issues. Ideas welcome! Kathy
-------- Forwarded Message --------
*Subject: *
RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
*Date: *
Fri, 2 Oct 2015 21:35:30 +0000
*From: *
Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>
*To: *
Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org>
All:
Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I’ve flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference:
·The language “comply with all applicable data protection laws while retaining Customer’s contact details and” was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b).
·The language “using secure communication channels” was added back to III(B)(i). As I told Kathy: I don’t have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it.
·On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed “a reasonable basis for” to “a basis for reasonably” in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made.
·For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, “which all Providers must either allow or be allowed to allow.” So that is what you see there.
·We moved III(C)(vi) back to its own section – in the draft yesterday it had been collapsed into III(C)(v).
·We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn’t add any language /per se/ – just added a note in the comment highlighting that point.
Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend.
Todd.
*From:*Williams, Todd *Sent:* Thursday, October 01, 2015 5:52 PM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Per Mary’s latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you’d like.
*From:*Williams, Todd *Sent:* Tuesday, September 29, 2015 11:42 AM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I’m even more confused.
As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG’s Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did _not_ specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don’t understand your claim from your email yesterday (attached) that “I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form.”
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:54 AM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Hi Todd, Looking forward to seeing you on the call! Kathy
On 9/29/2015 9:46 AM, Williams, Todd wrote:
Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team’s work that you think “raises the standard for denial” in the manner that you’ve identified?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:41 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts.
Best, Kathy
On 9/29/2015 9:16 AM, Williams, Todd wrote:
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…...
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Williams, Todd *Sent:* Monday, September 28, 2015 3:47 PM *To:* Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Can I ask what edits to III(C) you’re concerned about?
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Monday, September 28, 2015 2:09 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions *Importance:* High
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. *
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it. +1*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. *
* Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). *
*According to comments received, we should *
* a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments],*
*b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here]*
*c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, *
*d) create a penalty sufficiently severe to deter violations (perhaps a bond). *
**
*/The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. /*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree. *
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree Sorry, but I don’t see how using the word encouraged nullifies Section B. *
* - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** *
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. *
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. *
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Friday, September 25, 2015 at 23:52 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red* below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
· The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
· I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
· You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
· Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight:https://www.blacknight.com/acceptable-usage.html.
· Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
· EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
· 1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
· Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
· DomainIt, Inc.:https://www.domainit.com/terms.html.
· Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
· Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
· I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
· I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
· On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
· The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
· I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
· I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>
Hi All, This is email #2. It has my proposed edits to Annex 1, Option 2. (Quick note: that like others, I have a lot of questions about Option 1 and agree that we need to discuss it with the WG.) But Option 2 is a pure jurisdiction clause, which is fine. I don't think that Providers have to do anything other than ensure that the right language is included in the filled-out materials (the Templates) that the Provider submits. In terms of use of Option 2, I agree with Todd's interpretation: "if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information)." But what is the "seat of the Provider?" I am not sure exactly what that means, so I looked up similar language [Registrants have to agree to waiver jurisdiction to the location of the Registrars] and added it to our draft Annex E. I also responded to Darcy's comments with what I hope are responsive thoughts. Plus a new issue - a bit of a wrinkle on the question of court cases... Annex E edited attached -- all of my edits/comments/etc are at the very end - last page, Annex 1, Option 2. Best regards, Kathy p.s. if you have any trouble reading this file, please let me know (if may be my word processor) On 10/29/2015 9:51 AM, Williams, Todd wrote:
Thanks Darcy. On your second question I think the answer is yes: if that is the option that the WG selects (of the two), I think that is how it would work.
*From:*Darcy Southwell [mailto:darcy.southwell@endurance.com] *Sent:* Thursday, October 29, 2015 9:39 AM *To:* Williams, Todd <Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com>; gnso-ppsai3@icann.org *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Thanks, Todd.
For I(B), my preference is we use “Nothing in this document prevents a Provider from….”
Regarding your last bullet, if the Requester refuses to include the consent in its Request, is the Provider allowed to refuse to process the Request? This consent requirement isn’t included in the rest of the Annex.
Thanks,
Darcy
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Thursday, October 29, 2015 at 9:31 AM *To: *Darcy Southwell <darcy.southwell@endurance.com <mailto:darcy.southwell@endurance.com>>, Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Great, thanks Darcy. My thoughts on your points, in order:
·Aren’t Providers by definition accredited: good point; good change.
·Automation: no, that language has always applied to everybody involved.
·Choice of language to begin I(B): good point, we should pick one. I don’t have a preference. Does anybody else?
·On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester?
Thanks!
Todd.
*From:*Darcy Southwell [mailto:darcy.southwell@endurance.com] *Sent:* Wednesday, October 28, 2015 6:35 PM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Todd,
Thanks for taking the time to make the edits that follow upon our F2F discussion. I’ve added a few edits and comments in the attached document.
Best,
Darcy
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Wednesday, October 28, 2015 at 2:58 PM *To: *Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hope everybody enjoyed the rest of their time in Dublin. I’ve attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Sunday, October 04, 2015 2:31 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday.
Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data?
This is a huge open issues. Ideas welcome! Kathy
-------- Forwarded Message --------
*Subject: *
RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
*Date: *
Fri, 2 Oct 2015 21:35:30 +0000
*From: *
Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>
*To: *
Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org>
All:
Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I’ve flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference:
·The language “comply with all applicable data protection laws while retaining Customer’s contact details and” was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b).
·The language “using secure communication channels” was added back to III(B)(i). As I told Kathy: I don’t have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it.
·On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed “a reasonable basis for” to “a basis for reasonably” in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made.
·For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, “which all Providers must either allow or be allowed to allow.” So that is what you see there.
·We moved III(C)(vi) back to its own section – in the draft yesterday it had been collapsed into III(C)(v).
·We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn’t add any language /per se/ – just added a note in the comment highlighting that point.
Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend.
Todd.
*From:*Williams, Todd *Sent:* Thursday, October 01, 2015 5:52 PM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Per Mary’s latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you’d like.
*From:*Williams, Todd *Sent:* Tuesday, September 29, 2015 11:42 AM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I’m even more confused.
As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG’s Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did _not_ specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don’t understand your claim from your email yesterday (attached) that “I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form.”
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:54 AM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Hi Todd, Looking forward to seeing you on the call! Kathy
On 9/29/2015 9:46 AM, Williams, Todd wrote:
Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team’s work that you think “raises the standard for denial” in the manner that you’ve identified?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:41 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts.
Best, Kathy
On 9/29/2015 9:16 AM, Williams, Todd wrote:
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…...
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Williams, Todd *Sent:* Monday, September 28, 2015 3:47 PM *To:* Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Can I ask what edits to III(C) you’re concerned about?
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Monday, September 28, 2015 2:09 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions *Importance:* High
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. *
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it. +1*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. *
* Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). *
*According to comments received, we should *
* a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments],*
*b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here]*
*c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, *
*d) create a penalty sufficiently severe to deter violations (perhaps a bond). *
**
*/The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. /*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree. *
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree Sorry, but I don’t see how using the word encouraged nullifies Section B. *
* - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** *
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. *
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. *
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Friday, September 25, 2015 at 23:52 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red* below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
· The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
· I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
· You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
· Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight:https://www.blacknight.com/acceptable-usage.html.
· Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
· EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
· 1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
· Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
· DomainIt, Inc.:https://www.domainit.com/terms.html.
· Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
· Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
· I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
· I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
· On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
· The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
· I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
· I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>
Thanks Kathy, Darcy, all. My quick thoughts on Kathy's points: · If we like the GoDaddy go-by language for clarification, that's fine. · I don't think we need to discuss suggested damages, and frankly don't see how we could even if we wanted to. All we're doing is drafting accreditation standards for P/P Providers. If we want to suggest as a policy that they include some sort of jurisdictional clause in their Terms, or in their Disclosure Frameworks, then OK. But to then go one step further and tell a Court in that jurisdiction (wherever it may be) what they can or can't award - either in terms of damages, or in terms of injunctive relief - seems quite beyond our remit. Moreover, how many different types of claims might a wronged Customer may have in such a situation? Presumably many, depending on the facts of a given case. I don't see how we could prospectively say what the damages should be for each of those different claims if we don't know what they will be. · Similarly, I don't understand how or what we'd have to say in this document on Kathy's last point about a Customer taking it's Provider to court before a disclosure takes place. Presumably Customers can take their Providers to court for many reasons (and vice versa), based on the terms outlined in their contracts. I'm not sure how that's related to the P/P Provider's accreditation. Bottom line: I don't think there is anything more granular that needs to be done on Option 2 (especially at this juncture, and especially if it's only one of two options that we end up recommending in our Final Report). As I mentioned in my 10-28 email below, I think Steve and Graeme were wanting us to circulate something today, before the call tomorrow. What do we as a sub-team think about where the document is now? OK to circulate? Should we circulate the whole thing? If so, should we highlight for the broader WG that the post-Dublin changes are limited to: 1) Darcy's language changes to the "Preamble" and to I(B); 2) Section III, which includes all of the changes that were discussed in our F2F in Dublin (business days, new III(C)(vii), etc.); and 3) the Annex to the Annex? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, October 30, 2015 12:13 PM To: Williams, Todd <Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hi All, This is email #2. It has my proposed edits to Annex 1, Option 2. (Quick note: that like others, I have a lot of questions about Option 1 and agree that we need to discuss it with the WG.) But Option 2 is a pure jurisdiction clause, which is fine. I don't think that Providers have to do anything other than ensure that the right language is included in the filled-out materials (the Templates) that the Provider submits. In terms of use of Option 2, I agree with Todd's interpretation: "if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information)." But what is the "seat of the Provider?" I am not sure exactly what that means, so I looked up similar language [Registrants have to agree to waiver jurisdiction to the location of the Registrars] and added it to our draft Annex E. I also responded to Darcy's comments with what I hope are responsive thoughts. Plus a new issue - a bit of a wrinkle on the question of court cases... Annex E edited attached -- all of my edits/comments/etc are at the very end - last page, Annex 1, Option 2. Best regards, Kathy p.s. if you have any trouble reading this file, please let me know (if may be my word processor) On 10/29/2015 9:51 AM, Williams, Todd wrote: Thanks Darcy. On your second question I think the answer is yes: if that is the option that the WG selects (of the two), I think that is how it would work. From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Thursday, October 29, 2015 9:39 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Thanks, Todd. For I(B), my preference is we use "Nothing in this document prevents a Provider from...." Regarding your last bullet, if the Requester refuses to include the consent in its Request, is the Provider allowed to refuse to process the Request? This consent requirement isn't included in the rest of the Annex. Thanks, Darcy From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Thursday, October 29, 2015 at 9:31 AM To: Darcy Southwell <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>>, Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Great, thanks Darcy. My thoughts on your points, in order: · Aren't Providers by definition accredited: good point; good change. · Automation: no, that language has always applied to everybody involved. · Choice of language to begin I(B): good point, we should pick one. I don't have a preference. Does anybody else? · On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester? Thanks! Todd. From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Wednesday, October 28, 2015 6:35 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Todd, Thanks for taking the time to make the edits that follow upon our F2F discussion. I've added a few edits and comments in the attached document. Best, Darcy From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Wednesday, October 28, 2015 at 2:58 PM To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hope everybody enjoyed the rest of their time in Dublin. I've attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Sunday, October 04, 2015 2:31 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday. Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data? This is a huge open issues. Ideas welcome! Kathy -------- Forwarded Message -------- Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Date: Fri, 2 Oct 2015 21:35:30 +0000 From: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com> To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> All: Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I've flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference: · The language "comply with all applicable data protection laws while retaining Customer's contact details and" was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b). · The language "using secure communication channels" was added back to III(B)(i). As I told Kathy: I don't have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it. · On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed "a reasonable basis for" to "a basis for reasonably" in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made. · For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, "which all Providers must either allow or be allowed to allow." So that is what you see there. · We moved III(C)(vi) back to its own section - in the draft yesterday it had been collapsed into III(C)(v). · We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn't add any language per se - just added a note in the comment highlighting that point. Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend. Todd. From: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'Kathy Kleiman' <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary's latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you'd like. From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I'm even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG's Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don't understand your claim from your email yesterday (attached) that "I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form." From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team's work that you think "raises the standard for denial" in the manner that you've identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. · Annex One keep both options: agree. See Transcript at 26-27. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: · I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. · You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: · Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? · I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hi All, We have devoted so much work to the main sections of Annex E that it is right that we devote the same fine style to Annex 1. Annex 1 is still in its original form, I think, and ripe for the type of clarity we brought to other sections. Attached is a slightly streamlined version of the draft I circulated on Friday. Overall, I recommend that we: a. Jettison Annex 1, Option 1. I don't think we can refer something to arbitration when there is no arbitration mechanism for it. Creation of arbitration system could be a whole new avenue of their own. I don't think we are providing any policy direction for it. b. Update Annex 1, Option 2 with small but key changes. I have no idea what the "seat of the Provider" is, do you? I can guess, so I drafted it with more standard language that I think will help everyone down the line with implementation. c. Interim avenues -- yes, if I file a motion to quash in my local court, like the UDRP, I think the proceeding before the Provider should be suspended until the Court rules. It's completely consistent with how we handle the UDRP (WIPO stops processing), and it will avoid any question of who or what takes priority. I doubt it will be used very often, but since Motions to Quash are standard in the other areas, they are likely to be used here as well. Basically a few key clean-ups, clarifications, and revisions, and I think we have scrubbed Annex 1 nice and clean! Edited document, V.2 based on this discussion, attached. Best, Kathy On 11/2/2015 10:04 AM, Williams, Todd wrote:
Thanks Kathy, Darcy, all. My quick thoughts on Kathy’s points:
·If we like the GoDaddy go-by language for clarification, that’s fine.
·I don’t think we need to discuss suggested damages, and frankly don’t see how we could even if we wanted to. All we’re doing is drafting accreditation standards for P/P Providers. If we want to suggest as a policy that they include some sort of jurisdictional clause in their Terms, or in their Disclosure Frameworks, then OK. But to then go one step further and tell a Court in that jurisdiction (wherever it may be) what they can or can’t award – either in terms of damages, or in terms of injunctive relief – seems quite beyond our remit. Moreover, how many different types of claims might a wronged Customer may have in such a situation? Presumably many, depending on the facts of a given case. I don’t see how we could prospectively say what the damages should be for each of those different claims if we don’t know what they will be.
·Similarly, I don’t understand how or what we’d have to say in this document on Kathy’s last point about a Customer taking it’s Provider to court before a disclosure takes place. Presumably Customers can take their Providers to court for many reasons (and vice versa), based on the terms outlined in their contracts. I’m not sure how that’s related to the P/P Provider’s accreditation. Bottom line: I don’t think there is anything more granular that needs to be done on Option 2 (especially at this juncture, and especially if it’s only one of two options that we end up recommending in our Final Report).
As I mentioned in my 10-28 email below, I think Steve and Graeme were wanting us to circulate something today, before the call tomorrow. What do we as a sub-team think about where the document is now? OK to circulate? Should we circulate the whole thing? If so, should we highlight for the broader WG that the post-Dublin changes are limited to: 1) Darcy’s language changes to the “Preamble” and to I(B); 2) Section III, which includes all of the changes that were discussed in our F2F in Dublin (business days, new III(C)(vii), etc.); and 3) the Annex to the Annex?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Friday, October 30, 2015 12:13 PM *To:* Williams, Todd <Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com>; gnso-ppsai3@icann.org *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This is email #2. It has my proposed edits to Annex 1, Option 2. (Quick note: that like others, I have a lot of questions about Option 1 and agree that we need to discuss it with the WG.)
But Option 2 is a pure jurisdiction clause, which is fine. I don't think that Providers have to do anything other than ensure that the right language is included in the filled-out materials (the Templates) that the Provider submits.
In terms of use of Option 2, I agree with Todd's interpretation: "if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information)."
But what is the "seat of the Provider?" I am not sure exactly what that means, so I looked up similar language [Registrants have to agree to waiver jurisdiction to the location of the Registrars] and added it to our draft Annex E. I also responded to Darcy's comments with what I hope are responsive thoughts. Plus a new issue - a bit of a wrinkle on the question of court cases...
Annex E edited attached -- all of my edits/comments/etc are at the very end - last page, Annex 1, Option 2.
Best regards, Kathy p.s. if you have any trouble reading this file, please let me know (if may be my word processor)
On 10/29/2015 9:51 AM, Williams, Todd wrote:
Thanks Darcy. On your second question I think the answer is yes: if that is the option that the WG selects (of the two), I think that is how it would work.
*From:*Darcy Southwell [mailto:darcy.southwell@endurance.com] *Sent:* Thursday, October 29, 2015 9:39 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Thanks, Todd.
For I(B), my preference is we use “Nothing in this document prevents a Provider from….”
Regarding your last bullet, if the Requester refuses to include the consent in its Request, is the Provider allowed to refuse to process the Request? This consent requirement isn’t included in the rest of the Annex.
Thanks,
Darcy
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Thursday, October 29, 2015 at 9:31 AM *To: *Darcy Southwell <darcy.southwell@endurance.com <mailto:darcy.southwell@endurance.com>>, Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Great, thanks Darcy. My thoughts on your points, in order:
·Aren’t Providers by definition accredited: good point; good change.
·Automation: no, that language has always applied to everybody involved.
·Choice of language to begin I(B): good point, we should pick one. I don’t have a preference. Does anybody else?
·On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester?
Thanks!
Todd.
*From:*Darcy Southwell [mailto:darcy.southwell@endurance.com] *Sent:* Wednesday, October 28, 2015 6:35 PM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Todd,
Thanks for taking the time to make the edits that follow upon our F2F discussion. I’ve added a few edits and comments in the attached document.
Best,
Darcy
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Wednesday, October 28, 2015 at 2:58 PM *To: *Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hope everybody enjoyed the rest of their time in Dublin. I’ve attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Sunday, October 04, 2015 2:31 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday.
Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data?
This is a huge open issues. Ideas welcome! Kathy
-------- Forwarded Message --------
*Subject: *
RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
*Date: *
Fri, 2 Oct 2015 21:35:30 +0000
*From: *
Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>
*To: *
Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org>
All:
Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I’ve flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference:
·The language “comply with all applicable data protection laws while retaining Customer’s contact details and” was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b).
·The language “using secure communication channels” was added back to III(B)(i). As I told Kathy: I don’t have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it.
·On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed “a reasonable basis for” to “a basis for reasonably” in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made.
·For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, “which all Providers must either allow or be allowed to allow.” So that is what you see there.
·We moved III(C)(vi) back to its own section – in the draft yesterday it had been collapsed into III(C)(v).
·We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn’t add any language /per se/ – just added a note in the comment highlighting that point.
Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend.
Todd.
*From:*Williams, Todd *Sent:* Thursday, October 01, 2015 5:52 PM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Per Mary’s latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you’d like.
*From:*Williams, Todd *Sent:* Tuesday, September 29, 2015 11:42 AM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I’m even more confused.
As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG’s Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did _not_ specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don’t understand your claim from your email yesterday (attached) that “I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form.”
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:54 AM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Hi Todd, Looking forward to seeing you on the call! Kathy
On 9/29/2015 9:46 AM, Williams, Todd wrote:
Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team’s work that you think “raises the standard for denial” in the manner that you’ve identified?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:41 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts.
Best, Kathy
On 9/29/2015 9:16 AM, Williams, Todd wrote:
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…...
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Williams, Todd *Sent:* Monday, September 28, 2015 3:47 PM *To:* Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Can I ask what edits to III(C) you’re concerned about?
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Monday, September 28, 2015 2:09 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions *Importance:* High
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. *
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it. +1*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. *
* Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). *
*According to comments received, we should *
* a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments],*
*b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here]*
*c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, *
*d) create a penalty sufficiently severe to deter violations (perhaps a bond). *
**
*/The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. /*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree. *
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree Sorry, but I don’t see how using the word encouraged nullifies Section B. *
* - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** *
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. *
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. *
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Friday, September 25, 2015 at 23:52 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red* below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
· The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
· I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
· You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
· Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight:https://www.blacknight.com/acceptable-usage.html.
· Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
· EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
· 1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
· Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
· DomainIt, Inc.:https://www.domainit.com/terms.html.
· Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
· Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
· I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
· I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
· On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
· The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
· I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
· I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>
Thanks Kathy. Couple thoughts: · I think it's fine if our sub-team wants to recommend to the larger WG that we choose Option Two over Option One (the same way that we've made other recommendations between two possible language alternatives). But just to be clear, I think it has to be couched that way: as our recommendation. I don't think we get to make the final decision to jettison one or the other, which can only be made by the WG. · I still don't understand the "Addition One" to Option Two. The whole Annex is about how to resolve two kinds of disputes: 1) disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided knowingly false statements; or 2) disputes arising from a Requester's knowing misuse of information disclosed to it in response to its request. That's what the language of III(G) refers to ("Two options for resolving disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided false information are outlined in Annex 1 below."). That's what the very title of the Annex refers to ("Two options for resolving disputes arising from disclosures made as a result of allegedly improper requests"). All of that assumes that the disclosure has already been made. But what you're referring to (I think) is a situation in which the disclosure has not yet been made, but the Customer thinks that the Provider is about to disclose, and somehow wants to challenge that decision. That's a totally different issue, and I just don't see any way to fit that square peg into this round hole. Moreover, it feels like what you are describing is a process for Customers to appeal their Provider's decision to disclose (before it has been implemented) by going to Court. But we had language in Section III(F) of the Disclosure Framework discussing that very issue (appeal), and intentionally took it out, for many reasons, most of which were based on points that had been raised in the public comments that we reviewed. I don't see why we would now reinsert it (or something like it) - especially in this Annex, which by its terms only deals with what happens after a disclosure has been made. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Monday, November 02, 2015 11:00 AM To: Williams, Todd <Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com>; gnso-ppsai3@icann.org Subject: Finishing the cleanup of Annex 1 Hi All, We have devoted so much work to the main sections of Annex E that it is right that we devote the same fine style to Annex 1. Annex 1 is still in its original form, I think, and ripe for the type of clarity we brought to other sections. Attached is a slightly streamlined version of the draft I circulated on Friday. Overall, I recommend that we: a. Jettison Annex 1, Option 1. I don't think we can refer something to arbitration when there is no arbitration mechanism for it. Creation of arbitration system could be a whole new avenue of their own. I don't think we are providing any policy direction for it. b. Update Annex 1, Option 2 with small but key changes. I have no idea what the "seat of the Provider" is, do you? I can guess, so I drafted it with more standard language that I think will help everyone down the line with implementation. c. Interim avenues -- yes, if I file a motion to quash in my local court, like the UDRP, I think the proceeding before the Provider should be suspended until the Court rules. It's completely consistent with how we handle the UDRP (WIPO stops processing), and it will avoid any question of who or what takes priority. I doubt it will be used very often, but since Motions to Quash are standard in the other areas, they are likely to be used here as well. Basically a few key clean-ups, clarifications, and revisions, and I think we have scrubbed Annex 1 nice and clean! Edited document, V.2 based on this discussion, attached. Best, Kathy On 11/2/2015 10:04 AM, Williams, Todd wrote: Thanks Kathy, Darcy, all. My quick thoughts on Kathy's points: · If we like the GoDaddy go-by language for clarification, that's fine. · I don't think we need to discuss suggested damages, and frankly don't see how we could even if we wanted to. All we're doing is drafting accreditation standards for P/P Providers. If we want to suggest as a policy that they include some sort of jurisdictional clause in their Terms, or in their Disclosure Frameworks, then OK. But to then go one step further and tell a Court in that jurisdiction (wherever it may be) what they can or can't award - either in terms of damages, or in terms of injunctive relief - seems quite beyond our remit. Moreover, how many different types of claims might a wronged Customer may have in such a situation? Presumably many, depending on the facts of a given case. I don't see how we could prospectively say what the damages should be for each of those different claims if we don't know what they will be. · Similarly, I don't understand how or what we'd have to say in this document on Kathy's last point about a Customer taking it's Provider to court before a disclosure takes place. Presumably Customers can take their Providers to court for many reasons (and vice versa), based on the terms outlined in their contracts. I'm not sure how that's related to the P/P Provider's accreditation. Bottom line: I don't think there is anything more granular that needs to be done on Option 2 (especially at this juncture, and especially if it's only one of two options that we end up recommending in our Final Report). As I mentioned in my 10-28 email below, I think Steve and Graeme were wanting us to circulate something today, before the call tomorrow. What do we as a sub-team think about where the document is now? OK to circulate? Should we circulate the whole thing? If so, should we highlight for the broader WG that the post-Dublin changes are limited to: 1) Darcy's language changes to the "Preamble" and to I(B); 2) Section III, which includes all of the changes that were discussed in our F2F in Dublin (business days, new III(C)(vii), etc.); and 3) the Annex to the Annex? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, October 30, 2015 12:13 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com><mailto:darcy.southwell@endurance.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hi All, This is email #2. It has my proposed edits to Annex 1, Option 2. (Quick note: that like others, I have a lot of questions about Option 1 and agree that we need to discuss it with the WG.) But Option 2 is a pure jurisdiction clause, which is fine. I don't think that Providers have to do anything other than ensure that the right language is included in the filled-out materials (the Templates) that the Provider submits. In terms of use of Option 2, I agree with Todd's interpretation: "if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information)." But what is the "seat of the Provider?" I am not sure exactly what that means, so I looked up similar language [Registrants have to agree to waiver jurisdiction to the location of the Registrars] and added it to our draft Annex E. I also responded to Darcy's comments with what I hope are responsive thoughts. Plus a new issue - a bit of a wrinkle on the question of court cases... Annex E edited attached -- all of my edits/comments/etc are at the very end - last page, Annex 1, Option 2. Best regards, Kathy p.s. if you have any trouble reading this file, please let me know (if may be my word processor) On 10/29/2015 9:51 AM, Williams, Todd wrote: Thanks Darcy. On your second question I think the answer is yes: if that is the option that the WG selects (of the two), I think that is how it would work. From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Thursday, October 29, 2015 9:39 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Thanks, Todd. For I(B), my preference is we use "Nothing in this document prevents a Provider from...." Regarding your last bullet, if the Requester refuses to include the consent in its Request, is the Provider allowed to refuse to process the Request? This consent requirement isn't included in the rest of the Annex. Thanks, Darcy From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Thursday, October 29, 2015 at 9:31 AM To: Darcy Southwell <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>>, Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Great, thanks Darcy. My thoughts on your points, in order: · Aren't Providers by definition accredited: good point; good change. · Automation: no, that language has always applied to everybody involved. · Choice of language to begin I(B): good point, we should pick one. I don't have a preference. Does anybody else? · On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester? Thanks! Todd. From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Wednesday, October 28, 2015 6:35 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Todd, Thanks for taking the time to make the edits that follow upon our F2F discussion. I've added a few edits and comments in the attached document. Best, Darcy From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Wednesday, October 28, 2015 at 2:58 PM To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hope everybody enjoyed the rest of their time in Dublin. I've attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Sunday, October 04, 2015 2:31 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday. Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data? This is a huge open issues. Ideas welcome! Kathy -------- Forwarded Message -------- Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Date: Fri, 2 Oct 2015 21:35:30 +0000 From: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com> To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> All: Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I've flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference: · The language "comply with all applicable data protection laws while retaining Customer's contact details and" was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b). · The language "using secure communication channels" was added back to III(B)(i). As I told Kathy: I don't have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it. · On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed "a reasonable basis for" to "a basis for reasonably" in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made. · For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, "which all Providers must either allow or be allowed to allow." So that is what you see there. · We moved III(C)(vi) back to its own section - in the draft yesterday it had been collapsed into III(C)(v). · We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn't add any language per se - just added a note in the comment highlighting that point. Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend. Todd. From: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'Kathy Kleiman' <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary's latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you'd like. From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I'm even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG's Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don't understand your claim from your email yesterday (attached) that "I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form." From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team's work that you think "raises the standard for denial" in the manner that you've identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. · Annex One keep both options: agree. See Transcript at 26-27. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: · I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. · You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: · Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? · I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hi Todd, I think you are right that certain things belong to the WG. I'll raise the issue of an interim court case as a question for the larger group -- and I'll revise our Annex E version to take out that issue. Then we will have something to circulate! Best, Kathy On 11/2/2015 11:38 AM, Williams, Todd wrote:
Thanks Kathy. Couple thoughts:
·I think it’s fine if our sub-team wants to recommend to the larger WG that we choose Option Two over Option One (the same way that we’ve made other recommendations between two possible language alternatives). But just to be clear, I think it has to be couched that way: as our recommendation. I don’t think we get to make the final decision to jettison one or the other, which can only be made by the WG.
·I still don’t understand the “Addition One” to Option Two. The whole Annex is about how to resolve two kinds of disputes: 1) disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided knowingly false statements; or 2) disputes arising from a Requester’s knowing misuse of information disclosed to it in response to its request. That’s what the language of III(G) refers to (“Two options for resolving disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided false information are outlined in Annex 1 below.”). That’s what the very title of the Annex refers to (“Two options for resolving disputes arising from disclosures made as a result of allegedly improper requests”). All of that assumes that the disclosure has _already_ been made. But what you’re referring to (I think) is a situation in which the disclosure has not _yet_ been made, but the Customer thinks that the Provider is _about_ to disclose, and somehow wants to challenge that decision. That’s a totally different issue, and I just don’t see any way to fit that square peg into this round hole. Moreover, it feels like what you are describing is a process for Customers to _appeal_ their Provider’s decision to disclose (before it has been implemented) by going to Court. But we had language in Section III(F) of the Disclosure Framework discussing that very issue (appeal), and intentionally took it out, for many reasons, most of which were based on points that had been raised in the public comments that we reviewed. I don’t see why we would now reinsert it (or something like it) – especially in this Annex, which by its terms only deals with what happens _after_ a disclosure has been made.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Monday, November 02, 2015 11:00 AM *To:* Williams, Todd <Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com>; gnso-ppsai3@icann.org *Subject:* Finishing the cleanup of Annex 1
Hi All, We have devoted so much work to the main sections of Annex E that it is right that we devote the same fine style to Annex 1. Annex 1 is still in its original form, I think, and ripe for the type of clarity we brought to other sections.
Attached is a slightly streamlined version of the draft I circulated on Friday. Overall, I recommend that we: a. Jettison Annex 1, Option 1. I don't think we can refer something to arbitration when there is no arbitration mechanism for it. Creation of arbitration system could be a whole new avenue of their own. I don't think we are providing any policy direction for it.
b. Update Annex 1, Option 2 with small but key changes. I have no idea what the "seat of the Provider" is, do you? I can guess, so I drafted it with more standard language that I think will help everyone down the line with implementation.
c. Interim avenues -- yes, if I file a motion to quash in my local court, like the UDRP, I think the proceeding before the Provider should be suspended until the Court rules. It's completely consistent with how we handle the UDRP (WIPO stops processing), and it will avoid any question of who or what takes priority. I doubt it will be used very often, but since Motions to Quash are standard in the other areas, they are likely to be used here as well.
Basically a few key clean-ups, clarifications, and revisions, and I think we have scrubbed Annex 1 nice and clean! Edited document, V.2 based on this discussion, attached. Best, Kathy
On 11/2/2015 10:04 AM, Williams, Todd wrote:
Thanks Kathy, Darcy, all. My quick thoughts on Kathy’s points:
·If we like the GoDaddy go-by language for clarification, that’s fine.
·I don’t think we need to discuss suggested damages, and frankly don’t see how we could even if we wanted to. All we’re doing is drafting accreditation standards for P/P Providers. If we want to suggest as a policy that they include some sort of jurisdictional clause in their Terms, or in their Disclosure Frameworks, then OK. But to then go one step further and tell a Court in that jurisdiction (wherever it may be) what they can or can’t award – either in terms of damages, or in terms of injunctive relief – seems quite beyond our remit. Moreover, how many different types of claims might a wronged Customer may have in such a situation? Presumably many, depending on the facts of a given case. I don’t see how we could prospectively say what the damages should be for each of those different claims if we don’t know what they will be.
·Similarly, I don’t understand how or what we’d have to say in this document on Kathy’s last point about a Customer taking it’s Provider to court before a disclosure takes place. Presumably Customers can take their Providers to court for many reasons (and vice versa), based on the terms outlined in their contracts. I’m not sure how that’s related to the P/P Provider’s accreditation. Bottom line: I don’t think there is anything more granular that needs to be done on Option 2 (especially at this juncture, and especially if it’s only one of two options that we end up recommending in our Final Report).
As I mentioned in my 10-28 email below, I think Steve and Graeme were wanting us to circulate something today, before the call tomorrow. What do we as a sub-team think about where the document is now? OK to circulate? Should we circulate the whole thing? If so, should we highlight for the broader WG that the post-Dublin changes are limited to: 1) Darcy’s language changes to the “Preamble” and to I(B); 2) Section III, which includes all of the changes that were discussed in our F2F in Dublin (business days, new III(C)(vii), etc.); and 3) the Annex to the Annex?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Friday, October 30, 2015 12:13 PM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com> <mailto:darcy.southwell@endurance.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This is email #2. It has my proposed edits to Annex 1, Option 2. (Quick note: that like others, I have a lot of questions about Option 1 and agree that we need to discuss it with the WG.)
But Option 2 is a pure jurisdiction clause, which is fine. I don't think that Providers have to do anything other than ensure that the right language is included in the filled-out materials (the Templates) that the Provider submits.
In terms of use of Option 2, I agree with Todd's interpretation: "if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information)."
But what is the "seat of the Provider?" I am not sure exactly what that means, so I looked up similar language [Registrants have to agree to waiver jurisdiction to the location of the Registrars] and added it to our draft Annex E. I also responded to Darcy's comments with what I hope are responsive thoughts. Plus a new issue - a bit of a wrinkle on the question of court cases...
Annex E edited attached -- all of my edits/comments/etc are at the very end - last page, Annex 1, Option 2.
Best regards, Kathy p.s. if you have any trouble reading this file, please let me know (if may be my word processor)
On 10/29/2015 9:51 AM, Williams, Todd wrote:
Thanks Darcy. On your second question I think the answer is yes: if that is the option that the WG selects (of the two), I think that is how it would work.
*From:*Darcy Southwell [mailto:darcy.southwell@endurance.com] *Sent:* Thursday, October 29, 2015 9:39 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Thanks, Todd.
For I(B), my preference is we use “Nothing in this document prevents a Provider from….”
Regarding your last bullet, if the Requester refuses to include the consent in its Request, is the Provider allowed to refuse to process the Request? This consent requirement isn’t included in the rest of the Annex.
Thanks,
Darcy
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Thursday, October 29, 2015 at 9:31 AM *To: *Darcy Southwell <darcy.southwell@endurance.com <mailto:darcy.southwell@endurance.com>>, Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Great, thanks Darcy. My thoughts on your points, in order:
·Aren’t Providers by definition accredited: good point; good change.
·Automation: no, that language has always applied to everybody involved.
·Choice of language to begin I(B): good point, we should pick one. I don’t have a preference. Does anybody else?
·On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester?
Thanks!
Todd.
*From:*Darcy Southwell [mailto:darcy.southwell@endurance.com] *Sent:* Wednesday, October 28, 2015 6:35 PM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Todd,
Thanks for taking the time to make the edits that follow upon our F2F discussion. I’ve added a few edits and comments in the attached document.
Best,
Darcy
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Wednesday, October 28, 2015 at 2:58 PM *To: *Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hope everybody enjoyed the rest of their time in Dublin. I’ve attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Sunday, October 04, 2015 2:31 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday.
Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data?
This is a huge open issues. Ideas welcome! Kathy
-------- Forwarded Message --------
*Subject: *
RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
*Date: *
Fri, 2 Oct 2015 21:35:30 +0000
*From: *
Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>
*To: *
Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org>
All:
Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I’ve flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference:
·The language “comply with all applicable data protection laws while retaining Customer’s contact details and” was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b).
·The language “using secure communication channels” was added back to III(B)(i). As I told Kathy: I don’t have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it.
·On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed “a reasonable basis for” to “a basis for reasonably” in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made.
·For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, “which all Providers must either allow or be allowed to allow.” So that is what you see there.
·We moved III(C)(vi) back to its own section – in the draft yesterday it had been collapsed into III(C)(v).
·We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn’t add any language /per se/ – just added a note in the comment highlighting that point.
Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend.
Todd.
*From:*Williams, Todd *Sent:* Thursday, October 01, 2015 5:52 PM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Per Mary’s latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you’d like.
*From:*Williams, Todd *Sent:* Tuesday, September 29, 2015 11:42 AM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I’m even more confused.
As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG’s Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did _not_ specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don’t understand your claim from your email yesterday (attached) that “I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form.”
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:54 AM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Hi Todd, Looking forward to seeing you on the call! Kathy
On 9/29/2015 9:46 AM, Williams, Todd wrote:
Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team’s work that you think “raises the standard for denial” in the manner that you’ve identified?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:41 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts.
Best, Kathy
On 9/29/2015 9:16 AM, Williams, Todd wrote:
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…...
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Williams, Todd *Sent:* Monday, September 28, 2015 3:47 PM *To:* Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Can I ask what edits to III(C) you’re concerned about?
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Monday, September 28, 2015 2:09 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions *Importance:* High
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. *
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it. +1*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. *
* Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). *
*According to comments received, we should *
* a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments],*
*b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here]*
*c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, *
*d) create a penalty sufficiently severe to deter violations (perhaps a bond). *
**
*/The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. /*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree. *
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree Sorry, but I don’t see how using the word encouraged nullifies Section B. *
* - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** *
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. *
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. *
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Friday, September 25, 2015 at 23:52 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red* below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
· The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
· I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
· You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
· Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight:https://www.blacknight.com/acceptable-usage.html.
· Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
· EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
· 1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
· Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
· DomainIt, Inc.:https://www.domainit.com/terms.html.
· Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
· Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
· I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
· I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
· On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
· The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
· I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
· I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>
Hi All, As always, I feel we are being pushed a bit rapidly to report out to the WG. I think our work is almost done, but not quite. If we are going with Option 2, then we should take the last step of incorporating that possibility into the Request templates. It is the final step - an express written agreement that the IP owner consents to jurisdiction, for the purposes of challenges arising from this request, in the places we agreed in Option 2. That seems reasonable - and a natural, final step given the detail of the rest of the Request Templates. To finish our work, I have added the short language of option 2 to the request templates of Annex E. As Todd writes below, this is a recommendation of the subteam to the WG -- for all of us to discuss. Best, Kathy On 11/2/2015 11:38 AM, Williams, Todd wrote:
Thanks Kathy. Couple thoughts:
·I think it’s fine if our sub-team wants to recommend to the larger WG that we choose Option Two over Option One (the same way that we’ve made other recommendations between two possible language alternatives). But just to be clear, I think it has to be couched that way: as our recommendation. I don’t think we get to make the final decision to jettison one or the other, which can only be made by the WG.
·I still don’t understand the “Addition One” to Option Two. The whole Annex is about how to resolve two kinds of disputes: 1) disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided knowingly false statements; or 2) disputes arising from a Requester’s knowing misuse of information disclosed to it in response to its request. That’s what the language of III(G) refers to (“Two options for resolving disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided false information are outlined in Annex 1 below.”). That’s what the very title of the Annex refers to (“Two options for resolving disputes arising from disclosures made as a result of allegedly improper requests”). All of that assumes that the disclosure has _already_ been made. But what you’re referring to (I think) is a situation in which the disclosure has not _yet_ been made, but the Customer thinks that the Provider is _about_ to disclose, and somehow wants to challenge that decision. That’s a totally different issue, and I just don’t see any way to fit that square peg into this round hole. Moreover, it feels like what you are describing is a process for Customers to _appeal_ their Provider’s decision to disclose (before it has been implemented) by going to Court. But we had language in Section III(F) of the Disclosure Framework discussing that very issue (appeal), and intentionally took it out, for many reasons, most of which were based on points that had been raised in the public comments that we reviewed. I don’t see why we would now reinsert it (or something like it) – especially in this Annex, which by its terms only deals with what happens _after_ a disclosure has been made.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Monday, November 02, 2015 11:00 AM *To:* Williams, Todd <Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com>; gnso-ppsai3@icann.org *Subject:* Finishing the cleanup of Annex 1
Hi All, We have devoted so much work to the main sections of Annex E that it is right that we devote the same fine style to Annex 1. Annex 1 is still in its original form, I think, and ripe for the type of clarity we brought to other sections.
Attached is a slightly streamlined version of the draft I circulated on Friday. Overall, I recommend that we: a. Jettison Annex 1, Option 1. I don't think we can refer something to arbitration when there is no arbitration mechanism for it. Creation of arbitration system could be a whole new avenue of their own. I don't think we are providing any policy direction for it.
b. Update Annex 1, Option 2 with small but key changes. I have no idea what the "seat of the Provider" is, do you? I can guess, so I drafted it with more standard language that I think will help everyone down the line with implementation.
c. Interim avenues -- yes, if I file a motion to quash in my local court, like the UDRP, I think the proceeding before the Provider should be suspended until the Court rules. It's completely consistent with how we handle the UDRP (WIPO stops processing), and it will avoid any question of who or what takes priority. I doubt it will be used very often, but since Motions to Quash are standard in the other areas, they are likely to be used here as well.
Basically a few key clean-ups, clarifications, and revisions, and I think we have scrubbed Annex 1 nice and clean! Edited document, V.2 based on this discussion, attached. Best, Kathy
On 11/2/2015 10:04 AM, Williams, Todd wrote:
Thanks Kathy, Darcy, all. My quick thoughts on Kathy’s points:
·If we like the GoDaddy go-by language for clarification, that’s fine.
·I don’t think we need to discuss suggested damages, and frankly don’t see how we could even if we wanted to. All we’re doing is drafting accreditation standards for P/P Providers. If we want to suggest as a policy that they include some sort of jurisdictional clause in their Terms, or in their Disclosure Frameworks, then OK. But to then go one step further and tell a Court in that jurisdiction (wherever it may be) what they can or can’t award – either in terms of damages, or in terms of injunctive relief – seems quite beyond our remit. Moreover, how many different types of claims might a wronged Customer may have in such a situation? Presumably many, depending on the facts of a given case. I don’t see how we could prospectively say what the damages should be for each of those different claims if we don’t know what they will be.
·Similarly, I don’t understand how or what we’d have to say in this document on Kathy’s last point about a Customer taking it’s Provider to court before a disclosure takes place. Presumably Customers can take their Providers to court for many reasons (and vice versa), based on the terms outlined in their contracts. I’m not sure how that’s related to the P/P Provider’s accreditation. Bottom line: I don’t think there is anything more granular that needs to be done on Option 2 (especially at this juncture, and especially if it’s only one of two options that we end up recommending in our Final Report).
As I mentioned in my 10-28 email below, I think Steve and Graeme were wanting us to circulate something today, before the call tomorrow. What do we as a sub-team think about where the document is now? OK to circulate? Should we circulate the whole thing? If so, should we highlight for the broader WG that the post-Dublin changes are limited to: 1) Darcy’s language changes to the “Preamble” and to I(B); 2) Section III, which includes all of the changes that were discussed in our F2F in Dublin (business days, new III(C)(vii), etc.); and 3) the Annex to the Annex?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Friday, October 30, 2015 12:13 PM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com> <mailto:darcy.southwell@endurance.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This is email #2. It has my proposed edits to Annex 1, Option 2. (Quick note: that like others, I have a lot of questions about Option 1 and agree that we need to discuss it with the WG.)
But Option 2 is a pure jurisdiction clause, which is fine. I don't think that Providers have to do anything other than ensure that the right language is included in the filled-out materials (the Templates) that the Provider submits.
In terms of use of Option 2, I agree with Todd's interpretation: "if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information)."
But what is the "seat of the Provider?" I am not sure exactly what that means, so I looked up similar language [Registrants have to agree to waiver jurisdiction to the location of the Registrars] and added it to our draft Annex E. I also responded to Darcy's comments with what I hope are responsive thoughts. Plus a new issue - a bit of a wrinkle on the question of court cases...
Annex E edited attached -- all of my edits/comments/etc are at the very end - last page, Annex 1, Option 2.
Best regards, Kathy p.s. if you have any trouble reading this file, please let me know (if may be my word processor)
On 10/29/2015 9:51 AM, Williams, Todd wrote:
Thanks Darcy. On your second question I think the answer is yes: if that is the option that the WG selects (of the two), I think that is how it would work.
*From:*Darcy Southwell [mailto:darcy.southwell@endurance.com] *Sent:* Thursday, October 29, 2015 9:39 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Thanks, Todd.
For I(B), my preference is we use “Nothing in this document prevents a Provider from….”
Regarding your last bullet, if the Requester refuses to include the consent in its Request, is the Provider allowed to refuse to process the Request? This consent requirement isn’t included in the rest of the Annex.
Thanks,
Darcy
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Thursday, October 29, 2015 at 9:31 AM *To: *Darcy Southwell <darcy.southwell@endurance.com <mailto:darcy.southwell@endurance.com>>, Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Great, thanks Darcy. My thoughts on your points, in order:
·Aren’t Providers by definition accredited: good point; good change.
·Automation: no, that language has always applied to everybody involved.
·Choice of language to begin I(B): good point, we should pick one. I don’t have a preference. Does anybody else?
·On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester?
Thanks!
Todd.
*From:*Darcy Southwell [mailto:darcy.southwell@endurance.com] *Sent:* Wednesday, October 28, 2015 6:35 PM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Todd,
Thanks for taking the time to make the edits that follow upon our F2F discussion. I’ve added a few edits and comments in the attached document.
Best,
Darcy
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Wednesday, October 28, 2015 at 2:58 PM *To: *Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hope everybody enjoyed the rest of their time in Dublin. I’ve attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Sunday, October 04, 2015 2:31 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday.
Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data?
This is a huge open issues. Ideas welcome! Kathy
-------- Forwarded Message --------
*Subject: *
RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
*Date: *
Fri, 2 Oct 2015 21:35:30 +0000
*From: *
Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>
*To: *
Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org>
All:
Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I’ve flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference:
·The language “comply with all applicable data protection laws while retaining Customer’s contact details and” was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b).
·The language “using secure communication channels” was added back to III(B)(i). As I told Kathy: I don’t have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it.
·On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed “a reasonable basis for” to “a basis for reasonably” in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made.
·For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, “which all Providers must either allow or be allowed to allow.” So that is what you see there.
·We moved III(C)(vi) back to its own section – in the draft yesterday it had been collapsed into III(C)(v).
·We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn’t add any language /per se/ – just added a note in the comment highlighting that point.
Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend.
Todd.
*From:*Williams, Todd *Sent:* Thursday, October 01, 2015 5:52 PM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Per Mary’s latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you’d like.
*From:*Williams, Todd *Sent:* Tuesday, September 29, 2015 11:42 AM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I’m even more confused.
As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG’s Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did _not_ specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don’t understand your claim from your email yesterday (attached) that “I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form.”
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:54 AM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Hi Todd, Looking forward to seeing you on the call! Kathy
On 9/29/2015 9:46 AM, Williams, Todd wrote:
Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team’s work that you think “raises the standard for denial” in the manner that you’ve identified?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:41 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts.
Best, Kathy
On 9/29/2015 9:16 AM, Williams, Todd wrote:
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…...
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Williams, Todd *Sent:* Monday, September 28, 2015 3:47 PM *To:* Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Can I ask what edits to III(C) you’re concerned about?
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Monday, September 28, 2015 2:09 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions *Importance:* High
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. *
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it. +1*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. *
* Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). *
*According to comments received, we should *
* a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments],*
*b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here]*
*c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, *
*d) create a penalty sufficiently severe to deter violations (perhaps a bond). *
**
*/The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. /*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree. *
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree Sorry, but I don’t see how using the word encouraged nullifies Section B. *
* - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** *
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. *
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. *
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Friday, September 25, 2015 at 23:52 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red* below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
· The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
· I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
· You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
· Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight:https://www.blacknight.com/acceptable-usage.html.
· Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
· EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
· 1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
· Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
· DomainIt, Inc.:https://www.domainit.com/terms.html.
· Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
· Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
· I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
· I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
· On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
· The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
· I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
· I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>
Thanks Kathy. I know that Mary and Steve have asked for a draft to circulate to the WG. Can we give them what you've sent? I don't see why not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Monday, November 02, 2015 2:49 PM To: Williams, Todd <Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com>; gnso-ppsai3@icann.org Subject: Re: Finishing the cleanup of Annex 1 Hi All, As always, I feel we are being pushed a bit rapidly to report out to the WG. I think our work is almost done, but not quite. If we are going with Option 2, then we should take the last step of incorporating that possibility into the Request templates. It is the final step - an express written agreement that the IP owner consents to jurisdiction, for the purposes of challenges arising from this request, in the places we agreed in Option 2. That seems reasonable - and a natural, final step given the detail of the rest of the Request Templates. To finish our work, I have added the short language of option 2 to the request templates of Annex E. As Todd writes below, this is a recommendation of the subteam to the WG -- for all of us to discuss. Best, Kathy On 11/2/2015 11:38 AM, Williams, Todd wrote: Thanks Kathy. Couple thoughts: · I think it's fine if our sub-team wants to recommend to the larger WG that we choose Option Two over Option One (the same way that we've made other recommendations between two possible language alternatives). But just to be clear, I think it has to be couched that way: as our recommendation. I don't think we get to make the final decision to jettison one or the other, which can only be made by the WG. · I still don't understand the "Addition One" to Option Two. The whole Annex is about how to resolve two kinds of disputes: 1) disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided knowingly false statements; or 2) disputes arising from a Requester's knowing misuse of information disclosed to it in response to its request. That's what the language of III(G) refers to ("Two options for resolving disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided false information are outlined in Annex 1 below."). That's what the very title of the Annex refers to ("Two options for resolving disputes arising from disclosures made as a result of allegedly improper requests"). All of that assumes that the disclosure has already been made. But what you're referring to (I think) is a situation in which the disclosure has not yet been made, but the Customer thinks that the Provider is about to disclose, and somehow wants to challenge that decision. That's a totally different issue, and I just don't see any way to fit that square peg into this round hole. Moreover, it feels like what you are describing is a process for Customers to appeal their Provider's decision to disclose (before it has been implemented) by going to Court. But we had language in Section III(F) of the Disclosure Framework discussing that very issue (appeal), and intentionally took it out, for many reasons, most of which were based on points that had been raised in the public comments that we reviewed. I don't see why we would now reinsert it (or something like it) - especially in this Annex, which by its terms only deals with what happens after a disclosure has been made. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Monday, November 02, 2015 11:00 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com><mailto:darcy.southwell@endurance.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Finishing the cleanup of Annex 1 Hi All, We have devoted so much work to the main sections of Annex E that it is right that we devote the same fine style to Annex 1. Annex 1 is still in its original form, I think, and ripe for the type of clarity we brought to other sections. Attached is a slightly streamlined version of the draft I circulated on Friday. Overall, I recommend that we: a. Jettison Annex 1, Option 1. I don't think we can refer something to arbitration when there is no arbitration mechanism for it. Creation of arbitration system could be a whole new avenue of their own. I don't think we are providing any policy direction for it. b. Update Annex 1, Option 2 with small but key changes. I have no idea what the "seat of the Provider" is, do you? I can guess, so I drafted it with more standard language that I think will help everyone down the line with implementation. c. Interim avenues -- yes, if I file a motion to quash in my local court, like the UDRP, I think the proceeding before the Provider should be suspended until the Court rules. It's completely consistent with how we handle the UDRP (WIPO stops processing), and it will avoid any question of who or what takes priority. I doubt it will be used very often, but since Motions to Quash are standard in the other areas, they are likely to be used here as well. Basically a few key clean-ups, clarifications, and revisions, and I think we have scrubbed Annex 1 nice and clean! Edited document, V.2 based on this discussion, attached. Best, Kathy On 11/2/2015 10:04 AM, Williams, Todd wrote: Thanks Kathy, Darcy, all. My quick thoughts on Kathy's points: · If we like the GoDaddy go-by language for clarification, that's fine. · I don't think we need to discuss suggested damages, and frankly don't see how we could even if we wanted to. All we're doing is drafting accreditation standards for P/P Providers. If we want to suggest as a policy that they include some sort of jurisdictional clause in their Terms, or in their Disclosure Frameworks, then OK. But to then go one step further and tell a Court in that jurisdiction (wherever it may be) what they can or can't award - either in terms of damages, or in terms of injunctive relief - seems quite beyond our remit. Moreover, how many different types of claims might a wronged Customer may have in such a situation? Presumably many, depending on the facts of a given case. I don't see how we could prospectively say what the damages should be for each of those different claims if we don't know what they will be. · Similarly, I don't understand how or what we'd have to say in this document on Kathy's last point about a Customer taking it's Provider to court before a disclosure takes place. Presumably Customers can take their Providers to court for many reasons (and vice versa), based on the terms outlined in their contracts. I'm not sure how that's related to the P/P Provider's accreditation. Bottom line: I don't think there is anything more granular that needs to be done on Option 2 (especially at this juncture, and especially if it's only one of two options that we end up recommending in our Final Report). As I mentioned in my 10-28 email below, I think Steve and Graeme were wanting us to circulate something today, before the call tomorrow. What do we as a sub-team think about where the document is now? OK to circulate? Should we circulate the whole thing? If so, should we highlight for the broader WG that the post-Dublin changes are limited to: 1) Darcy's language changes to the "Preamble" and to I(B); 2) Section III, which includes all of the changes that were discussed in our F2F in Dublin (business days, new III(C)(vii), etc.); and 3) the Annex to the Annex? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, October 30, 2015 12:13 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com><mailto:darcy.southwell@endurance.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hi All, This is email #2. It has my proposed edits to Annex 1, Option 2. (Quick note: that like others, I have a lot of questions about Option 1 and agree that we need to discuss it with the WG.) But Option 2 is a pure jurisdiction clause, which is fine. I don't think that Providers have to do anything other than ensure that the right language is included in the filled-out materials (the Templates) that the Provider submits. In terms of use of Option 2, I agree with Todd's interpretation: "if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information)." But what is the "seat of the Provider?" I am not sure exactly what that means, so I looked up similar language [Registrants have to agree to waiver jurisdiction to the location of the Registrars] and added it to our draft Annex E. I also responded to Darcy's comments with what I hope are responsive thoughts. Plus a new issue - a bit of a wrinkle on the question of court cases... Annex E edited attached -- all of my edits/comments/etc are at the very end - last page, Annex 1, Option 2. Best regards, Kathy p.s. if you have any trouble reading this file, please let me know (if may be my word processor) On 10/29/2015 9:51 AM, Williams, Todd wrote: Thanks Darcy. On your second question I think the answer is yes: if that is the option that the WG selects (of the two), I think that is how it would work. From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Thursday, October 29, 2015 9:39 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Thanks, Todd. For I(B), my preference is we use "Nothing in this document prevents a Provider from...." Regarding your last bullet, if the Requester refuses to include the consent in its Request, is the Provider allowed to refuse to process the Request? This consent requirement isn't included in the rest of the Annex. Thanks, Darcy From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Thursday, October 29, 2015 at 9:31 AM To: Darcy Southwell <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>>, Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Great, thanks Darcy. My thoughts on your points, in order: · Aren't Providers by definition accredited: good point; good change. · Automation: no, that language has always applied to everybody involved. · Choice of language to begin I(B): good point, we should pick one. I don't have a preference. Does anybody else? · On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester? Thanks! Todd. From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Wednesday, October 28, 2015 6:35 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Todd, Thanks for taking the time to make the edits that follow upon our F2F discussion. I've added a few edits and comments in the attached document. Best, Darcy From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Wednesday, October 28, 2015 at 2:58 PM To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hope everybody enjoyed the rest of their time in Dublin. I've attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Sunday, October 04, 2015 2:31 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday. Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data? This is a huge open issues. Ideas welcome! Kathy -------- Forwarded Message -------- Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Date: Fri, 2 Oct 2015 21:35:30 +0000 From: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com> To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> All: Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I've flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference: · The language "comply with all applicable data protection laws while retaining Customer's contact details and" was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b). · The language "using secure communication channels" was added back to III(B)(i). As I told Kathy: I don't have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it. · On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed "a reasonable basis for" to "a basis for reasonably" in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made. · For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, "which all Providers must either allow or be allowed to allow." So that is what you see there. · We moved III(C)(vi) back to its own section - in the draft yesterday it had been collapsed into III(C)(v). · We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn't add any language per se - just added a note in the comment highlighting that point. Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend. Todd. From: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'Kathy Kleiman' <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary's latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you'd like. From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I'm even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG's Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don't understand your claim from your email yesterday (attached) that "I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form." From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team's work that you think "raises the standard for denial" in the manner that you've identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. · Annex One keep both options: agree. See Transcript at 26-27. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: · I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. · You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: · Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? · I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Tx Todd for your review. Would that we had more time for everyone to review. But with the disclaimers we all know about, I am OK for circulating this last version (V.3). Best, Kathy On 11/2/2015 4:18 PM, Williams, Todd wrote:
Thanks Kathy. I know that Mary and Steve have asked for a draft to circulate to the WG. Can we give them what you’ve sent? I don’t see why not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Monday, November 02, 2015 2:49 PM *To:* Williams, Todd <Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com>; gnso-ppsai3@icann.org *Subject:* Re: Finishing the cleanup of Annex 1
Hi All, As always, I feel we are being pushed a bit rapidly to report out to the WG. I think our work is almost done, but not quite.
If we are going with Option 2, then we should take the last step of incorporating that possibility into the Request templates. It is the final step - an express written agreement that the IP owner consents to jurisdiction, for the purposes of challenges arising from this request, in the places we agreed in Option 2. That seems reasonable - and a natural, final step given the detail of the rest of the Request Templates.
To finish our work, I have added the short language of option 2 to the request templates of Annex E. As Todd writes below, this is a recommendation of the subteam to the WG -- for all of us to discuss.
Best, Kathy
On 11/2/2015 11:38 AM, Williams, Todd wrote:
Thanks Kathy. Couple thoughts:
·I think it’s fine if our sub-team wants to recommend to the larger WG that we choose Option Two over Option One (the same way that we’ve made other recommendations between two possible language alternatives). But just to be clear, I think it has to be couched that way: as our recommendation. I don’t think we get to make the final decision to jettison one or the other, which can only be made by the WG.
·I still don’t understand the “Addition One” to Option Two. The whole Annex is about how to resolve two kinds of disputes: 1) disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided knowingly false statements; or 2) disputes arising from a Requester’s knowing misuse of information disclosed to it in response to its request. That’s what the language of III(G) refers to (“Two options for resolving disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided false information are outlined in Annex 1 below.”). That’s what the very title of the Annex refers to (“Two options for resolving disputes arising from disclosures made as a result of allegedly improper requests”). All of that assumes that the disclosure has _already_ been made. But what you’re referring to (I think) is a situation in which the disclosure has not _yet_ been made, but the Customer thinks that the Provider is _about_ to disclose, and somehow wants to challenge that decision. That’s a totally different issue, and I just don’t see any way to fit that square peg into this round hole. Moreover, it feels like what you are describing is a process for Customers to _appeal_ their Provider’s decision to disclose (before it has been implemented) by going to Court. But we had language in Section III(F) of the Disclosure Framework discussing that very issue (appeal), and intentionally took it out, for many reasons, most of which were based on points that had been raised in the public comments that we reviewed. I don’t see why we would now reinsert it (or something like it) – especially in this Annex, which by its terms only deals with what happens _after_ a disclosure has been made.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Monday, November 02, 2015 11:00 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com> <mailto:darcy.southwell@endurance.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Finishing the cleanup of Annex 1
Hi All, We have devoted so much work to the main sections of Annex E that it is right that we devote the same fine style to Annex 1. Annex 1 is still in its original form, I think, and ripe for the type of clarity we brought to other sections.
Attached is a slightly streamlined version of the draft I circulated on Friday. Overall, I recommend that we: a. Jettison Annex 1, Option 1. I don't think we can refer something to arbitration when there is no arbitration mechanism for it. Creation of arbitration system could be a whole new avenue of their own. I don't think we are providing any policy direction for it.
b. Update Annex 1, Option 2 with small but key changes. I have no idea what the "seat of the Provider" is, do you? I can guess, so I drafted it with more standard language that I think will help everyone down the line with implementation.
c. Interim avenues -- yes, if I file a motion to quash in my local court, like the UDRP, I think the proceeding before the Provider should be suspended until the Court rules. It's completely consistent with how we handle the UDRP (WIPO stops processing), and it will avoid any question of who or what takes priority. I doubt it will be used very often, but since Motions to Quash are standard in the other areas, they are likely to be used here as well.
Basically a few key clean-ups, clarifications, and revisions, and I think we have scrubbed Annex 1 nice and clean! Edited document, V.2 based on this discussion, attached. Best, Kathy
On 11/2/2015 10:04 AM, Williams, Todd wrote:
Thanks Kathy, Darcy, all. My quick thoughts on Kathy’s points:
·If we like the GoDaddy go-by language for clarification, that’s fine.
·I don’t think we need to discuss suggested damages, and frankly don’t see how we could even if we wanted to. All we’re doing is drafting accreditation standards for P/P Providers. If we want to suggest as a policy that they include some sort of jurisdictional clause in their Terms, or in their Disclosure Frameworks, then OK. But to then go one step further and tell a Court in that jurisdiction (wherever it may be) what they can or can’t award – either in terms of damages, or in terms of injunctive relief – seems quite beyond our remit. Moreover, how many different types of claims might a wronged Customer may have in such a situation? Presumably many, depending on the facts of a given case. I don’t see how we could prospectively say what the damages should be for each of those different claims if we don’t know what they will be.
·Similarly, I don’t understand how or what we’d have to say in this document on Kathy’s last point about a Customer taking it’s Provider to court before a disclosure takes place. Presumably Customers can take their Providers to court for many reasons (and vice versa), based on the terms outlined in their contracts. I’m not sure how that’s related to the P/P Provider’s accreditation. Bottom line: I don’t think there is anything more granular that needs to be done on Option 2 (especially at this juncture, and especially if it’s only one of two options that we end up recommending in our Final Report).
As I mentioned in my 10-28 email below, I think Steve and Graeme were wanting us to circulate something today, before the call tomorrow. What do we as a sub-team think about where the document is now? OK to circulate? Should we circulate the whole thing? If so, should we highlight for the broader WG that the post-Dublin changes are limited to: 1) Darcy’s language changes to the “Preamble” and to I(B); 2) Section III, which includes all of the changes that were discussed in our F2F in Dublin (business days, new III(C)(vii), etc.); and 3) the Annex to the Annex?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Friday, October 30, 2015 12:13 PM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com> <mailto:darcy.southwell@endurance.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This is email #2. It has my proposed edits to Annex 1, Option 2. (Quick note: that like others, I have a lot of questions about Option 1 and agree that we need to discuss it with the WG.)
But Option 2 is a pure jurisdiction clause, which is fine. I don't think that Providers have to do anything other than ensure that the right language is included in the filled-out materials (the Templates) that the Provider submits.
In terms of use of Option 2, I agree with Todd's interpretation: "if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information)."
But what is the "seat of the Provider?" I am not sure exactly what that means, so I looked up similar language [Registrants have to agree to waiver jurisdiction to the location of the Registrars] and added it to our draft Annex E. I also responded to Darcy's comments with what I hope are responsive thoughts. Plus a new issue - a bit of a wrinkle on the question of court cases...
Annex E edited attached -- all of my edits/comments/etc are at the very end - last page, Annex 1, Option 2.
Best regards, Kathy p.s. if you have any trouble reading this file, please let me know (if may be my word processor)
On 10/29/2015 9:51 AM, Williams, Todd wrote:
Thanks Darcy. On your second question I think the answer is yes: if that is the option that the WG selects (of the two), I think that is how it would work.
*From:*Darcy Southwell [mailto:darcy.southwell@endurance.com] *Sent:* Thursday, October 29, 2015 9:39 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Thanks, Todd.
For I(B), my preference is we use “Nothing in this document prevents a Provider from….”
Regarding your last bullet, if the Requester refuses to include the consent in its Request, is the Provider allowed to refuse to process the Request? This consent requirement isn’t included in the rest of the Annex.
Thanks,
Darcy
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Thursday, October 29, 2015 at 9:31 AM *To: *Darcy Southwell <darcy.southwell@endurance.com <mailto:darcy.southwell@endurance.com>>, Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Great, thanks Darcy. My thoughts on your points, in order:
·Aren’t Providers by definition accredited: good point; good change.
·Automation: no, that language has always applied to everybody involved.
·Choice of language to begin I(B): good point, we should pick one. I don’t have a preference. Does anybody else?
·On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester?
Thanks!
Todd.
*From:*Darcy Southwell [mailto:darcy.southwell@endurance.com] *Sent:* Wednesday, October 28, 2015 6:35 PM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Todd,
Thanks for taking the time to make the edits that follow upon our F2F discussion. I’ve added a few edits and comments in the attached document.
Best,
Darcy
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Wednesday, October 28, 2015 at 2:58 PM *To: *Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hope everybody enjoyed the rest of their time in Dublin. I’ve attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Sunday, October 04, 2015 2:31 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday.
Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data?
This is a huge open issues. Ideas welcome! Kathy
-------- Forwarded Message --------
*Subject: *
RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
*Date: *
Fri, 2 Oct 2015 21:35:30 +0000
*From: *
Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>
*To: *
Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org>
All:
Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I’ve flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference:
·The language “comply with all applicable data protection laws while retaining Customer’s contact details and” was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b).
·The language “using secure communication channels” was added back to III(B)(i). As I told Kathy: I don’t have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it.
·On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed “a reasonable basis for” to “a basis for reasonably” in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made.
·For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, “which all Providers must either allow or be allowed to allow.” So that is what you see there.
·We moved III(C)(vi) back to its own section – in the draft yesterday it had been collapsed into III(C)(v).
·We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn’t add any language /per se/ – just added a note in the comment highlighting that point.
Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend.
Todd.
*From:*Williams, Todd *Sent:* Thursday, October 01, 2015 5:52 PM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Per Mary’s latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you’d like.
*From:*Williams, Todd *Sent:* Tuesday, September 29, 2015 11:42 AM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I’m even more confused.
As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG’s Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did _not_ specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don’t understand your claim from your email yesterday (attached) that “I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form.”
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:54 AM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Hi Todd, Looking forward to seeing you on the call! Kathy
On 9/29/2015 9:46 AM, Williams, Todd wrote:
Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team’s work that you think “raises the standard for denial” in the manner that you’ve identified?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:41 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts.
Best, Kathy
On 9/29/2015 9:16 AM, Williams, Todd wrote:
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…...
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Williams, Todd *Sent:* Monday, September 28, 2015 3:47 PM *To:* Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Can I ask what edits to III(C) you’re concerned about?
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Monday, September 28, 2015 2:09 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions *Importance:* High
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. *
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it. +1*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. *
* Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). *
*According to comments received, we should *
* a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments],*
*b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here]*
*c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, *
*d) create a penalty sufficiently severe to deter violations (perhaps a bond). *
**
*/The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. /*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree. *
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree Sorry, but I don’t see how using the word encouraged nullifies Section B. *
* - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** *
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. *
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. *
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Friday, September 25, 2015 at 23:52 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red* below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
· The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
· I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
· You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
· Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight:https://www.blacknight.com/acceptable-usage.html.
· Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
· EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
· 1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
· Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
· DomainIt, Inc.:https://www.domainit.com/terms.html.
· Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
· Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
· I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
· I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
· On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
· The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
· I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
· I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Thanks much, Kathy and everyone we will send out the agenda and the latest document, caveated, to the WG now. Cheers Mary Mary Won Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: marywong@icann.org From: <gnso-ppsai3-bounces@icann.org> on behalf of Kathy Kleman <kathy@kathykleiman.com> Date: Monday, November 2, 2015 at 16:31 To: "Willims, Todd" <Todd.Williams@turner.com>, Darcy Southwell <darcy.southwell@endurance.com>, "gnso-ppsai3@icann.org" <gnso-ppsa3@icann.org> Subject: Re: [Gnso-ppsai3] Finishing the cleanup of Annex 1
T Todd for your review. Would that we had more time for everyone to review. Butwith the disclaimers we all know about, I am OK for circulating this last version (V.3). Best, Kathy
On 11/2/2015 4:18 PM, Willams, Todd wrote:
Thanks Kathy. I know that Mary and Steve have asked or a draft to circulate to the WG. Can we give them what you¹ve sent? don¹t see why not.
From: Kathy Kleiman [mailto:kathy@kathykleiman.om] Sent: Monday, November 02, 2015 2:49 PM To: Williams, Todd <Todd.Wlliams@turner.com> <mailto:Todd.Williams@turner.com> ; Darcy Southwell <darcy.southwell@endurance.com> <mailto:darcy.southwell@endurance.com> ; gnso-ppsai3@icann.org Subject: Re: Finishing the cleanup of Annex 1
Hi All, As always, I feel we ae being pushed a bit rapidly toreport out to the WG. I think our work is almost done, but not quite.
If we are going with Option 2, then we should take the last step of incorporating that possibility into the Request templates. It is the final step - an express written agreement that the IP owner consents to jurisdiction, for the purposes of challenges arising from this request, in the places we agreed in Option 2. That seems reasonable - and a natural, final step given thedetail of the rest of the Request Templates.
To finish our work I have added the short language of option 2 to the request templates of Anex E. As Todd writes below, this is a recommendation of the subteam to the W -- for all of us to discuss.
Best, Kathy
On 11/2/2015 11:8 AM, Williams, Todd wrote:
Thanks Kathy. Couple thoughts:
· I think it¹s fine if our sub-team wants to recommend to the larger WG that we choose Option Two over Option On (the same way that we¹ve made other recommendations between two possibl language alternatives). But just to be clear, I think it has to becouched that way: as our recommendation. I don¹t think we get to make the fnal decision to jettison one or the other, which can only be made by theWG.
· I still don¹t understand the ³Addition One² to Optin Two. The whole Annex is about how to resolve two kinds of disputes: 1) dsputes in which a Provider is alleged to have made a wrongful disclosue based on a Requester having provided knowingly false statements; or 2)disputes arising from a Requester¹s knowing misuse of information disclosedto it in response to its request. That¹s what the language of III(G) refers o (³Two options for resolving disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided false information are outlined in Annex 1 below.²). That¹s what the very title of the Annex refers to (³Two options for resolving disputes arising from disclosures made as a result of allegedly improper requests²). All of that assumes that the disclosur has already been made. But what you¹re referring to (I think) is a situaion in which the disclosure has not yeeen made, but the Customer thinks that the Provider is about to disclose, and somehow wants to challenge that decision. That¹s a ttally different issue, and I just don¹t see any way to fit that squae peg into this round hole. Moreover, it feels like what you are describing is a process for Customers to appeal their Provider¹s decision to disclose (before it has been implemented) by going to Court. But we had language in Section III(F of the Disclosure Framework discussing that very issue (appeal), and intentionally took it out, for many reasons, most of which were based on points that had been raised in the public comments that we reviewed. I don¹t see why we would now reinsert it (or something like it) especially in this Annex, which by its terms only deals with what happens after a disclsure has been made.
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Monday, November 02, 2015 11:00 AM To: Williams, Todd <Todd.Williams@turner.co> <mailto:Todd.Williams@turner.com> ; Darcy Southwell <darcy.soutwell@endurance.com> <mailto:darcy.southwell@endurance.com> ; gnso-ppsai3@ican.org Subject: Finishing the cleanup of Annex 1
Hi All, We have devoted so much work to the main sections of Annex E that it is right that we devote the same fine style to Annex 1. Annex 1 is still in its original form, I think, and ripe for the type of clarity we brought to other sections.
Attached is a slightly streamlined version of the draft I circulated on Friday. Overall, I recommend that we: a. Jetison Annex 1, Option 1. I don't think we can refer something to arbitration when there is no arbitration mechanism for it. Creation of arbitration system could e a whole new avenue of their own. I don't think we are providing any policdirection for it.
b. Update Annex 1, Option 2 with small but key changes. I have no idea what the "seat of the Provider" is, do yo? I can guess, so I drafted it with more standard language that I think willhelp everyone down the line with implementation.
c. Interim venues -- yes, if I file a motion to quash in my local court, like the DRP, I think the proceeding before the Provider should be suspended unti the Court rules. It's completely consistent with how we handle the UDRP (WIP stops processing), and it will avoid any question of who or what takes pririty. I doubt it will be used very often, but since Motions to Quash are stanard in the other areas, they are likely to be used here as well.
Basically a few key clean-ups, clarifications, and reviions, and I think we have scrubbed Annex 1 nice and clean! Edited documnt, V.2 based on this discussion, attached. Best, Kathy
On 11//2015 10:04 AM, Williams, Todd wrote:
Thanks Kathy, Darcy, all. Myquick thoughts on Kathy¹s points:
· If we like the GoDaddy go-y language for clarification, that¹s fine.
· I don¹t thinkwe need to discuss suggested damages, and frankly don¹t see how we could even if we wanted to. All we¹re doing is drafting accrditation standards for P/P Providers. If we want to suggest as a policy tha they include some sort of jurisdictional clause in their Terms, or in thir Disclosure Frameworks, then OK. But to then go one step further and tella Court in that jurisdiction (wherever it may be) what they can or can¹ award either in terms of damages, or in terms of injunctive relief eems quite beyond our remit. Moreover, how many different types of claims ight a wronged Customer may have in such a situation? Presumably many, depending on the facts of a given case. I don¹t see how we could prospectively say what the damages should be for each of those different claims if e don¹t know what they will be.
· Similarly, I don¹t understand ow or what we¹d have to say in this document on Kathy¹s last point about a Customer taking it¹s Provider to court before a disclosure takes place. Presumably Customers can take their Providers to court for many reasons (and vice versa), based on the terms outlined in their contracts. I¹m not sure how that¹s related to the P/P Prvider¹s accreditation. Bottom line: I don¹t think there is anything more ranular that needs to be done on Option 2 (especially at this juncture, nd especially if it¹s only one of two options that we end up recommendin in our Final Report).
As I mentioned in my 10-28 email below, I thin Steve and Graeme were wanting us to circulate something today, before the all tomorrow. What do we as a sub-team think about where the document is no? OK to circulate? Should we circulate the whole thing? If so, should we highlight for the broader WG that the post-Dublin changes are limitd to: 1) Darcy¹s language changes to the ³Preamble² and to I(B); 2) Sectio III, which includes all of the changes that were discussed in our F2F in Dublin (business days, new III(C)(vii), etc.); and 3) the Annex to the Annex?
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, Ocober 30, 2015 12:13 PM To: Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com> ; Darcy Southwell <darcy.southwell@endurance.com> <mailto:darcy.southwell@endurance.com> ; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This is email #2. It has my proposed edits to Annex 1, Option 2. (Quick note: that like others, I have a lot of questions about Option 1 and agree that we need to discuss it with the WG.)
But Option 2 is a pure jurisdiction clause, which is fine. I don't thnk that Providers have to do anything other than ensure that the right language is included in the filled-out materials (the Templates) that the Provider submits.
In terms of use of Option 2, I agree with Todd'sinterpretation: "if EITHER the Provider or the Customer later comes to elieve that the Requester made knowingly false statements in its requst, or knowingly misused information disclosed to it in response to it request, then either the Provider or the Customer could sue the Requeter in the jurisdiction at the seat of the Provider, and the Requester culd not at that point challenge that jurisdiction (though obviously theycould still challenge the underlying claim that they made a knowingly falsestatement or misused the information)."
But what is the "seat ofthe Provider?" I am not sure exactly what that means, so I looked up similar language [Registrants have to agree to waiver jurisdiction to the location of the Registrars]and added it to our draft Annex E. I also responded to Darcy's comments wit what I hope are responsive thoughts. Plus a new issue - a bit of a wrinkle on the question of court cases...
Annex E edited attached -- all of my edits/comments/etc are at the very end - last page, Annex 1, Option 2.
Best regards, Kathy p.s. if you have any trouble reading this file, please let me know (if may be my word processor)
On 10/29/2015 9:51 AM, Williams, Todd wrote:
Thanks Darcy. On your second question I think the answer is es: if that is the option that the WG selects (of the two), I think that is how it would work.
From: Darcy Southwell [mailto:darcy.southwell@edurance.com] Sent: Thursday, October 29, 2015 9:39 AM o: Williams, Todd <mailto:Todd.Williams@turner.com> <ToddWilliams@turner.com> <mailto:Todd.Williams@turner.com> ; Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com> ; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Thanks, Todd.
For I(B), my preference is we use ³Nothing in this document prevents a Provider from.²
Regarding your last bullet, if te Requester refuses to include the consent in its Request, is the Provier allowed to refuse to process the Request? This consent requirement i¹t included in the rest of the Annex.
Thanks,
Darcy
From: "Williams, Todd" <Todd.Willims@turner.com> Date: Thursday, October 29, 2015 at 9:31 AM To: Darc Southwell < <mailto:darcy.southwell@endurance.com> darcy.southwell@enduance.com>, Kathy Kleiman <kathy@kathykleiman.com>, "gnso-ppsai3@icann.org <gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] Fwd: RE: [renamed] Commnts and concerns about revisions
Great, thanks Darcy. My thoughts on your points, in order:
· Aren¹t Providers by definition accredited: good point; good chang.
· Automation: no, that language has always applied to everyody involved.
· Choice of language to begin I(B): ood point, we should pick one. I don¹t have a preference. Does anybody ese?
· On your concerns about the two options lited in Annex 1: agree, this is still the only significant unresolved issue or the Disclosure Framework. Perhaps we should plan to talk about it on th WG call on Tuesday? The only answer I have to the good questions yu raised is on the last one: how will Providers enforce a jurisdiction selction when the contract is with the Customer and not the Requester?
Thanks!
Todd.
From: Darcy Southwell[mailto:darcy.southwell@endurance.com] Sent: Wednesday, October 28, 2015 6:5 PM To: Williams, Todd < <mailto:Todd.Williams@turner.com> Todd.Wiliams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com>; gnso-ppsai@icann.org Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Tdd,
Thanks for taking the time to make the edits tha follow upon our F2F discussion. I¹ve added a few edits and commens in the attached document.
Best,
Darcy
From: < <mailto:gnso-ppsai3-bounces@icann.org> nso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" < <mailto:Todd.illiams@turner.com> Todd.Williams@turner.com> Date: Wednesday, October 2, 2015 at 2:58 PM To: Kathy Kleiman < <mailto:kathy@kathykeiman.com> kathy@kathykleiman.com>, "gnso-ppsai3@icann.org" <gnso-ppsai3icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concrns about revisions
Hope everybody enjoyed the est of their time in Dublin. I¹ve attached a revised draft of the Illustrtive Disclosure Framework, in which I tried to capture the edits that we iscussed in our face-to-face (calendar days to business days, etc.). included them all in blue so that you can easily see which are new, postDublin (all are in Section III, which begins on page 6). If anybody ants to change any of these, or has any others that they want to add to apture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11.
Thanks all.
Todd.
From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org [mailto:so-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Snday, October 04, 2015 2:31 PM To: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This version has now been passed on to the WG co-chairs and is likely to be qued up for discussion this Tuesday.
Quick note: big remaining queston is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penaltes for violating the Requestor's strict limitations on the use of the revealed proxied data?
This is a huge open issues. Ideas welcome! Kathy
-------- Forwarded Message --------
Suject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions ate: Fri, 2 Oct 2015 21:35:30 +0000 From: Williams, Todd <mailto:ToddWilliams@turner.com> <Todd.Williams@turner.com> <mailto:Todd.Williams@turnr.com> To: Kathy Kleiman <mailto:kathy@kathykleiman.com> <kathy@kahykleiman.com> <mailto:kathy@kathykleiman.com> , gnso-ppsai3@icann.org<gnsoppsai3@icann.org> <mailto:gnso-ppsai3@icann.org>
All:
Kathy caled me today so that we could walk through the document, which was incredbly helpful. Thank you Kathy for that. Based on that I have attache a new draft that captures the results of that call. I¹ve flagged in the Comments those areas that were changed from what I sent yesterday
based on our call. But just to highlight them for your ease of reference:
· The language ³comply with all applicable data protection laws wle retaining Cuer¹s contact details and² was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b).
· The language ³using secure comunication channels² was added back
to III(B)(i). As I told Kathy: I don¹t have an opinion on that langage. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put i back in over their objection, so be it.
· On III(C)(ii) and iii) (which were the two provisions that were the subject of my 9-29 emal to Kathy below): Kathy agreed to include them in the draft if we change³a reasonable basis for² to ³a basis for reasonably² in order to more precely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6(a) (which as I understand it was the original intent behind that language) So that change has been made.
· For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potenial formulation for the WG to consider, ³which all Providers must either alow or be allowed to allow.² So that is what you see there.
· We moved III(C)(vi) back to its own section in the draft yesterday it had been collapsed into III(C)(v).
· We also discussed whether to ake a note alongside Option 1 in the Annex asking how much more work the W might need to do on Option #1 (e.g., what penalties would the arbitrator b authorized to levy?), and how much of that should instead be left t implementation or a different PDP. We didn¹t add any language per se jst added a note in the comment highlighting that point.
Katy: please correct me if any of what I said does not accurately reflect wht we discussed. Look forward to hearing the thoughts from the rest of te sub-team. Thanks and have a good weekend.
Todd.
Fro: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'Kath Kleiman' <mailto:kathy@kathykleiman.com> <kathy@kathykleiman.com> <maito:kathy@kathykleiman.com> ; 'gnso-ppsai3@icann.org' <gnso-ppsai3@icann.or> <mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Per Mary¹s latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and
iii) Kathy, if you¹d like.
From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' < <mailto:kthy@kathykleiman.com> kathy@kathykleiman.com>; gnso-ppsai3@icann.org Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I¹m even more confused.
As I mentioned on the call, the two alternatie formulations for III(C)(ii) and (iii) were included in the WG¹s Initial Rport as alternative formulations for which the WG was seeking commnity input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preerred (with more preferring the second alternative), the NCSG in its commen did not specify a preference for either. See: http://forum.icnn.org/lists/commentppsai-initial-05may15/pdfBoyWzlMS3q. pdf. Based on that history, I don¹t understandyour claim from your email yesteray (attached) that ³I am very, very concerned about Section III, as revised, and I am very certain that NCG and many other commenters (some following NCSG) would ever havesupported Annex E in this revised form.²
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd < <mailto:Todd.Williams@turner.com> Todd.Williams@turner.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsi3] [renamed] Comments and concerns about revisions
Hi Todd, Looking forward to seeing you on the call! Kathy
On 9/29/20159:46 AM, Williams, Todd wrote:
Thaks Kathy. Look forward to discussing in the WG call. I guess my question was moe specific: what language has been changed in Section III as part of tis sub-team¹s work that you think ³raises the standard for denial²in the manner that you¹ve identified?
From: Kathy Kleman [ <mailto:kathy@kathykleiman.com> mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <malto:Todd.Williams@turner.com> <Todd.Williams@turner.com> <mailto:Todd.Willams@turner.com> ; gnso-ppsai3@icann.org Subject: R: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Tod, sorry for the delay. Much happenin here in DC (including tons of traffic). I am particularly concerned that the stanard for denial has been raised to one that requires Providers to act as jdge and jury. I am also deeply concerned about a comment that I rad that said we are giving copyright owners a bypass of the lega due process mechanisms of the DMCA. This is very troubling to me. would be inerested in your thoughts.
Best, Kathy
On 9/9/2015 9:16 AM, Williams, Todd wrote: > > Well, I guess our sb-team will just find out on the 10:00 call with the > rest of the WG.. > > > From: <mailto:gnso-ppsai3-bounces@icann.org> gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd > Sent: Monday,September 28, 2015 3:47 PM > To: Kathy Kleiman <mailto:kathy@kathykleiman.com> <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com> ; > gnso-ppai3@icann.org > Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns bout > revisions > > Thanks Kathy. Can I ask what edits toIII(C) you¹re concerned about? > > > From: <mailto:gnso-ppsi3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai-bounces@icann.org] On > Behalf Of Kathy Kleiman > Sent: Mondy, September 28, 2015 2:09 PM > To: <mailto:gnso-ppsai3@icann.org>gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] [renamed] Comments ad concerns about > revisions > Imprtance: High > > Hi All, > Here are my response to the template as it as reviewed on Friday by > Sara. Sara's comments are in red, my comments ar in green (at least > according to my screen). I will now dive int Todd's comments, but I am > very, very concerned about Section III, as revsed, and I am very > certain that NCSG and many other commenters (some folowing NCSG) would > ever have supported Annex E in this revised form. Hge issue to > discuss - and looking forward to oing so. > > Best, > Kathy > > ------------------------------------------------------------ > > Sara's comments in Red > Kathy's comments in Green > From: <gno-ppsai3-bounces@icann.org> on behalf of Mary Wong > Date: Thursday, Sepember 24, 2015 at 9:34 AM > To: "gnso-ppsai3@icann.org" > Subjct: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: > Follow p from WG call yesterday) > > Hello everyone, > > As it looks like several Sub Team member will not be available for a > Friday call, staff would like to ask if the Sub Team would prefer the > following alternative approach: > >Sub Team members to circulate to this email list their > comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team¹s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on > Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most unfortunately, I can only be available > beween 1400-1500 UTC on Monday, so if there is a call that results in > furthr updates, I hope one of the Sub Team will not mind taking on that > taskand circulating the further revised draft to the WG before the >Tuesday call. > > Alternatively, we could still aim for a Friday cal as proposed, to > discuss any input that may come in from Sub Team mmbers up to that > point. > > For your convenience, the noteand questions from the WG call last week > are reproduced again here:
> Section I.B.(iii): > - Need to discuss retaining it in some for; costs are real for > providers I support this being retained. I do too We received > comments about the costs of the P/P services, and a real cocern in > keeping these services accessible and affordable. Reasonablecosts of > requests, many feel should be borne by Requesters. > > Section II: - Should there be provision for indemnification to provider against >misuse of data? (NOTE: unlikely to gain support, so possibly no need to > ad) I agree that a provision should be added and the main WG can > detrmine if they will support it. +1 > - A(6)(b)(ii): can a requester under te new wording keep/use the data > to assocate with other information about he registrant e.g. for future > or other requests? Does reverse apply toregistrar/provider i.e. do they > keep data that¹s sent to them? Seemswe need to clarify ³objectives². > > Limited to original request? Commenters shared their concern that a) > data can be misused by the Requester, ncluding publication (e.g., via > blog) and harvesting (e.g., compilatin of data bases). > According to comments reved, we should > > a) tightly restrict use of data by Requester by contract [already agreed > to, but language should be tightened in light of comments], > b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] > c) create a way of communicatig with ICANN and other Providers if the > Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a > bond). > > The above are only a first set of ideas, but clearly we want to ensure > that the rules we adopt are binding and with real consequences for > violation. > > Section III: > III.B: Secure communications may not be as easily or readily done as > migt be desired (so revision is well-intended but maybe not entirely > practcal) I would not discount this one at all. There are very safe, > effectiveand cheap ways of transferring confidential data over the > Internet.This is actually critically important; sending personal or > sensitive information over open Internet could subject Prviders to > liability. > > - 5 calendar days rather than 3 is more reasonable from providers¹ > perspective Agree. > > - saying ³encouraged" but not mandating action would nullify needfor > this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don¹t see how using the word encouraged nullifies Section B. > > - **I don¹t agree with the edits to III.C at all. The Provider is not a > court of law and should not rendering a legl opinion. The original > language was a much more accurate representaion of the most of the > comments that we received; and the new langua operates against many of > the ³due process² protections that thousands of commenters sought to > protect.** > > - III.C.: use some other word than ³surrender², and one that makes clear > this does not mean a transfer; in any event, clarify that it's a > deletion at the option of a customer (NOTE: there was some discussion > over whether providers must be required to offer this option; reminder > that previous WG discussions had led to agreement to NOT make it > mandatory due to varying provider practices) Agree; I actually think the > word ³surrender² is a pretty good and accurate one; I would keep it. I > think i does need to be clarified that a surrender is absolutely not a > transfer. > > - III.C.(v) & (vi): do they overlap? Should they be merged? Leave > separate. Let¹s discuss the wording of vi. It¹s gettingclose, but needs > to be tweaked. > > Annex I: > - Keep both options to clarify they are two possible ways of dealing > with the issues? Yes. I think the edits as noted make sense deletion > of Option 1 and editing of Option 2 (now just Annex I) > Please let me know what you think of these two suggestions as soon as > you can. Thank you! > > Cheers > Mary > > Mary Wong > Senior Policy Director > Internet Corporation for Assigned Names & Numbers (ICANN) > Telephone: +1603 574 4889 > Email: mary.wong@icann.org > > > On 9/25/2015 10:04 PM, Mary Wong wrote: > > Hello Todd and everyone, thank you so much for the comments and > suggestions. I apologize I was not able to respond earlier as I have > been traveling back to the US from Asia. > > > > What staff will do is update the document in accordance with the > comments provided by Sub Team members, with (where possible) notes > indicating the transcript as noted by Todd and other specific pointers > to reasons/justifications/further dicusions. perhaps, with that > updated document and the approach as outlied by Todd below, the Sub > Team can frame the speciic points that merit further WG discussion on > the Tuesday call. It will certainly be helpful to get some concrete > indication from the WG as to how they might wish to proceed on a number > of these points. > > > > Thanks and cheers > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > From: "Williams, Todd" < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com> > Date: Friday, September 25, 2015 at 23:52 > To: Mary Wong < <mailto:mary.wong@icann.org> mary.wong@icann.org>, > "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: > Follow up from WG call yesterday) > > > > Thanks Mary and thanks Sara. My thoughts on where we are as a WG after > going back through the transcript of the 9-15 call: > > · I(B)(iii): we didn¹t really substantively discuss this on the > 9-15 call. Rather, I noted as I was summarizing the document that it > had been removed because more commenters had opposed it than supported > it. Transcript at pg. 5. And then James Bladel noted at the end of the > call that he wanted to put a marker down for further discussion on it. > Transcript at 27. So I would just propose that we have that as one > agenda item for the call this coming Tuesday: as a WG, do we want to > keep I(B)(iii)? And why or why not? > > · II(A)(6)(b) (note that these same points also apply to > II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of > a bigger discussion that the WG should revisit on Tuesday. > Specifically: we¹ve got the new language in the draft per the comments > from Cyberinvasion/NCSG. And several people on the call expressed > concerns over whether that new language was administratively feasible > and/or enforceable. Transcript at 8-16. So indemnification was floated > as one potential alternative that might address the points of both the > Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at > 11. So I think the options on the table for the WG are: 1) keep the > current language as is; 2) replace the current language with some sort > of indemnification language; or 3) replace the current language with > something else. I definitely think that a discussion of the pros/cons > of each of those three options should be another specific agenda item > for the call on Tuesday. But I don¹t think that we as a sub-team have > enough guidance/discussion from the WG yet to choose among the three > options ourselves. > > · III(B): > > § 5 calendar days: agree. See Transcript at 18. > > § Remove reference to secure communications as not administratively > feasible: agree. See Transcript at 18-19. > > § ³Shall² over ³encouraged but not required to²: agree. See Transcript > at 20-21. > > § I would add one additional point not included in your email below. I > think the agreement on the 9-15 call was that we need to go back to the > original formulation ³the contact information it has for Customer that > would ordinarily appear in the publicly accessible Whois for > non-proxy/privacy registration² instead of the new proposed formulation > ³name, mailing address, and contact information for service of process > that it has for Customer.² See Transcript at 19. > > · III(C)(iv): the issue here is whether this action (giving up the > domain name in lieu of disclosure) should be optional (as the original > language contemplated) or mandatory (as the new language proposed, per > the comments from Cyberinvasion/NCSG). And in the discussion on the > 9-15 call we heard from James Bladel that making it mandatory may be > difficult b/c not all P/P Providers are also going to be Registrars. > Transcript at 24. I think that¹s a good point, and on the 9-15 call > James Gannon seemed to express agreement that going back to optional > (vs. mandatory) was fine. Transcript at 24. So based on that, it looks > like the WG as a whole is more in support of ³optional² vs. ³mandatory² > for III(C)(iv), and thus that we should go back to the old language. > But frankly I personally don¹t have an opinion one way or the other, and > am happy to discuss further if the WG wants. > > · III(C)(vi): the question was raised on the 9-15 call how the new > III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript > at 23. We got no answer to that question from the proponents of the new > III(C)(vi), and in fact James Gannon seemed to suggest that upon > reflection it would be fine to merge the new III(C)(vi) into III(C)(v). > Transcript at 24. So again, it seems like the WG as a whole is more in > support of either folding the new III(C)(vi) into III(C)(v) somehow, or > deleting it altogether. But again, I personally don¹t have an opinion > yet, and if the proponents of the new III(C)(vi) want to take time on > the call on Tuesday to answer the question that is on the table (how > does it add anything to III(C)(v)?), or to otherwise advocate for it, > that¹s fine. > > · Annex One keep both options: agree. See Transcript at 26-27. > > > > From: <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On > Behalf Of Mary Wong > Sent: Friday, September 25, 2015 4:50 AM > To: <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: > Follow up from WG call yesterday) > > > Thanks much, Sara! > > > Everyone it will be great if you can provide your feedback as well, > perhaps in a similar format as Sara did if that¹s the easiest for you. > Staff will try to pull a revised document together as best we can with > whatever input we receive. > > > > I should add that I am very sorry, but due to a flight rerouting I can > no longer make a call on Friday 1900 UTC. Since we haven¹t heard from > many Sub Team members that they can do a Friday call, I¹m going to > suggest that staff attempt to revise the document (in the manner noted > above, in light of comments received by 1900 UTC on Friday). We can then > circulate the document to the WG on Monday, noting as we did this past > week for the updated proposed language for Section 1.3.2 (Sub Team 1) > that it Is not language that has been discussed, much less fully > supported, by the Sub Team. > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: mary.wong@icann.org > > > > > > From: Sara Bockey < <mailto:sbockey@godaddy.com> sbockey@godaddy.com> > Date: Friday, September 25, 2015 at 04:48 > To: Mary Wong < <mailto:mary.wong@icann.org> mary.wong@icann.org>, > "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: > Follow up from WG call yesterday) > > > > Mary, > > > > I¹ve provided feedback in red below. > > > > Sara > > > > From: < <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org> on behalf of Mary Wong > Date: Thursday, September 24, 2015 at 9:34 AM > To: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" > Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: > Follow up from WG call yesterday) > > > > Hello everyone, > > > > As it looks like several Sub Team members will not be available for a > Friday call, staff would like to ask if the Sub Team would prefer the > following alternative approach: > > > > Sub Team members to circulate to this email list their > comments/suggestions on the notes and questions from the WG call last > week by Friday 25 September, 1900 UTC. Staff will send out a draft > updated Annex E based on the Sub Team¹s input as received as of that > time. Should the Sub Team wish to further discuss the updated draft on > Monday, the GNSO Secretariat can assist with setting one up at a > convenient time for most unfortunately, I can only be available > between 1400-1500 UTC on Monday, so if there is a call that results in > further updates, I hope one of the Sub Team will not mind taking on that > task and circulating the further revised draft to the WG before the > Tuesday call. > > > > Alternatively, we could still aim for a Friday call as proposed, to > discuss any input that may come in from Sub Team members up to that > point. > > > > For your convenience, the notes and questions from the WG call last week > are reproduced again here: > > > > Section I.B.(iii): > > - Need to discuss retaining it in some form; costs are real for > providers I support this being retained. > > > > Section II: > > - Should there be provision for indemnification to provider against > misuse of data? (NOTE: unlikely to gain support, so possibly no need to > add) I agree that a provision should be added and the main WG can > determine if they will support it. > > - A(6)(b)(ii): can a requester under the new wording keep/use the data > to assocate with other information about the registrant e.g. for future > or other requests? Does reverse apply to registrar/provider i.e. do they > keep data that¹s sent to them? Seems we need to clarify ³objectives². > Limited to original request? > > > > Section III: > > - III.B: Secure communications may not be as easily or readily done as > might be desired (so revision is well-intended but maybe not entirely > practical) > > - 5 calendar days rather than 3 is more reasonable from providers¹ > perspective Agree. > > - saying ³encouraged" but not mandating action would nullify need for > this section B (NOTE: many people on the call agree with this, one > objected) Agree > > - III.C.: use some other word than ³surrender², and one that makes clear > this does not mean a transfer; in any event, clarify that it's a > deletion at the option of a customer (NOTE: there was some discussion > over whether providers must be required to offer this option; reminder > that previous WG discussions had led to agreement to NOT make it > mandatory due to varying provider practices) Agree > > - III.C.(v) & (vi): do they overlap? Should they be merged? Leave > separate. > > > > Annex I: > > - Keep both options to clarify they are two possible ways of dealing > with the issues? Yes. > > > > Please let me know what you think of these two suggestions as soon as > you can. Thank you! > > > > Cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: <mailto:mary.wong@icann.org> mary.wong@icann.org > > > > > > From: < <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org> on behalf of Kathy Kleiman < > <mailto:kathy@kathykleiman.com> kathy@kathykleiman.com> > Date: Thursday, September 24, 2015 at 23:56 > To: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < > <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: > Follow up from WG call yesterday) > > > > Hi Holly, > Were you able to attend this call? I am sorry, but I cannot see your > text in the email below :-(. > > As for me, I am very unlikely to be able to attend a call at this time > tomorrow. Can we try for Monday? > Best, > Kathy > > On 9/23/2015 9:58 PM, Holly Raiche wrote: > > > On 24 Sep 2015, at 5:14 am, Williams, Todd < > <mailto:Todd.Williams@turner.com> Todd.Williams@turner.com> wrote: > > > Works for me. Thanks Mary. > > > > From: gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong > Sent: Wednesday, September 23, 2015 3:10 PM > Cc: gnso-ppsai3@icann.org > Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: > Follow up from WG call yesterday) > > > > Hello everyone can we do a call this Friday 25 September at 1900 UTC? > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: <mailto:mary.wong@icann.org> mary.wong@icann.org > > > > > > From: Mary Wong < <mailto:mary.wong@icann.org> mary.wong@icann.org> > Date: Tuesday, September 22, 2015 at 23:12 > Cc: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < > <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> > Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) > > > > Thanks very much, Todd! Everyone can we ask that you let us know your > availability for a Sub Team call at any of the times indicated by Todd, > below? Thank you all! > > > > Cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: <mailto:mary.wong@icann.org> mary.wong@icann.org > > > > > > From: "Williams, Todd" < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com> > Date: Tuesday, September 22, 2015 at 23:00 > To: Mary Wong < <mailto:mary.wong@icann.org> mary.wong@icann.org> > Cc: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < > <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> > Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) > > > > Thank you Mary. I think a call is a good idea. Friday at or after 1900 > UTC is better for me. Though if we want to do tomorrow, I could do > 1400-1500 UTC or 1600-1800 UTC. > > > > Todd. > > > > From: gnso-ppsai3-bounces@icann.org > [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong > Sent: Tuesday, September 22, 2015 5:05 AM > Cc: gnso-ppsai3@icann.org > Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call > yesterday) > Importance: High > > > > Hello again everyone, > > > > Following a discussion with the WG co-chairs yesterday, we would like to > suggest that the Sub Team consider doing a call this week to review the > notes from the last WG call (see below), with the goal of presenting > recommendations and/or alternative proposals to the full WG for > discussion next week (i.e. Tuesday 29 September). > > > > If you are able to do a call this week, would either Wednesday (at or > after 1400 UTC) or Friday (at or after 1900 UTC) work for you? > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: <mailto:mary.wong@icann.org> mary.wong@icann.org > > > > > > From: Mary Wong < <mailto:mary.wong@icann.org> mary.wong@icann.org> > Date: Wednesday, September 16, 2015 at 16:27 > Cc: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < > <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> > Subject: Follow up from WG call yesterday > > > > Hello everybody, > > > > Here are the notes I captured from the WG discussion yesterday; we > should have the full transcript and MP3 recording uploaded by tomorrow > at the latest but I thought these notes might be helpful, at least as an > initial framework for the next Sub Team discussion: > > > > Section I.B.(iii): > > - Need to discuss retaining it in some form; costs are real for > providers > > > > Section II: > > - Should there be provision for indemnification to provider against > misuse of data? (NOTE: unlikely to gain support, so possibly no need to > add) > > - A(6)(b)(ii): can a requester under the new wording keep/use the data > to assocate with other information about the registrant e.g. for future > or other requests? Does reverse apply to registrar/provider ie do they > keep data that's sent to them? > > > > Section III: > > - III.B: Secure communications may not be as easily or readily done as > might be desired (so revision is well-intended but maybe not entirely > practical) > > - 5 calendar days rather than 3 is more reasonable from providers' > perspective > > - saying "encouraged" but not mandating action would nullify need for > this section B (NOTE: many people on the call agree with this, one > objected) > > - III.C.: use some other word than ³surrender², and one that makes clear > this does not mean a transfer; in any event, clarify that it's a > deletion at the option of a customer (NOTE: there was some discussion > over whether providers must be required to offer this option; reminder > that previous WG discussions had led to agreement to NOT make it > mandatory due to varying provider practices) > > - III.C.(v) & (vi): do they overlap? Should they be merged? > > > > Annex I: > > - Keep both options to clarify they are two possible ways of dealing > with the issues? > > > > Would you like to do a Sub Team call to walk through these suggestions, > or should we continue to discuss first by email? I will check with the > WG co-chairs when they would like a revised, more finalized, set of > recommendations to be presented to the WG (if possible). > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: <mailto:mary.wong@icann.org> mary.wong@icann.org > > > > > > > > From: "Williams, Todd" < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com> > Date: Tuesday, September 15, 2015 at 21:19 > To: Holly Raiche < <mailto:h.raiche@internode.on.net> > h.raiche@internode.on.net>, Mary Wong < <mailto:mary.wong@icann.org> > mary.wong@icann.org> > Cc: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < > <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Thanks Holly. As I mentioned when I circulated the draft (see attached > email): > > > > ³for Sara, Kathy, and the others on our sub-team who have argued that > ³verifiable evidence² means something higher let us know how you would > further edit Sections II(A), (B), and (C) to meet whatever ³higher² > standard you have in mind.² > > > > From: <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On > Behalf Of Holly Raiche > Sent: Tuesday, September 15, 2015 8:43 AM > To: Mary Wong < <mailto:mary.wong@icann.org> mary.wong@icann.org> > Cc: gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Yes, it does help - particularly since I recognise my words in the > extract. What it suggests, however, is acceptance that the elements a > requested gives to a provider amounts to the standard of evidence that > is verifiable¹ - as described below. My question to the group, > therefore, is whether the addition of those words has been agreed upon > by the group. If not, the words should not be there; their mere > presence suggests agreement, and puts the onus on those of us who don¹t > agree to argue for the removal of words that were not agreed to. > > > > Sorry to be pedantic, folks, but the presence of those words suggests a > level of agreement that I am not aware of. > > > > Holly > > On 15 Sep 2015, at 10:27 pm, Mary Wong < <mailto:mary.wong@icann.org> > mary.wong@icann.org> wrote: > > > > > > > > > > > Hi Holly and everyone, > > > > As Todd noted in his report to the full WG last week on behalf of the > Sub Team, the document doesn¹t represent the finished consensus product > of the Sub Team but rather is being presented as a tool for further WG > discussion. The document includes certain revisions that were added to > more fully reflect the comments that were received, and as such could be > one form of a revised Annex E however, as Todd mentioned, it isn¹t the > agreed result of the Sub Team¹s substantive analysis. > > > > Similarly, in the summary document that was also sent out in tandem, > here is how the Sub Team¹s discussion on the question of ³verifiable > evidence² was presented: > > > > "Further, the Save Domain Privacy petition, which had 10,042 signatories > and also included [x] number of additional statements, argued that > ³privacy providers should not be forced to reveal my private information > without verifiable evidence of wrongdoing.² We as a sub-team could not > agree on how to interpret ³verifiable evidence,² and will leave that > discussion to the larger WG. Some on the sub-team viewed these comments > as supporting Annex E because the requirements in Annex E as currently > formulated can be interpreted as constituting verifiable evidence, while > others on the sub-team interpret verifiable evidence¹ as requiring a > court order and therefore not in support of Annex E. However, some also > noted that the word ³verifiable² does not imply that the evidence has > been tested through a legal process; rather, it simply points toward > requiring that evidence provided must be credible/provable enough so > that, in a legal proceeding, it would withstand legal scrutiny, but does > not necessarily imply that there must have been a court process in all > cases." > > > > Does this help? > > > > Cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: <mailto:mary.wong@icann.org> mary.wong@icann.org > > > > > > > > From: Holly Raiche < <mailto:h.raiche@internode.on.net> > h.raiche@internode.on.net> > Date: Tuesday, September 15, 2015 at 20:18 > To: Mary Wong < <mailto:mary.wong@icann.org> mary.wong@icann.org>, " > <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < > <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> > Cc: "Williams, Todd" < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com>, Sara Bockey < <mailto:sbockey@godaddy.com> > sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Folks > > > > I apologise for not participating over the past week - I¹ve been away. > > > > My question is, next to the headings on request for templates, the words > after requester provides to the service provider, the words verifiable > evidence of wrong doing, including¹. > > > > What that implies is that the following text lists what would constitute > verifiable evidence¹ and indeed, the word including¹ suggests that > other elements can also constitute verifiable evidence¹. Has the group > agreed on this? > > > > My impression was that we had not yet agreed what the term meant, but > that it must be evidence of a very high standard - impliedly something > that could be used in court processes. I am not convinced that the > elements listed under Heading II meet that test. > > > > So Mary, others, was this agreed? > > > > Thanks > > > > Holly > > On 15 Sep 2015, at 7:11 am, Sara Bockey < <mailto:sbockey@godaddy.com> > sbockey@godaddy.com> wrote: > > > > > > > > > > > Thanks, Todd. > > > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 1:18 PM > To: Sara Bockey, Mary Wong, " <mailto:gnso-ppsai3@icann.org> > gnso-ppsai3@icann.org" > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Thanks Sara. I¹m still confused. In order: > > > > · I still don¹t see any mention in the CDT comment re: removal of > alleged infringing materials in lieu of disclosure. I do see support > for the additional language that the attached draft adds to III(C)(vii) > about ³specific information, facts and/or circumstances showing that > disclosure to the Requester will endanger the safety of the Customer² > (in fact, that language was added specifically to capture the point of > the paragraph from the CDT comment that you¹ve quoted below). But that > is completely different from what you¹ve added, for which I cannot find > any support in any of the public comments. I also don¹t understand your > claim that ³rights and actions available to the registrant are sorely > lacking in Annex E² given that Annex E explicitly contemplates notice > to the registrant and contemplates input from the registrant in Sections > III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and > III(C)(vii). > > · The portion of the NCSG comment that you¹ve cited addressed the > appeals mechanism of Section III(F), not the reconsideration mechanism > of III(E). In fact, the attached draft removes the appeal mechanism of > III(F) precisely because of the language that you quoted below from the > NCSG comment (among others). But that language has nothing to do with > III(E). > > · I don¹t understand what the comments from Key Systems, Ralf > Haring, or Adam Creighton have to do with III(E) which again, is only > talking about a request for reconsideration. Moreover, the Key Systems > comment is simply inaccurate: the Disclosure Framework never ³assume[d] > disclosure if certain process steps are followed regardless of the > merits of the complaint² a point that the attached revised draft now > makes explicit in the preamble (³by not requiring that disclosure > automatically follow any given request²). > > > > Just to reiterate: I¹ve always viewed our job in the two documents that > our sub-team has drafted as being to accurately report to the larger WG > what the comments that we¹ve reviewed say. Which means two things: 1) > we have to be true to the comments, and not reinterpret them to say > something they don¹t; and 2) we have to reserve our advocacy for or > against certain points from those comments for the larger WG discussion. > That¹s what I tried to do in the attached. So if you want to argue > against Annex E, that¹s fine do so on the call tomorrow. In fact, I¹m > planning to argue against several of the proposed changes that are > included in the attached. But I still included those proposed changes > in the attached draft, and accurately noted which comments they were > based on because to do otherwise would be misleading to the larger WG. > > > > From: Sara Bockey [ <mailto:sbockey@godaddy.com> > mailto:sbockey@godaddy.com] > Sent: Monday, September 14, 2015 3:50 PM > To: Williams, Todd < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com>; Mary Wong < <mailto:mary.wong@icann.org> > mary.wong@icann.org>; gnso-ppsai3@icann.org > Cc: Sara Bockey < <mailto:sbockey@godaddy.com> sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Todd, > > > > Please see my comments inline below. > > > > Disclaimer: I do not support Annex E. > > > > Sara > > > > From: "Williams, Todd" > Date: Monday, September 14, 2015 at 11:57 AM > To: Sara Bockey, Mary Wong, " <mailto:gnso-ppsai3@icann.org> > gnso-ppsai3@icann.org" > Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Sara: > > > > Two quick questions on this as I was getting ready for our call > tomorrow: > > > > 1) Your addition of a new III(C)(v) stating ³the Customer has > removed the infringing trademark and/or copyright material in lieu of > disclosure² what public comment that we reviewed was that change based > on? > > > > Based on CDT¹s comment re registrant¹s ability to respond to allegations > removal of alleged infringing materials in lieu of disclosure would > fall into this category. Rights and actions available to the registrant > are sorely lacking in Annex E. > > > Mere allegation of infringement or illegality is insufficient cause for > a provider to disclose a customer¹s data to a third party; it is > frequently trivially easy for a party abusing the system to allege > frivolous or nonexistent civil claims to justify a demand for personal > information. Registrants should have the ability and opportunity to > respond to the allegations and to the dangers to which they, their > families, and their organizations might be subjected, and to obtain > counsel on these matters. > Revealing a customer¹s registration data should only occur when there > has been a substantial > showing of likelihood of abuse and only after due process. > > > > > > 2)Can you show me where in the NCSG comment (here: > > > <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS > 3q.pdf> > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3 > q.pdf > > ) the NCSG argued for the addition of the clause ³in instances where > Requester has discovered and submitted additional evidence or > information which warrants consideration² to III(E)? You noted that > this change was based on the NCSG comment, but I can¹t find anything in > that comment that mentions III(E) though admittedly I could have > missed it. > > > > > Based on NCSG comment re unlimited appeals . > > Under no circumstances should Intellectual Property Interests, Law > Enforcement or any other Requestors have unlimited appeals to third > party dispute resolution providers. It will be far more than an > implementation detail to define this appellate procedure but a whole > new arbitration forum of its own will need to be created and a UDRP > process undiscussed and unplanned by this Working Group. All > deliberation about appeal mechanisms should be set aside at this time. > Any Intellectual Property owner or group that feels a Provider is > routinely denying appropriate requests will have full access to the > growing and increasingly responsive ICANN Compliance Team which will > be accessible to Complainers through the accreditation process now being > created. > > Key Systems¹ comment would also support this addition: > > We do not support the proposed Disclosure Framework as it assumes > disclosure if certain process steps are followed regardless of the > merits of the complaint. > > As well as Ralf Haring¹s comment: > > [Disagree with proposal that] Providers can be forced to give your > private contact details to anyone complaining that your site violates > their copyright or trademark. > > And Adam Creighton¹s comment: > > I think the language is too loose, and opens individuals up to frivolous > litigation from IP rights owners and third-party agencies whose > contracted relationship is to expand IP brand presence. > > > Thanks. > > > Todd. > > > > From: Sara Bockey [ <mailto:sbockey@godaddy.com> > mailto:sbockey@godaddy.com] > Sent: Friday, September 04, 2015 4:40 PM > To: Williams, Todd < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com>; Mary Wong < <mailto:mary.wong@icann.org> > mary.wong@icann.org>; gnso-ppsai3@icann.org > Cc: Sara Bockey < <mailto:sbockey@godaddy.com> sbockey@godaddy.com> > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > Hi all, > > > > As promised, attached is a redline of my input to the proposed changes > Todd drafted. Todd was pretty thorough and had included several > revisions I had in mind based on the comments so my edits are limited to > a few comments and additions. > > > > Best regards, > > > > Sara > > > > > > From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" > Date: Wednesday, September 2, 2015 at 2:58 PM > To: Mary Wong, " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" > Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team > Consideration > > > > All: > > > > As promised on our call, attached is a redline of the Draft Disclosure > Framework, with annotations noting the source of each proposed change. > Several notes as you review: > > > > · I know that we¹ve debated whether ³verifiable evidence² means > more than what is currently in Sections II(A), (B), and (C). You¹ll see > that I¹ve added the exact wording from the savedomainprivacy.org > <http://savedomainprivacy.org/> petition ³verifiable evidence of > wrongdoing² to those sections. I think that is a good fit, as of > right now. But for Sara, Kathy, and the others on our sub-team who have > argued that ³verifiable evidence² means something higher let us know > how you would further edit Sections II(A), (B), and (C) to meet whatever > ³higher² standard you have in mind. > > · You¹ll note that I briefly added a reference to the comment from > Com Laude (which I think we had omitted from our summary). And that I > did not reference the comment from Aaron Myers (which we¹ve referenced > in our summary, but which doesn¹t really offer any edits to the > Disclosure Framework). Otherwise I think I¹ve covered everything that > we reviewed in terms of edits to the Disclosure Framework though let > me know if anybody sees anything I¹ve missed. > > · Just to be clear for the record: the attached is a revised > Disclosure Framework that illustrates and attempts to account for all of > the proposed edits that we received from the public comments, for the > larger Working Group¹s reference. But it is not how I would have edited > the Disclosure Framework. In fact, I¹ll reserve the right to argue > against some of these proposed edits, once we get into the larger WG > discussion. Just wanted to make that clear so that nobody thinks these > edits are mine (since I¹m the one who drafted the document). > > > > Thanks. > > > > Todd. > > > > From: <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On > Behalf Of Mary Wong > Sent: Wednesday, September 02, 2015 6:59 AM > To: gnso-ppsai3@icann.org > Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration > > > > Hello again everyone, > > > > As you look through the proposed revised summary document (below), you > may also wish to consider whether some of the additional comments that > were included in Part 4 of the overall WG Public Comment Review Tool > might be useful such that additional notes or recommendations can be > made, or existing language amended. For your convenience I¹ve extracted > ten such comments which, while not sent in as specific responses to the > Preliminary Recommendations and Annex E that this Sub Team is analysing, > nonetheless seem relevant generally. > > > > I attach these ten comments in tabular form to this email, and welcome > the Sub Team¹s discussion and comments on whether any of them ought to > be considered as well as your thoughts on the summary document. > > > > As the Sub Team is due to report back to the full WG next Tuesday, > please let me know also if you think a call before then amongst the Sub > Team members might be needed. > > > > Thanks and cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: <mailto:mary.wong@icann.org> mary.wong@icann.org > > > > > > From: Mary Wong < <mailto:mary.wong@icann.org> mary.wong@icann.org> > Date: Monday, August 31, 2015 at 15:46 > To: " <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org" < > <mailto:gnso-ppsai3@icann.org> gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hello everyone, in an attempt to facilitate further dialogue and, > hopefully, consensus on a way forward on this issue, I¹ve taken the > liberty of amending Kathy¹s document to take into account Holly¹s > comments as well as to attempt to place certain comments (e.g. the > ICA¹s, EasyDNS¹) more specifically within a particular category. I > attach both a redlined and clean copy of this latest updated version > (with the clean copy including yellow highlighted portions where the > most significant language changes are suggested). I have not yet broken > the comments down further into the registrant/provider distinction that > Todd noted, but can of course do so if this is viewed as useful. > > > > Please note that this is not a staff position that is being suggested, > but merely an attempt to document where the Sub Team¹s discussion seems > to be at the moment. I hope this is helpful. > > > > Cheers > > Mary > > > > Mary Wong > > Senior Policy Director > > Internet Corporation for Assigned Names & Numbers (ICANN) > > Telephone: +1 603 574 4889 > > Email: <mailto:mary.wong@icann.org> mary.wong@icann.org > > > > > > From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" < > <mailto:Todd.Williams@turner.com> Todd.Williams@turner.com> > Date: Friday, August 28, 2015 at 22:40 > To: Kathy Kleiman < <mailto:kathy@kathykleiman.com> > kathy@kathykleiman.com>, " <mailto:gnso-ppsai3@icann.org> > gnso-ppsai3@icann.org" < <mailto:gnso-ppsai3@icann.org> > gnso-ppsai3@icann.org> > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Thanks Kathy. I both agree and disagree with what you¹ve said below. > > > > I strongly agree that ³the key is the quotes that have come out of the > comments.² I¹ve said repeatedly that our job as a sub-team is not to > advocate, but to simply present the comments to the WG in as accurate > and objective a way as possible. To the extent that we then want to > advocate for our own positions as part of the larger WG, we can do so. > Moreover, part of the reason why I feel so strongly that ³the key is the > quotes² is that I think we have to take the comments at face value, and > then debate as WG whether we can reach consensus on what they actually > say not on what we want them to say. That¹s why I felt so strongly > that ³verifiable evidence² should not be reinterpreted to mean a court > order. It is also what animated my email exchange with Stephanie in the > larger WG (attached). > > > > And if we are in fact faithful to what the comments actually say, then > it is a mistake to lump all of the ³court order² comments into one > monolithic group. I¹ve given some examples of substantive differences > below. But let me give another one: if we look at what they actually > say, the ³court order² comments are very much divided based on whether > the comment came from an individual registrant or from a > registrar/provider. Which of course makes sense: a registrant will tend > to look at these issues very differently than a provider. Specifically, > as you correctly note in our draft, the vast majority of comments > (11,000+) from individuals/registrants said that ³Everyone deserves the > right to privacy² and that ³No one¹s personal information should be > revealed without a court order, regardless of whether the request comes > from a private individual or law enforcement agency.² And of course, we > can understand why registrants would argue that their right to privacy > is inviolate, and that it should never be abrogated unless a court > blesses it. > > > > But note that the registrar/provider comments in the ³court order² group > do NOT say the same thing. Rather, they are focused on retaining their > discretion as to when to disclose or publish, and do not want an > accreditation standard that requires them to do so absent a court order. > Hence my point about the word ³require² in the Blacknight comment. See > also the Key Systems comment: ³Disclosure or publication should never be > the automatic result of a process, but rather remain an option of the > provider.² And others. So one key distinction b/w the > registrant/individual comments and the registrar/provider comments is > that the registrant comments do not want disclosure or publication EVER > unless following a court order, while the provider comments want a court > order first if SOMEBODY ELSE wants them to disclose or publish, but not > if THEY want to disclose or publish. And we can understand why, given > how many provider Terms of Service include language that gives them > discretion to basically turn off a P/P Service whenever they want (for > example, if the registrant stops paying them), without any kind of > process beforehand (due process or otherwise). See below (among many > others): > > > > · Blacknight: <https://www.blacknight.com/acceptable-usage.html> > https://www.blacknight.com/acceptable-usage.html. > > · Whoisprivacy.com <http://whoisprivacy.com/> , Ltd.: > <http://www.whoisprivacyservices.com.au/terms.htm> > http://www.whoisprivacyservices.com.au/terms.htm. > > · EuroDNS S.A.: > <https://www.eurodns.com/terms-and-conditions/whois-privacy> > https://www.eurodns.com/terms-and-conditions/whois-privacy. > > · 1&1 Internet, Inc.: <http://www.1and1.com/TcPdr?__lf=Static> > http://www.1and1.com/TcPdr?__lf=Static. > > · Domain.com <http://domain.com/> , LLC: > <http://www.domain.com/legal/legal_domain.bml#domain-privacy-service> > http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. > > · DomainIt, Inc.: <https://www.domainit.com/terms.html> > https://www.domainit.com/terms.html. > > · Moniker Privacy Services, LLC: > http://www.moniker.com/legal/registration-agreement. > > > > So we can understand why providers would not want an accreditation > regime that requires them to get a court order before they turn off a > registrant¹s privacy service (and to rewrite their Terms of Service > accordingly). In fact, Volker has already admitted both on the email > list (see attached) and on our weekly calls (see transcript of 8-11-15 > call) that such an accreditation requirement would have such a ³severe > impact² on the economic realities of providers (in other words, would > cost them so much money), that they could never agree to such a > requirement. But of course, if I¹m an individual registrant concerned > about my privacy and due process, then I could care less about the > ³economic realities² of providers. > > > > My point is only that we can¹t gloss over that important distinction > (and others) by lumping all of the ³court order² comments together as if > they were coming from the same place and advocating for the same thing. > They¹re not. > > > > From: Kathy Kleiman [ <mailto:kathy@kathykleiman.com> > mailto:kathy@kathykleiman.com] > Sent: Friday, August 28, 2015 8:44 AM > To: Williams, Todd < <mailto:Todd.Williams@turner.com> > Todd.Williams@turner.com>; gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi Todd, > The entire WG is now looking to our comments to show what supports Annex > E (deemed generally to be a lower standard than court order) and Court > Order (deemed to be a much higher standard than Annex E). What we are > talking about is the floor, not the ceiling, right, for accreditation? > Namely, what is the minimum requirement for disclosure of proxied data? > I see it as really quite binary - up or down (Annex E or court order for > private requests to p/p providers) - but I can understand if the subteam > thinks differently. > > What I think is key is the quotes that have come out of the comments. > Provided we keep the quotes, I'm good.I can rework, but not until end of > weekend or early next week. > > Best, > Kathy > : > > Thanks Kathy. > > > > · When you say that ³in the weeks since the original draft, I > think the discussion has evolved from a multipart one . . . to a binary > one² what are you basing that on? Can you point to any transcripts or > emails? I certainly don¹t remember being part of those discussions. > > · Moreover, had I been involved in those discussions, I would have > objected, because I think that lumping the comments together in the way > that you have, and ignoring the categories that our sub-team had already > agreed upon, does a disservice to the nuance of the comments from > Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a > court. I think that is an important distinction between Categories 2 > and 3. And the fact that the ICA and EasyDNS comments would allow for > ³some exceptions for cases of abuse² is another important distinction > that the broader WG ought to know about. I¹m fine if we want to include > some sort of introductory sentence saying that __ comments opposed the > basic premise of Annex E (which we do). But to then argue that those > comments are monolithic, or that they all oppose the premise of Annex E > in the same way, is not accurate. > > · I simply understood the ISPCP comment to mean that allegations > of infringement should not always be automatically taken as true (³not > indisputably wronged parties²), and that some independent adjudicator > (meaning, somebody other than the IP owner who is making the allegation) > should evaluate the merits of those claims. Annex E as currently > drafted provides for that. But I also don¹t think that you or I should > necessarily be the ones to decide this argument. Why can¹t we just say > that we weren¹t quite sure what to do with this one (as was true with > some others), and take it to the larger WG for their consideration. > > · I think you¹re missing my point on Blacknight. My point is that > the key word is ³require.² As I mentioned below, nothing in Annex E > ³requires² Blacknight to disclose (merely to give reasons if they refuse > to disclose). So I don¹t see anything in their comment that is > inconsistent with Annex E. > > · On the APC comment: I don¹t disagree with you that the comment > has important value for the WG. But that¹s not the same thing as saying > that it advocates for disclosure only following a court order. It > doesn¹t. > > > > From: Kathy Kleiman [ <mailto:kathy@kathykleiman.com> > mailto:kathy@kathykleiman.com] > Sent: Wednesday, August 26, 2015 10:59 PM > To: Williams, Todd <mailto:Todd.Williams@turner.com> > <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com> ; > gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi Todd, > Tx you for the close read. In the weeks since the original draft, I > think the discussion has evolved from a multipart one - such as the 5 > categories originally created in Section III -- to a more binary one: do > commenters support a system such as Annex E or do they want court order > prior to the reveal of the data? > > With apologies, I don't understand the differentiation into Categories > 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and > others not, but that does not take away from the totality of the > commenters who want court orders -- or want court orders for certain > categories of requests such as privacy requests to p/p providers from > third parties, such as intellectual property requests. To divide up > these comments really dilutes the argument, I think, as these commenters > favor court order for the key issue we are evaluating. > > So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy > DNS together in Category 2. > > The ISPCP Constituency Comments call for an "independent adjudicator" to > "determine the merits of their ("intellectual property rights holders") > claims. I thought that was pretty clear reference to a judge or > magistrate, but if you see it differently, please let me know. > > Re Blacknight, on the issue of Annex E or court order, the comments > appear to come down squarely for court orders. For LEA, it recommends a > different approach, but there is no reference to Annex E, only "a > request from law enforcement, Irish consumer protection agencies or a > court order with jurisdiction over us." The intellectual property > requests falls into the final category -- court order -- and as such, > this comment would be properly listed here. > > Re: APC, Alliance for Progressive Communications, you are right that I > missed a step in putting this comment forward. The question this quote > addresses, and it is a valuable one, is court orders and jurisdiction -- > from which jurisdiction are court orders are valid? Here APC provides > us with unique insight, very worth passing onto the WG: that release of > domain name data in some countries has and will continue to result in > arrest, prosecution, conviction, etc. of "domain owners" who are > "exercising activism" online. This is a very tough issue that we > discussed in the WG, and APC is on the ground in Africa and near the > Middle East to see abuses first hand. > > As the WG explores the issue of court orders, the next question is: from > what jurisdiction should/must p/p provider accept a court order? The APC > comment reminds us that what is clearly legal in one country is > punishable in another -- and that jurisdictional issues for court orders > are a key part of what we (the WG) have to keep in mind. If you would > like to create a introductory paragraph, or new section, for this type > of discussion, I would certainly welcome it! > > Best, > Kathy > : > > Thanks Kathy. One minor formatting suggestion: > > > > I think the spectrum that we outline on page 5 (Categories 1-4) is > useful, because not all of these comments are advocating for the same > thing. Yet the quotes that we¹ve added from the comments are all > included under Category 2, which is somewhat confusing. I would suggest > that we move: > > > > · The quotes from the comments from Google, Endurance > International Group, and Jeff Wheelhouse to the paragraph on Category 3. > > · The quotes from the comments from ICA and Easy DNS to the > paragraph on Category 4. > > > > Also, I saw that you added quotes from the comments from ISPCPC, > Blacknight, and the Association for Progressive Communications, even > though those weren¹t in our initial summary and don¹t specifically > mention Annex E. My thoughts on each: > > > > · Here¹s the full ISPCPC quote, from a section titled ³Regarding > LEA definitions & differentiations²: ³While we respect the desire to > utilize the official ICANN definition of Law Enforcement Agent (LEA), we > acknowledge that intellectual property rights holders and private anti > abuse organizations should be treated as complainants and not > indisputably wronged parties, and accordingly an independent adjudicator > should determine the merits of their claim before rights that users > would otherwise have are abrogated by reason of those lawyers' claims.² > To be honest, I¹m not really sure what to make of that (especially given > that it is included under a heading about LEA definitions). But I¹m not > sure that we can assume that it means disclosure only following a court > order. Why would Annex E as currently drafted not satisfy the standard > of ³an independent adjudicator should determine the merits of their > claim²? > > · I also don¹t understand why we would think that the Blacknight > quote is incompatible with Annex E. All it says is that ³any policy > that would require us to divulge our client¹s information in the absence > of either a request from law enforcement, Irish consumer protection > agencies or a court order with jurisdiction over us is incompatible with > Irish law.² But Annex E as currently drafted doesn¹t require Blacknight > to divulge its client¹s information. Rather, it gives Blacknight the > discretion to make that decision; all it requires is that Blacknight > provide the complainant with its reasoning if it chooses to refuse. > > · I don¹t understand why we¹d include a quote from the APC comment > in this section, given that it does not mention Annex E, and that it > expressly endorsed the NCSG comment (see: > <http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0 > i9.pdf> > http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i > 9.pdf), which we analyze in the previous section that supports the > premise of Annex E. > > > > From: <mailto:gnso-ppsai3-bounces@icann.org> > gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On > Behalf Of Kathy Kleiman > Sent: Wednesday, August 26, 2015 5:17 PM > To: gnso-ppsai3@icann.org > Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview > > > > Hi All, > Tx to Darcy for the Overview work. I've taken her draft and added to it > my work on Section III as promised on the last call. I added more quotes > from commenters seeking court orders and the use of existing legal due > process mechanisms prior to disclosure of proxied data. There was a wide > array of comments on this issue, including from ISPs, individuals, > organizations, and companies. > > I used Darcy's version as the base. Both her edits (Overview) and my > edits (Section III) are shown in "track changes." > > Best, > Kathy > > : > > Hi, all! > > In follow up to our call earlier this week, attached is an updated > Sub-team 3 analysis draft with the overview added at the beginning. I > redlined my changes so you can clearly see what I¹ve done. I hope you > find that I present a clear and accurate overview. > > > > I also made some minor revisions to Section V (³Comments that did not > fit neatly into any of the above categories²) that I realized after > submitting my original draft of that section made a bit more sense. > Again, I¹ve redlined the changes so you can easily see what changed. > > > > Please let me know if there are any questions. > > > > Thanks, > > Darcy > > > > > > > > > > > > > > > > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > > > > > <Revised Illustrative Disclosure Framework for Intellectual Property > Righ...[2][1].docx>_______________________________________________ > Gnso-ppsai3 mailing list > <mailto:Gnso-ppsai3@icann.org> Gnso-ppsai3@icann.org > <https://mm.icann.org/mailman/listinfo/gnso-ppsai3> > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > > _______________________________________________ > Gnso-ppsai3 mailing list > <mailto:Gnso-ppsai3@icann.org> Gnso-ppsai3@icann.org > <https://mm.icann.org/mailman/listinfo/gnso-ppsai3> > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > _______________________________________________ > Gnso-ppsai3 mailing list > <mailto:Gnso-ppsai3@icann.org> Gnso-ppsai3@icann.org > <https://mm.icann.org/mailman/listinfo/gnso-ppsai3> > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > > > > > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > _______________________________________________ > Gnso-ppsai3 mailing list > Gnso-ppsai3@icann.org > https://mm.icann.org/mailman/listinfo/gnso-ppsai3 > > > >
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>
Ok thanks Kathy. I think Mary is included in this thread. Mary: can you circulate the draft that Kathy sent at 2:49? Also, just to be clear, on the "usual disclaimers" - when I said in my email below that it was fine if our sub-team wants to recommend to the larger WG that we choose Option Two over Option One (the same way that we've made other recommendations between two possible language alternatives), I was making a procedural point (that it wasn't our decision to make), not a substantive point (that Option Two is in fact better than Option One). Have we debated the relative merits of Option One vs. Option Two as a sub-team? If so I don't recall. To be 100% honest I'm not sure which one I prefer - and as I make up my mind, I just don't recall having heard arguments as to the pros and cons of each. Just in terms of process: I had thought that our marching orders for this week were to incorporate the changes that the WG discussed in our F2F in Dublin and then recirculate the draft (with those changes) to the larger WG. Notably, none of those changes had anything to do with the Annex, which was still the big open issue. Then, I thought the plan for this week's WG call tomorrow was to review those changes ("Everything look good? Any objections? If not, then moving on....."), and then focus most of our WG's substantive discussion on finally trying to decide between Options One and Two. And it may be that that is exactly how the call will go tomorrow. I guess I just don't want the WG to think that by focusing our drafting efforts on Option Two, or by saying that more people on our sub-team prefer Option Two to Option One (which I think is true, though I don't think it's unanimous, and I know I'm still on the fence), that we've foreclosed that debate. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Monday, November 02, 2015 4:31 PM To: Williams, Todd <Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com>; gnso-ppsai3@icann.org Subject: Re: Finishing the cleanup of Annex 1 Tx Todd for your review. Would that we had more time for everyone to review. But with the disclaimers we all know about, I am OK for circulating this last version (V.3). Best, Kathy On 11/2/2015 4:18 PM, Williams, Todd wrote: Thanks Kathy. I know that Mary and Steve have asked for a draft to circulate to the WG. Can we give them what you've sent? I don't see why not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Monday, November 02, 2015 2:49 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com><mailto:darcy.southwell@endurance.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: Finishing the cleanup of Annex 1 Hi All, As always, I feel we are being pushed a bit rapidly to report out to the WG. I think our work is almost done, but not quite. If we are going with Option 2, then we should take the last step of incorporating that possibility into the Request templates. It is the final step - an express written agreement that the IP owner consents to jurisdiction, for the purposes of challenges arising from this request, in the places we agreed in Option 2. That seems reasonable - and a natural, final step given the detail of the rest of the Request Templates. To finish our work, I have added the short language of option 2 to the request templates of Annex E. As Todd writes below, this is a recommendation of the subteam to the WG -- for all of us to discuss. Best, Kathy On 11/2/2015 11:38 AM, Williams, Todd wrote: Thanks Kathy. Couple thoughts: · I think it's fine if our sub-team wants to recommend to the larger WG that we choose Option Two over Option One (the same way that we've made other recommendations between two possible language alternatives). But just to be clear, I think it has to be couched that way: as our recommendation. I don't think we get to make the final decision to jettison one or the other, which can only be made by the WG. · I still don't understand the "Addition One" to Option Two. The whole Annex is about how to resolve two kinds of disputes: 1) disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided knowingly false statements; or 2) disputes arising from a Requester's knowing misuse of information disclosed to it in response to its request. That's what the language of III(G) refers to ("Two options for resolving disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided false information are outlined in Annex 1 below."). That's what the very title of the Annex refers to ("Two options for resolving disputes arising from disclosures made as a result of allegedly improper requests"). All of that assumes that the disclosure has already been made. But what you're referring to (I think) is a situation in which the disclosure has not yet been made, but the Customer thinks that the Provider is about to disclose, and somehow wants to challenge that decision. That's a totally different issue, and I just don't see any way to fit that square peg into this round hole. Moreover, it feels like what you are describing is a process for Customers to appeal their Provider's decision to disclose (before it has been implemented) by going to Court. But we had language in Section III(F) of the Disclosure Framework discussing that very issue (appeal), and intentionally took it out, for many reasons, most of which were based on points that had been raised in the public comments that we reviewed. I don't see why we would now reinsert it (or something like it) - especially in this Annex, which by its terms only deals with what happens after a disclosure has been made. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Monday, November 02, 2015 11:00 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com><mailto:darcy.southwell@endurance.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Finishing the cleanup of Annex 1 Hi All, We have devoted so much work to the main sections of Annex E that it is right that we devote the same fine style to Annex 1. Annex 1 is still in its original form, I think, and ripe for the type of clarity we brought to other sections. Attached is a slightly streamlined version of the draft I circulated on Friday. Overall, I recommend that we: a. Jettison Annex 1, Option 1. I don't think we can refer something to arbitration when there is no arbitration mechanism for it. Creation of arbitration system could be a whole new avenue of their own. I don't think we are providing any policy direction for it. b. Update Annex 1, Option 2 with small but key changes. I have no idea what the "seat of the Provider" is, do you? I can guess, so I drafted it with more standard language that I think will help everyone down the line with implementation. c. Interim avenues -- yes, if I file a motion to quash in my local court, like the UDRP, I think the proceeding before the Provider should be suspended until the Court rules. It's completely consistent with how we handle the UDRP (WIPO stops processing), and it will avoid any question of who or what takes priority. I doubt it will be used very often, but since Motions to Quash are standard in the other areas, they are likely to be used here as well. Basically a few key clean-ups, clarifications, and revisions, and I think we have scrubbed Annex 1 nice and clean! Edited document, V.2 based on this discussion, attached. Best, Kathy On 11/2/2015 10:04 AM, Williams, Todd wrote: Thanks Kathy, Darcy, all. My quick thoughts on Kathy's points: · If we like the GoDaddy go-by language for clarification, that's fine. · I don't think we need to discuss suggested damages, and frankly don't see how we could even if we wanted to. All we're doing is drafting accreditation standards for P/P Providers. If we want to suggest as a policy that they include some sort of jurisdictional clause in their Terms, or in their Disclosure Frameworks, then OK. But to then go one step further and tell a Court in that jurisdiction (wherever it may be) what they can or can't award - either in terms of damages, or in terms of injunctive relief - seems quite beyond our remit. Moreover, how many different types of claims might a wronged Customer may have in such a situation? Presumably many, depending on the facts of a given case. I don't see how we could prospectively say what the damages should be for each of those different claims if we don't know what they will be. · Similarly, I don't understand how or what we'd have to say in this document on Kathy's last point about a Customer taking it's Provider to court before a disclosure takes place. Presumably Customers can take their Providers to court for many reasons (and vice versa), based on the terms outlined in their contracts. I'm not sure how that's related to the P/P Provider's accreditation. Bottom line: I don't think there is anything more granular that needs to be done on Option 2 (especially at this juncture, and especially if it's only one of two options that we end up recommending in our Final Report). As I mentioned in my 10-28 email below, I think Steve and Graeme were wanting us to circulate something today, before the call tomorrow. What do we as a sub-team think about where the document is now? OK to circulate? Should we circulate the whole thing? If so, should we highlight for the broader WG that the post-Dublin changes are limited to: 1) Darcy's language changes to the "Preamble" and to I(B); 2) Section III, which includes all of the changes that were discussed in our F2F in Dublin (business days, new III(C)(vii), etc.); and 3) the Annex to the Annex? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, October 30, 2015 12:13 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com><mailto:darcy.southwell@endurance.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hi All, This is email #2. It has my proposed edits to Annex 1, Option 2. (Quick note: that like others, I have a lot of questions about Option 1 and agree that we need to discuss it with the WG.) But Option 2 is a pure jurisdiction clause, which is fine. I don't think that Providers have to do anything other than ensure that the right language is included in the filled-out materials (the Templates) that the Provider submits. In terms of use of Option 2, I agree with Todd's interpretation: "if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information)." But what is the "seat of the Provider?" I am not sure exactly what that means, so I looked up similar language [Registrants have to agree to waiver jurisdiction to the location of the Registrars] and added it to our draft Annex E. I also responded to Darcy's comments with what I hope are responsive thoughts. Plus a new issue - a bit of a wrinkle on the question of court cases... Annex E edited attached -- all of my edits/comments/etc are at the very end - last page, Annex 1, Option 2. Best regards, Kathy p.s. if you have any trouble reading this file, please let me know (if may be my word processor) On 10/29/2015 9:51 AM, Williams, Todd wrote: Thanks Darcy. On your second question I think the answer is yes: if that is the option that the WG selects (of the two), I think that is how it would work. From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Thursday, October 29, 2015 9:39 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Thanks, Todd. For I(B), my preference is we use "Nothing in this document prevents a Provider from...." Regarding your last bullet, if the Requester refuses to include the consent in its Request, is the Provider allowed to refuse to process the Request? This consent requirement isn't included in the rest of the Annex. Thanks, Darcy From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Thursday, October 29, 2015 at 9:31 AM To: Darcy Southwell <darcy.southwell@endurance.com<mailto:darcy.southwell@endurance.com>>, Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Great, thanks Darcy. My thoughts on your points, in order: · Aren't Providers by definition accredited: good point; good change. · Automation: no, that language has always applied to everybody involved. · Choice of language to begin I(B): good point, we should pick one. I don't have a preference. Does anybody else? · On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester? Thanks! Todd. From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Wednesday, October 28, 2015 6:35 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Todd, Thanks for taking the time to make the edits that follow upon our F2F discussion. I've added a few edits and comments in the attached document. Best, Darcy From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Wednesday, October 28, 2015 at 2:58 PM To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hope everybody enjoyed the rest of their time in Dublin. I've attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Sunday, October 04, 2015 2:31 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday. Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data? This is a huge open issues. Ideas welcome! Kathy -------- Forwarded Message -------- Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Date: Fri, 2 Oct 2015 21:35:30 +0000 From: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com> To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> All: Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I've flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference: · The language "comply with all applicable data protection laws while retaining Customer's contact details and" was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b). · The language "using secure communication channels" was added back to III(B)(i). As I told Kathy: I don't have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it. · On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed "a reasonable basis for" to "a basis for reasonably" in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made. · For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, "which all Providers must either allow or be allowed to allow." So that is what you see there. · We moved III(C)(vi) back to its own section - in the draft yesterday it had been collapsed into III(C)(v). · We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn't add any language per se - just added a note in the comment highlighting that point. Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend. Todd. From: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'Kathy Kleiman' <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org><mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Per Mary's latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you'd like. From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I'm even more confused. As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG's Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don't understand your claim from your email yesterday (attached) that "I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form." From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Hi Todd, Looking forward to seeing you on the call! Kathy On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team's work that you think "raises the standard for denial" in the manner that you've identified? From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts. Best, Kathy On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG...... From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com><mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Thanks Kathy. Can I ask what edits to III(C) you're concerned about? From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so. Best, Kathy ------------------------------------------------------------ Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond). The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability. - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don't see how using the word encouraged nullifies Section B. - **I don't agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the "due process" protections that thousands of commenters sought to protect.** - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word "surrender" is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let's discuss the wording of vi. It's getting close, but needs to be tweaked. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense - deletion of Option 1 and editing of Option 2 (now just Annex I) Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia. What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. - perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: · I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? · II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. · III(B): § 5 calendar days: agree. See Transcript at 18. § Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. § "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. § I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. · III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. · III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. · Annex One keep both options: agree. See Transcript at 26-27. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: · I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. · You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: · Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? · I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Folks Ive been following the discussion - but not in as much detail as I should have - stuff back here has claimed my time. I’m with Kathy on Option 2 and with circulating V. 3. I won’t be on today(for me tomorrow am’s call) but will follow the emails Thanks Holly On 3 Nov 2015, at 8:48 am, Williams, Todd <Todd.Williams@turner.com> wrote:
Ok thanks Kathy. I think Mary is included in this thread. Mary: can you circulate the draft that Kathy sent at 2:49?
Also, just to be clear, on the “usual disclaimers” – when I said in my email below that it was fine if our sub-team wants to recommend to the larger WG that we choose Option Two over Option One (the same way that we’ve made other recommendations between two possible language alternatives), I was making a procedural point (that it wasn’t our decision to make), not a substantive point (that Option Two is in fact better than Option One). Have we debated the relative merits of Option One vs. Option Two as a sub-team? If so I don’t recall. To be 100% honest I’m not sure which one I prefer – and as I make up my mind, I just don’t recall having heard arguments as to the pros and cons of each.
Just in terms of process: I had thought that our marching orders for this week were to incorporate the changes that the WG discussed in our F2F in Dublin and then recirculate the draft (with those changes) to the larger WG. Notably, none of those changes had anything to do with the Annex, which was still the big open issue. Then, I thought the plan for this week’s WG call tomorrow was to review those changes (“Everything look good? Any objections? If not, then moving on…..”), and then focus most of our WG’s substantive discussion on finally trying to decide between Options One and Two. And it may be that that is exactly how the call will go tomorrow. I guess I just don’t want the WG to think that by focusing our drafting efforts on Option Two, or by saying that more people on our sub-team prefer Option Two to Option One (which I think is true, though I don’t think it’s unanimous, and I know I’m still on the fence), that we’ve foreclosed that debate.
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Monday, November 02, 2015 4:31 PM To: Williams, Todd <Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com>; gnso-ppsai3@icann.org Subject: Re: Finishing the cleanup of Annex 1
Tx Todd for your review. Would that we had more time for everyone to review. But with the disclaimers we all know about, I am OK for circulating this last version (V.3). Best, Kathy
On 11/2/2015 4:18 PM, Williams, Todd wrote: Thanks Kathy. I know that Mary and Steve have asked for a draft to circulate to the WG. Can we give them what you’ve sent? I don’t see why not.
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Monday, November 02, 2015 2:49 PM To: Williams, Todd <Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com>; gnso-ppsai3@icann.org Subject: Re: Finishing the cleanup of Annex 1
Hi All, As always, I feel we are being pushed a bit rapidly to report out to the WG. I think our work is almost done, but not quite.
If we are going with Option 2, then we should take the last step of incorporating that possibility into the Request templates. It is the final step - an express written agreement that the IP owner consents to jurisdiction, for the purposes of challenges arising from this request, in the places we agreed in Option 2. That seems reasonable - and a natural, final step given the detail of the rest of the Request Templates.
To finish our work, I have added the short language of option 2 to the request templates of Annex E. As Todd writes below, this is a recommendation of the subteam to the WG -- for all of us to discuss.
Best, Kathy
On 11/2/2015 11:38 AM, Williams, Todd wrote: Thanks Kathy. Couple thoughts:
· I think it’s fine if our sub-team wants to recommend to the larger WG that we choose Option Two over Option One (the same way that we’ve made other recommendations between two possible language alternatives). But just to be clear, I think it has to be couched that way: as our recommendation. I don’t think we get to make the final decision to jettison one or the other, which can only be made by the WG.
· I still don’t understand the “Addition One” to Option Two. The whole Annex is about how to resolve two kinds of disputes: 1) disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided knowingly false statements; or 2) disputes arising from a Requester’s knowing misuse of information disclosed to it in response to its request. That’s what the language of III(G) refers to (“Two options for resolving disputes in which a Provider is alleged to have made a wrongful disclosure based on a Requester having provided false information are outlined in Annex 1 below.”). That’s what the very title of the Annex refers to (“Two options for resolving disputes arising from disclosures made as a result of allegedly improper requests”). All of that assumes that the disclosure has already been made. But what you’re referring to (I think) is a situation in which the disclosure has not yet been made, but the Customer thinks that the Provider is about to disclose, and somehow wants to challenge that decision. That’s a totally different issue, and I just don’t see any way to fit that square peg into this round hole. Moreover, it feels like what you are describing is a process for Customers to appeal their Provider’s decision to disclose (before it has been implemented) by going to Court. But we had language in Section III(F) of the Disclosure Framework discussing that very issue (appeal), and intentionally took it out, for many reasons, most of which were based on points that had been raised in the public comments that we reviewed. I don’t see why we would now reinsert it (or something like it) – especially in this Annex, which by its terms only deals with what happensafter a disclosure has been made.
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Monday, November 02, 2015 11:00 AM To: Williams, Todd <Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com>; gnso-ppsai3@icann.org Subject: Finishing the cleanup of Annex 1
Hi All, We have devoted so much work to the main sections of Annex E that it is right that we devote the same fine style to Annex 1. Annex 1 is still in its original form, I think, and ripe for the type of clarity we brought to other sections.
Attached is a slightly streamlined version of the draft I circulated on Friday. Overall, I recommend that we: a. Jettison Annex 1, Option 1. I don't think we can refer something to arbitration when there is no arbitration mechanism for it. Creation of arbitration system could be a whole new avenue of their own. I don't think we are providing any policy direction for it.
b. Update Annex 1, Option 2 with small but key changes. I have no idea what the "seat of the Provider" is, do you? I can guess, so I drafted it with more standard language that I think will help everyone down the line with implementation.
c. Interim avenues -- yes, if I file a motion to quash in my local court, like the UDRP, I think the proceeding before the Provider should be suspended until the Court rules. It's completely consistent with how we handle the UDRP (WIPO stops processing), and it will avoid any question of who or what takes priority. I doubt it will be used very often, but since Motions to Quash are standard in the other areas, they are likely to be used here as well.
Basically a few key clean-ups, clarifications, and revisions, and I think we have scrubbed Annex 1 nice and clean! Edited document, V.2 based on this discussion, attached. Best, Kathy
On 11/2/2015 10:04 AM, Williams, Todd wrote: Thanks Kathy, Darcy, all. My quick thoughts on Kathy’s points:
· If we like the GoDaddy go-by language for clarification, that’s fine.
· I don’t think we need to discuss suggested damages, and frankly don’t see how we could even if we wanted to. All we’re doing is drafting accreditation standards for P/P Providers. If we want to suggest as a policy that they include some sort of jurisdictional clause in their Terms, or in their Disclosure Frameworks, then OK. But to then go one step further and tell a Court in that jurisdiction (wherever it may be) what they can or can’t award – either in terms of damages, or in terms of injunctive relief – seems quite beyond our remit. Moreover, how many different types of claims might a wronged Customer may have in such a situation? Presumably many, depending on the facts of a given case. I don’t see how we could prospectively say what the damages should be for each of those different claims if we don’t know what they will be.
· Similarly, I don’t understand how or what we’d have to say in this document on Kathy’s last point about a Customer taking it’s Provider to court before a disclosure takes place. Presumably Customers can take their Providers to court for many reasons (and vice versa), based on the terms outlined in their contracts. I’m not sure how that’s related to the P/P Provider’s accreditation. Bottom line: I don’t think there is anything more granular that needs to be done on Option 2 (especially at this juncture, and especially if it’s only one of two options that we end up recommending in our Final Report).
As I mentioned in my 10-28 email below, I think Steve and Graeme were wanting us to circulate something today, before the call tomorrow. What do we as a sub-team think about where the document is now? OK to circulate? Should we circulate the whole thing? If so, should we highlight for the broader WG that the post-Dublin changes are limited to: 1) Darcy’s language changes to the “Preamble” and to I(B); 2) Section III, which includes all of the changes that were discussed in our F2F in Dublin (business days, new III(C)(vii), etc.); and 3) the Annex to the Annex?
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, October 30, 2015 12:13 PM To: Williams, Todd <Todd.Williams@turner.com>; Darcy Southwell <darcy.southwell@endurance.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This is email #2. It has my proposed edits to Annex 1, Option 2. (Quick note: that like others, I have a lot of questions about Option 1 and agree that we need to discuss it with the WG.)
But Option 2 is a pure jurisdiction clause, which is fine. I don't think that Providers have to do anything other than ensure that the right language is included in the filled-out materials (the Templates) that the Provider submits.
In terms of use of Option 2, I agree with Todd's interpretation: "if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information)."
But what is the "seat of the Provider?" I am not sure exactly what that means, so I looked up similar language [Registrants have to agree to waiver jurisdiction to the location of the Registrars] and added it to our draft Annex E. I also responded to Darcy's comments with what I hope are responsive thoughts. Plus a new issue - a bit of a wrinkle on the question of court cases...
Annex E edited attached -- all of my edits/comments/etc are at the very end - last page, Annex 1, Option 2.
Best regards, Kathy p.s. if you have any trouble reading this file, please let me know (if may be my word processor)
On 10/29/2015 9:51 AM, Williams, Todd wrote: Thanks Darcy. On your second question I think the answer is yes: if that is the option that the WG selects (of the two), I think that is how it would work.
From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Thursday, October 29, 2015 9:39 AM To: Williams, Todd <Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Thanks, Todd.
For I(B), my preference is we use “Nothing in this document prevents a Provider from….”
Regarding your last bullet, if the Requester refuses to include the consent in its Request, is the Provider allowed to refuse to process the Request? This consent requirement isn’t included in the rest of the Annex.
Thanks, Darcy
From: "Williams, Todd" <Todd.Williams@turner.com> Date: Thursday, October 29, 2015 at 9:31 AM To: Darcy Southwell <darcy.southwell@endurance.com>, Kathy Kleiman <kathy@kathykleiman.com>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Great, thanks Darcy. My thoughts on your points, in order:
· Aren’t Providers by definition accredited: good point; good change.
· Automation: no, that language has always applied to everybody involved.
· Choice of language to begin I(B): good point, we should pick one. I don’t have a preference. Does anybody else?
· On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester?
Thanks!
Todd.
From: Darcy Southwell [mailto:darcy.southwell@endurance.com] Sent: Wednesday, October 28, 2015 6:35 PM To: Williams, Todd <Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Todd,
Thanks for taking the time to make the edits that follow upon our F2F discussion. I’ve added a few edits and comments in the attached document.
Best, Darcy
From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" <Todd.Williams@turner.com> Date: Wednesday, October 28, 2015 at 2:58 PM To: Kathy Kleiman <kathy@kathykleiman.com>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hope everybody enjoyed the rest of their time in Dublin. I’ve attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all.
Todd.
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Sunday, October 04, 2015 2:31 PM To: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday.
Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data?
This is a huge open issues. Ideas welcome! Kathy
-------- Forwarded Message -------- Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Date: Fri, 2 Oct 2015 21:35:30 +0000 From: Williams, Todd <Todd.Williams@turner.com> To: Kathy Kleiman <kathy@kathykleiman.com>, gnso-ppsai3@icann.org <gnso-ppsai3@icann.org>
All:
Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I’ve flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference:
· The language “comply with all applicable data protection laws while retaining Customer’s contact details and” was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b).
· The language “using secure communication channels” was added back to III(B)(i). As I told Kathy: I don’t have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it.
· On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed “a reasonable basis for” to “a basis for reasonably” in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made.
· For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, “which all Providers must either allow or be allowed to allow.” So that is what you see there.
· We moved III(C)(vi) back to its own section – in the draft yesterday it had been collapsed into III(C)(v).
· We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn’t add any language per se – just added a note in the comment highlighting that point.
Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend.
Todd. From: Williams, Todd Sent: Thursday, October 01, 2015 5:52 PM To: 'Kathy Kleiman' <kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org' <gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Per Mary’s latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you’d like.
From: Williams, Todd Sent: Tuesday, September 29, 2015 11:42 AM To: 'Kathy Kleiman' <kathy@kathykleiman.com>; gnso-ppsai3@icann.org Subject: RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I’m even more confused.
As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG’s Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did not specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don’t understand your claim from your email yesterday (attached) that “I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form.”
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:54 AM To: Williams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Hi Todd, Looking forward to seeing you on the call! Kathy
On 9/29/2015 9:46 AM, Williams, Todd wrote: Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team’s work that you think “raises the standard for denial” in the manner that you’ve identified?
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Tuesday, September 29, 2015 9:41 AM To: Williams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts.
Best, Kathy
On 9/29/2015 9:16 AM, Williams, Todd wrote: Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…...
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Williams, Todd Sent: Monday, September 28, 2015 3:47 PM To: Kathy Kleiman <kathy@kathykleiman.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Can I ask what edits to III(C) you’re concerned about?
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:09 PM To: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions Importance: High
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green From: <gnso-ppsai3-bounces@icann.org> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters.
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. +1 - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? Seems we need to clarify “objectives”.
Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). According to comments received, we should
a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments], b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here] c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, d) create a penalty sufficiently severe to deter violations (perhaps a bond).
The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation.
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective Agree.
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree Sorry, but I don’t see how using the word encouraged nullifies Section B.
- **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.**
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer.
- III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked.
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
On 9/25/2015 10:04 PM, Mary Wong wrote: Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: "Williams, Todd" <Todd.Williams@turner.com> Date: Friday, September 25, 2015 at 23:52 To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: Sara Bockey <sbockey@godaddy.com> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in red below.
Sara
From: <gnso-ppsai3-bounces@icann.org> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained.
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? Seems we need to clarify “objectives”. Limited to original request?
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers’ perspective Agree. - saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate.
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes.
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: <gnso-ppsai3-bounces@icann.org> on behalf of Kathy Kleiman <kathy@kathykleiman.com> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com> wrote:
Works for me. Thanks Mary.
From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: Mary Wong <mary.wong@icann.org> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: "Williams, Todd" <Todd.Williams@turner.com> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org> Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: Mary Wong <mary.wong@icann.org> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers
Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: "Williams, Todd" <Todd.Williams@turner.com> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net>, Mary Wong <mary.wong@icann.org> Cc: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org> Cc: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: Holly Raiche <h.raiche@internode.on.net> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Cc: "Williams, Todd" <Todd.Williams@turner.com>, Sara Bockey <sbockey@godaddy.com> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com> wrote:
Thanks, Todd.
From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com>; Mary Wong <mary.wong@icann.org>; gnso-ppsai3@icann.org Cc: Sara Bockey <sbockey@godaddy.com> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer’s registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com>; Mary Wong <mary.wong@icann.org>; gnso-ppsai3@icann.org Cc: Sara Bockey <sbockey@godaddy.com> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from the savedomainprivacy.org petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind. · You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how I would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: Mary Wong <mary.wong@icann.org> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers Mary
Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org
From: <gnso-ppsai3-bounces@icann.org> on behalf of "Williams, Todd" <Todd.Williams@turner.com> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com>, "gnso-ppsai3@icann.org" <gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy : Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com>; gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy : Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”? · I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
From:gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
: Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks, Darcy
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.orghttps://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Hi All, Good to see you in Dublin! Tx to Todd for drafting; tx to Darcy for editing. I am on deadline with another matter and will have time to work on this tomorrow morning. Best, Kathy On 10/29/2015 9:31 AM, Williams, Todd wrote:
Great, thanks Darcy. My thoughts on your points, in order:
·Aren’t Providers by definition accredited: good point; good change.
·Automation: no, that language has always applied to everybody involved.
·Choice of language to begin I(B): good point, we should pick one. I don’t have a preference. Does anybody else?
·On your concerns about the two options listed in Annex 1: agree, this is still the only significant unresolved issue for the Disclosure Framework. Perhaps we should plan to talk about it on the WG call on Tuesday? The only answer I have to the good questions you raised is on the last one: how will Providers enforce a jurisdiction selection when the contract is with the Customer and not the Requester? I think the way it would work would be that the Requester, as part of what it submits under Section II, would also include in its submission an agreement to be bound by jurisdiction at the seat of the Provider. Then, if EITHER the Provider or the Customer later comes to believe that the Requester made knowingly false statements in its request, or knowingly misused information disclosed to it in response to its request, then either the Provider or the Customer could sue the Requester in the jurisdiction at the seat of the Provider, and the Requester could not at that point challenge that jurisdiction (though obviously they could still challenge the underlying claim that they made a knowingly false statement or misused the information).
Thanks!
Todd.
*From:*Darcy Southwell [mailto:darcy.southwell@endurance.com] *Sent:* Wednesday, October 28, 2015 6:35 PM *To:* Williams, Todd <Todd.Williams@turner.com>; Kathy Kleiman <kathy@kathykleiman.com>; gnso-ppsai3@icann.org *Subject:* Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Todd,
Thanks for taking the time to make the edits that follow upon our F2F discussion. I’ve added a few edits and comments in the attached document.
Best,
Darcy
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Wednesday, October 28, 2015 at 2:58 PM *To: *Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hope everybody enjoyed the rest of their time in Dublin. I’ve attached a revised draft of the Illustrative Disclosure Framework, in which I tried to capture the edits that we discussed in our face-to-face (calendar days to business days, etc.). I included them all in blue so that you can easily see which are new, post-Dublin (all are in Section III, which begins on page 6). If anybody wants to change any of these, or has any others that they want to add to capture what we discussed in the F2F, please do so.
From our public meeting on Wednesday morning in Dublin, I think that Graeme and Steve are wanting us to circulate this for discussion before our next WG call, which will be on 11-3.
Thanks all.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Sunday, October 04, 2015 2:31 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* [Gnso-ppsai3] Fwd: RE: [renamed] Comments and concerns about revisions
Hi All, This version has now been passed on to the WG co-chairs and is likely to be queued up for discussion this Tuesday.
Quick note: big remaining question is penalties (Annex 1, Option 1). Should we set up a whole new arbitration infrastructure or are there other ways to create and enforce penalties for violating the Requestor's strict limitations on the use of the revealed proxied data?
This is a huge open issues. Ideas welcome! Kathy
-------- Forwarded Message --------
*Subject: *
RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
*Date: *
Fri, 2 Oct 2015 21:35:30 +0000
*From: *
Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>
*To: *
Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>, gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org>
All:
Kathy called me today so that we could walk through the document, which was incredibly helpful. Thank you Kathy for that. Based on that I have attached a new draft that captures the results of that call. I’ve flagged in the Comments those areas that were changed from what I sent yesterday based on our call. But just to highlight them for your ease of reference:
·The language “comply with all applicable data protection laws while retaining Customer’s contact details and” was added to II(A)(6)(b), II(B)(7)(c), and II(C)(6)(b).
·The language “using secure communication channels” was added back to III(B)(i). As I told Kathy: I don’t have an opinion on that language. I had only removed it in what I sent yesterday to reflect the push-back against it that we had received in the 9-15 and 9-29 WG calls from Graeme, James, and other registrar representatives. But if we as a sub-team want to put it back in over their objection, so be it.
·On III(C)(ii) and (iii) (which were the two provisions that were the subject of my 9-29 email to Kathy below): Kathy agreed to include them in the draft if we changed “a reasonable basis for” to “a basis for reasonably” in order to more precisely mirror the language from Sections II(A)(6)(a), II(B)(7)(a), and II(C)(6)(a) (which as I understand it was the original intent behind that language). So that change has been made.
·For III(C)(iv): again, I have no opinion on whether surrender should be optional or mandatory. My selection of optional in what I sent yesterday was only to reflect the push-back against making it mandatory that we had heard in the 9-15 and 9-29 calls from the registrar representatives. But Kathy asked that we also add, as another potential formulation for the WG to consider, “which all Providers must either allow or be allowed to allow.” So that is what you see there.
·We moved III(C)(vi) back to its own section – in the draft yesterday it had been collapsed into III(C)(v).
·We also discussed whether to make a note alongside Option 1 in the Annex asking how much more work the WG might need to do on Option #1 (e.g., what penalties would the arbitrator be authorized to levy?), and how much of that should instead be left to implementation or a different PDP. We didn’t add any language /per se/ – just added a note in the comment highlighting that point.
Kathy: please correct me if any of what I said does not accurately reflect what we discussed. Look forward to hearing the thoughts from the rest of the sub-team. Thanks and have a good weekend.
Todd.
*From:*Williams, Todd *Sent:* Thursday, October 01, 2015 5:52 PM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; 'gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>' <gnso-ppsai3@icann.org> <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Per Mary’s latest status email (attached), I tried to revise the draft to capture the comments from our latest 9-29 call. See attached. Happy to discuss. Also happy to discuss further your concerns on III(C)(ii) and (iii) Kathy, if you’d like.
*From:*Williams, Todd *Sent:* Tuesday, September 29, 2015 11:42 AM *To:* 'Kathy Kleiman' <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* RE: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Now that we had the WG call and you identified the specific language that you were concerned about as III(C)(ii) and (iii), I’m even more confused.
As I mentioned on the call, the two alternative formulations for III(C)(ii) and (iii) were included in the WG’s Initial Report as alternative formulations for which the WG was seeking community input. See Initial Report at pg. 91 (attached). While many commenters opined on which of the two they preferred (with more preferring the second alternative), the NCSG in its comment did _not_ specify a preference for either. See: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd.... Based on that history, I don’t understand your claim from your email yesterday (attached) that “I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form.”
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:54 AM *To:* Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Hi Todd, Looking forward to seeing you on the call! Kathy
On 9/29/2015 9:46 AM, Williams, Todd wrote:
Thanks Kathy. Look forward to discussing in the WG call. I guess my question was more specific: what language has been changed in Section III as part of this sub-team’s work that you think “raises the standard for denial” in the manner that you’ve identified?
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:* Tuesday, September 29, 2015 9:41 AM *To:* Williams, Todd <Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Todd, sorry for the delay. Much happening here in DC (including tons of traffic). I am particularly concerned that the standard for denial has been raised to one that requires Providers to act as judge and jury. I am also deeply concerned about a comment that I read that said we are giving copyright owners a bypass of the legal due process mechanisms of the DMCA. This is very troubling to me. would be interested in your thoughts.
Best, Kathy
On 9/29/2015 9:16 AM, Williams, Todd wrote:
Well, I guess our sub-team will just find out on the 10:00 call with the rest of the WG…...
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Williams, Todd *Sent:* Monday, September 28, 2015 3:47 PM *To:* Kathy Kleiman <kathy@kathykleiman.com> <mailto:kathy@kathykleiman.com>; gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions
Thanks Kathy. Can I ask what edits to III(C) you’re concerned about?
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Monday, September 28, 2015 2:09 PM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] [renamed] Comments and concerns about revisions *Importance:* High
Hi All, Here are my response to the template as it was reviewed on Friday by Sara. Sara's comments are in red, my comments are in green (at least according to my screen). I will now dive into Todd's comments, but I am very, very concerned about Section III, as revised, and I am very certain that NCSG and many other commenters (some following NCSG) would ever have supported Annex E in this revised form. Huge issue to discuss - and looking forward to doing so.
Best, Kathy
------------------------------------------------------------
Sara's comments in Red Kathy's comments in Green
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained. I do too. We received comments about the costs of the P/P services, and a real concern in keeping these services accessible and affordable. Reasonable costs of requests, many feel should be borne by Requesters. *
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it. +1*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. *
* Limited to original request? Commenters shared their concern that a) data can be misused by the Requester, including publication (e.g., via blog) and harvesting (e.g., compilation of data bases). *
*According to comments received, we should *
* a) tightly restrict use of data by Requester by contract [already agreed to, but language should be tightened in light of comments],*
*b) create a jurisdiction for challenging the Requester if they violate the terms [now part of Annex 1, but perhaps should be moved here]*
*c) create a way of communicating with ICANN and other Providers if the Requester violates the terms, *
*d) create a penalty sufficiently severe to deter violations (perhaps a bond). *
**
*/The above are only a first set of ideas, but clearly we want to ensure that the rules we adopt are binding and with real consequences for violation. /*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) I would not discount this one at all. There are very safe, effective and cheap ways of transferring confidential data over the Internet. This is actually critically important; sending personal or sensitive information over open Internet could subject Providers to liability.
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree. *
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree Sorry, but I don’t see how using the word encouraged nullifies Section B. *
* - **I don’t agree with the edits to III.C at all. The Provider is not a court of law and should not rendering a legal opinion. The original language was a much more accurate representation of the most of the comments that we received; and the new language operates against many of the “due process” protections that thousands of commenters sought to protect.** *
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree; I actually think the word “surrender” is a pretty good and accurate one; I would keep it. I think it does need to be clarified that a surrender is absolutely not a transfer. *
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate. Let’s discuss the wording of vi. It’s getting close, but needs to be tweaked. *
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes. I think the edits as noted make sense – deletion of Option 1 and editing of Option 2 (now just Annex I)*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
On 9/25/2015 10:04 PM, Mary Wong wrote:
Hello Todd and everyone, thank you so much for the comments and suggestions. I apologize I was not able to respond earlier as I have been traveling back to the US from Asia.
What staff will do is update the document in accordance with the comments provided by Sub Team members, with (where possible) notes indicating the transcript as noted by Todd and other specific pointers to reasons/justifications/further dicussions. – perhaps, with that updated document and the approach as outlined by Todd below, the Sub Team can frame the specific points that merit further WG discussion on the Tuesday call. It will certainly be helpful to get some concrete indication from the WG as to how they might wish to proceed on a number of these points.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date: *Friday, September 25, 2015 at 23:52 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *RE: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
· I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
· II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
· III(B):
§ 5 calendar days: agree. See Transcript at 18.
§ Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
§ “Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
§ I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
· III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
· III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
· Annex One keep both options: agree. See Transcript at 26-27.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red* below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_ on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
· I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
· The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
· I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
· I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
· You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
· Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
· Blacknight:https://www.blacknight.com/acceptable-usage.html.
· Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
· EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
· 1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
· Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
· DomainIt, Inc.:https://www.domainit.com/terms.html.
· Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
· When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
· Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
· I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
· I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
· On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
· The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
· The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
· Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
· I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
· I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <https://mm.icann.org/mailman/listinfo/gnso-ppsai3>
Comments below in green. I find all of this difficult to read without context, so I am adding some. I assume we are working of the September 14th Annex E document posted on our subteam wiki page. If not, please let me know. https://community.icann.org/pages/viewpage.action?pageId=54691539&preview=/5... Best, Kathy On 9/25/2015 11:52 AM, Williams, Todd wrote:
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
·I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
This has to do with recovery of nominal costs from Providers for Requests. There are comments not referenced here, including from NCSG, and those who supported NCSG comments, and others, that raised the issue of cost and cost recovery. This is also an issue for Registrars. When it comes up in the WG, I think we have to mention the comments on Both Sides.
·II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
I don't see why we have to "replace" the language in II A because of indemnity. It seems that we should be adding to the language, but not replacing it. Also: - without trying to impolite, the edits to II.A.6 are almost impossible to understand. They are self referential and delete earlier and clearer language. Subteam 4 received a comment that asked us (PPSAI WG as a whole) to be much, much clearer in our materials - to set out materials much more easily read and understood by a general audience. I would add that we are also dealing with many non-lawyers and english-as-a-second-language folks. I recommend returning to the original language.
·III(B):
§5 calendar days: agree. See Transcript at 18.
Good
§Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
Absolutely administratively feasible and a number of easy and low-cost solutions available.
§“Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
?? where is this line?
§I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
?? what do we gain, what do we lose?
·III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
Happy to discuss too.
·III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
I would leave v and vi separate. Two separate ideas; easier for a general audience to read.
·Annex One keep both options: agree. See Transcript at 26-27.
No, appeal flatly rejected by many commenters; I don't know who spoke in favor it, but I would strongly stick with original deletion. Looking forward to our subteam discussion! Best, Kathy
*From:*gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red*below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
·I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
·The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
·I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1)Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
·I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
·You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
·Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
·Blacknight:https://www.blacknight.com/acceptable-usage.html.
·Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
·EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
·1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
·Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
·DomainIt, Inc.:https://www.domainit.com/terms.html.
·Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
·When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
·Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
·I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
·I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
·On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
·The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
·The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
·Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
·I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
·I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Thanks Kathy. Just to clarify: Annex One doesn't relate to the appeal process. That was covered in III(F), which has been completely cut, for the reason that you noted. From: gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Monday, September 28, 2015 2:34 PM To: gnso-ppsai3@icann.org Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Comments below in green. I find all of this difficult to read without context, so I am adding some. I assume we are working of the September 14th Annex E document posted on our subteam wiki page. If not, please let me know. https://community.icann.org/pages/viewpage.action?pageId=54691539&preview=/5... Best, Kathy On 9/25/2015 11:52 AM, Williams, Todd wrote: Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call: * I(B)(iii): we didn't really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not? This has to do with recovery of nominal costs from Providers for Requests. There are comments not referenced here, including from NCSG, and those who supported NCSG comments, and others, that raised the issue of cost and cost recovery. This is also an issue for Registrars. When it comes up in the WG, I think we have to mention the comments on Both Sides. * II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we've got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don't think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves. I don't see why we have to "replace" the language in II A because of indemnity. It seems that we should be adding to the language, but not replacing it. Also: - without trying to impolite, the edits to II.A.6 are almost impossible to understand. They are self referential and delete earlier and clearer language. Subteam 4 received a comment that asked us (PPSAI WG as a whole) to be much, much clearer in our materials - to set out materials much more easily read and understood by a general audience. I would add that we are also dealing with many non-lawyers and english-as-a-second-language folks. I recommend returning to the original language. * III(B): ? 5 calendar days: agree. See Transcript at 18. ? Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19. Absolutely administratively feasible and a number of easy and low-cost solutions available. ? "Shall" over "encouraged but not required to": agree. See Transcript at 20-21. ?? where is this line? ? I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation "the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration" instead of the new proposed formulation "name, mailing address, and contact information for service of process that it has for Customer." See Transcript at 19. ?? what do we gain, what do we lose? * III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that's a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of "optional" vs. "mandatory" for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don't have an opinion one way or the other, and am happy to discuss further if the WG wants. Happy to discuss too. * III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don't have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that's fine. I would leave v and vi separate. Two separate ideas; easier for a general audience to read. * Annex One keep both options: agree. See Transcript at 26-27. No, appeal flatly rejected by many commenters; I don't know who spoke in favor it, but I would strongly stick with original deletion. Looking forward to our subteam discussion! Best, Kathy From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Friday, September 25, 2015 4:50 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Thanks much, Sara! Everyone - it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that's the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive. I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven't heard from many Sub Team members that they can do a Friday call, I'm going to suggest that staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday). We can then circulate the document to the WG on Monday, noting - as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Date: Friday, September 25, 2015 at 04:48 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Mary, I've provided feedback in red below. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Thursday, September 24, 2015 at 9:34 AM To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone, As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach: Sub Team members to circulate to this email list their comments/suggestions on the notes and questions from the WG call last week by Friday 25 September, 1900 UTC. Staff will send out a draft updated Annex E based on the Sub Team's input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most - unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call. Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point. For your convenience, the notes and questions from the WG call last week are reproduced again here: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers I support this being retained. Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) I agree that a provision should be added and the main WG can determine if they will support it. - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that's sent to them? Seems we need to clarify "objectives". Limited to original request? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective Agree. - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) Agree - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) Agree - III.C.(v) & (vi): do they overlap? Should they be merged? Leave separate. Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Yes. Please let me know what you think of these two suggestions as soon as you can. Thank you! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>> Date: Thursday, September 24, 2015 at 23:56 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(. As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy On 9/23/2015 9:58 PM, Holly Raiche wrote: On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> wrote: Works for me. Thanks Mary. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 23, 2015 3:10 PM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone - can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone - can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From: gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than "surrender", and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): "for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind." From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is 'verifiable' - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don't agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn't represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E - however, as Todd mentioned, it isn't the agreed result of the Sub Team's substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team's discussion on the question of "verifiable evidence" was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that "privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing." We as a sub-team could not agree on how to interpret "verifiable evidence," and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret 'verifiable evidence' as requiring a court order and therefore not in support of Annex E. However, some also noted that the word "verifiable" does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I've been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words 'verifiable evidence of wrong doing, including'.... What that implies is that the following text lists what would constitute 'verifiable evidence' and indeed, the word 'including' suggests that other elements can also constitute 'verifiable evidence'. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I'm still confused. In order: * I still don't see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about "specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer" (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you've quoted below). But that is completely different from what you've added, for which I cannot find any support in any of the public comments. I also don't understand your claim that "rights and actions available to the registrant are sorely lacking in Annex E" - given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). * The portion of the NCSG comment that you've cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). * I don't understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) - which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never "assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint" - a point that the attached revised draft now makes explicit in the preamble ("by not requiring that disclosure automatically follow any given request"). Just to reiterate: I've always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we've reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don't; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That's what I tried to do in the attached. So if you want to argue against Annex E, that's fine - do so on the call tomorrow. In fact, I'm planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on - because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating "the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure" - what public comment that we reviewed was that change based on? Based on CDT's comment re registrant's ability to respond to allegations - removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer's data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer's registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause "in instances where Requester has discovered and submitted additional evidence or information which warrants consideration" to III(E)? You noted that this change was based on the NCSG comment, but I can't find anything in that comment that mentions III(E) - though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure - but a whole new arbitration forum of its own will need to be created and a UDRP process un-discussed and un-planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team - which will be accessible to Complainers through the accreditation process now being created. Key Systems' comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring's comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton's comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: * I know that we've debated whether "verifiable evidence" means more than what is currently in Sections II(A), (B), and (C). You'll see that I've added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition - "verifiable evidence of wrongdoing" - to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that "verifiable evidence" means something higher - let us know how you would further edit Sections II(A), (B), and (C) to meet whatever "higher" standard you have in mind. * You'll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we've referenced in our summary, but which doesn't really offer any edits to the Disclosure Framework). Otherwise I think I've covered everything that we reviewed in terms of edits to the Disclosure Framework - though let me know if anybody sees anything I've missed. * Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group's reference. But it is not how I would have edited the Disclosure Framework. In fact, I'll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I'm the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I've extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team's discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I've taken the liberty of amending Kathy's document to take into account Holly's comments as well as to attempt to place certain comments (e.g. the ICA's, EasyDNS') more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team's discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you've said below. I strongly agree that "the key is the quotes that have come out of the comments." I've said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that "the key is the quotes" is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say - not on what we want them to say. That's why I felt so strongly that "verifiable evidence" should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the "court order" comments into one monolithic group. I've given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the "court order" comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that "Everyone deserves the right to privacy" and that "No one's personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency." And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the "court order" group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word "require" in the Blacknight comment. See also the Key Systems comment: "Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider." And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): * Blacknight: https://www.blacknight.com/acceptable-usage.html. * Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. * EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. * 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. * Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. * DomainIt, Inc.: https://www.domainit.com/terms.html. * Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant's privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted - both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) - that such an accreditation requirement would have such a "severe impact" on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I'm an individual registrant concerned about my privacy and due process, then I could care less about the "economic realities" of providers. My point is only that we can't gloss over that important distinction (and others) by lumping all of the "court order" comments together as if they were coming from the same place and advocating for the same thing. They're not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. * When you say that "in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one" - what are you basing that on? Can you point to any transcripts or emails? I certainly don't remember being part of those discussions. * Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for "some exceptions for cases of abuse" is another important distinction that the broader WG ought to know about. I'm fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. * I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true ("not indisputably wronged parties"), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don't think that you or I should necessarily be the ones to decide this argument. Why can't we just say that we weren't quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. * I think you're missing my point on Blacknight. My point is that the key word is "require." As I mentioned below, nothing in Annex E "requires" Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don't see anything in their comment that is inconsistent with Annex E. * On the APC comment: I don't disagree with you that the comment has important value for the WG. But that's not the same thing as saying that it advocates for disclosure only following a court order. It doesn't. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we've added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: * The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. * The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren't in our initial summary and don't specifically mention Annex E. My thoughts on each: * Here's the full ISPCPC quote, from a section titled "Regarding LEA definitions & differentiations": "While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims." To be honest, I'm not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I'm not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of "an independent adjudicator should determine the merits of their claim"? * I also don't understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that "any policy that would require us to divulge our client's information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law." But Annex E as currently drafted doesn't require Blacknight to divulge its client's information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. * I don't understand why we'd include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I've done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V ("Comments that did not fit neatly into any of the above categories") that I realized after submitting my original draft of that section made a bit more sense. Again, I've redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
Great, thanks Todd. Kathy On 9/28/2015 3:48 PM, Williams, Todd wrote:
Thanks Kathy. Just to clarify: Annex One doesn’t relate to the appeal process. That was covered in III(F), which has been completely cut, for the reason that you noted.
*From:*gnso-ppsai3-bounces@icann.org [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Kathy Kleiman *Sent:* Monday, September 28, 2015 2:34 PM *To:* gnso-ppsai3@icann.org *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Comments below in green. I find all of this difficult to read without context, so I am adding some. I assume we are working of the September 14th Annex E document posted on our subteam wiki page. If not, please let me know. https://community.icann.org/pages/viewpage.action?pageId=54691539&preview=/5... Best, Kathy
On 9/25/2015 11:52 AM, Williams, Todd wrote:
Thanks Mary and thanks Sara. My thoughts on where we are as a WG after going back through the transcript of the 9-15 call:
·I(B)(iii): we didn’t really substantively discuss this on the 9-15 call. Rather, I noted as I was summarizing the document that it had been removed because more commenters had opposed it than supported it. Transcript at pg. 5. And then James Bladel noted at the end of the call that he wanted to put a marker down for further discussion on it. Transcript at 27. So I would just propose that we have that as one agenda item for the call this coming Tuesday: as a WG, do we want to keep I(B)(iii)? And why or why not?
This has to do with recovery of nominal costs from Providers for Requests. There are comments not referenced here, including from NCSG, and those who supported NCSG comments, and others, that raised the issue of cost and cost recovery. This is also an issue for Registrars. When it comes up in the WG, I think we have to mention the comments on Both Sides.
·II(A)(6)(b) (note that these same points also apply to II(B)(7)(c) and II(C)(6)(b)): I would slightly reframe these as part of a bigger discussion that the WG should revisit on Tuesday. Specifically: we’ve got the new language in the draft per the comments from Cyberinvasion/NCSG. And several people on the call expressed concerns over whether that new language was administratively feasible and/or enforceable. Transcript at 8-16. So indemnification was floated as one potential alternative that might address the points of both the Cyberinvasion/NCSG comments AND the feasibility concerns. Transcript at 11. So I think the options on the table for the WG are: 1) keep the current language as is; 2) replace the current language with some sort of indemnification language; or 3) replace the current language with something else. I definitely think that a discussion of the pros/cons of each of those three options should be another specific agenda item for the call on Tuesday. But I don’t think that we as a sub-team have enough guidance/discussion from the WG yet to choose among the three options ourselves.
I don't see why we have to "replace" the language in II A because of indemnity. It seems that we should be adding to the language, but not replacing it. Also: - without trying to impolite, the edits to II.A.6 are almost impossible to understand. They are self referential and delete earlier and clearer language.
Subteam 4 received a comment that asked us (PPSAI WG as a whole) to be much, much clearer in our materials - to set out materials much more easily read and understood by a general audience. I would add that we are also dealing with many non-lawyers and english-as-a-second-language folks. I recommend returning to the original language.
·III(B):
§5 calendar days: agree. See Transcript at 18.
§Remove reference to secure communications as not administratively feasible: agree. See Transcript at 18-19.
Absolutely administratively feasible and a number of easy and low-cost solutions available.
§“Shall” over “encouraged but not required to”: agree. See Transcript at 20-21.
?? where is this line?
§I would add one additional point not included in your email below. I think the agreement on the 9-15 call was that we need to go back to the original formulation “the contact information it has for Customer that would ordinarily appear in the publicly accessible Whois for non-proxy/privacy registration” instead of the new proposed formulation “name, mailing address, and contact information for service of process that it has for Customer.” See Transcript at 19.
?? what do we gain, what do we lose?
·III(C)(iv): the issue here is whether this action (giving up the domain name in lieu of disclosure) should be optional (as the original language contemplated) or mandatory (as the new language proposed, per the comments from Cyberinvasion/NCSG). And in the discussion on the 9-15 call we heard from James Bladel that making it mandatory may be difficult b/c not all P/P Providers are also going to be Registrars. Transcript at 24. I think that’s a good point, and on the 9-15 call James Gannon seemed to express agreement that going back to optional (vs. mandatory) was fine. Transcript at 24. So based on that, it looks like the WG as a whole is more in support of “optional” vs. “mandatory” for III(C)(iv), and thus that we should go back to the old language. But frankly I personally don’t have an opinion one way or the other, and am happy to discuss further if the WG wants.
Happy to discuss too.
·III(C)(vi): the question was raised on the 9-15 call how the new III(C)(vi) differs in any way or adds anything to III(C)(v). Transcript at 23. We got no answer to that question from the proponents of the new III(C)(vi), and in fact James Gannon seemed to suggest that upon reflection it would be fine to merge the new III(C)(vi) into III(C)(v). Transcript at 24. So again, it seems like the WG as a whole is more in support of either folding the new III(C)(vi) into III(C)(v) somehow, or deleting it altogether. But again, I personally don’t have an opinion yet, and if the proponents of the new III(C)(vi) want to take time on the call on Tuesday to answer the question that is on the table (how does it add anything to III(C)(v)?), or to otherwise advocate for it, that’s fine.
I would leave v and vi separate. Two separate ideas; easier for a general audience to read.
·Annex One keep both options: agree. See Transcript at 26-27.
No, appeal flatly rejected by many commenters; I don't know who spoke in favor it, but I would strongly stick with original deletion.
Looking forward to our subteam discussion!
Best, Kathy
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] *On Behalf Of *Mary Wong *Sent:* Friday, September 25, 2015 4:50 AM *To:* gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:* Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Thanks much, Sara!
Everyone – it will be great if you can provide your feedback as well, perhaps in a similar format as Sara did if that’s the easiest for you. Staff will try to pull a revised document together as best we can with whatever input we receive.
I should add that I am very sorry, but due to a flight rerouting I can no longer make a call on Friday 1900 UTC. Since we haven’t heard from many Sub Team members that they can do a Friday call, I’m going to suggest that _staff attempt to revise the document (in the manner noted above, in light of comments received by 1900 UTC on Friday_). We can then circulate the document to the WG on Monday, noting – as we did this past week for the updated proposed language for Section 1.3.2 (Sub Team 1) that it Is not language that has been discussed, much less fully supported, by the Sub Team.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Date: *Friday, September 25, 2015 at 04:48 *To: *Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Mary,
I’ve provided feedback in *red* below.
Sara
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong *Date: *Thursday, September 24, 2015 at 9:34 AM *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone,
As it looks like several Sub Team members will not be available for a Friday call, staff would like to ask if the Sub Team would prefer the following alternative approach:
_Sub Team members to circulate to this email list their comments/suggestions_on the notes and questions from the WG call last week by *Friday 25 September, 1900 UTC*. Staff will send out a draft updated Annex E based on the Sub Team’s input as received as of that time. Should the Sub Team wish to further discuss the updated draft on Monday, the GNSO Secretariat can assist with setting one up at a convenient time for most – unfortunately, I can only be available between 1400-1500 UTC on Monday, so if there is a call that results in further updates, I hope one of the Sub Team will not mind taking on that task and circulating the further revised draft to the WG before the Tuesday call.
Alternatively, we could still aim for a Friday call as proposed, to discuss any input that may come in from Sub Team members up to that point.
For your convenience, the notes and questions from the WG call last week are reproduced again here:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers * I support this being retained.*
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) *I agree that a provision should be added and the main WG can determine if they will support it.*
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider i.e. do they keep data that’s sent to them? *Seems we need to clarify “objectives”. Limited to original request?*
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers’ perspective *Agree.*
- saying “encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) *Agree*
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) *Agree*
- III.C.(v) & (vi): do they overlap? Should they be merged? *Leave separate.*
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues? *Yes.*
Please let me know what you think of these two suggestions as soon as you can. Thank you!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email: mary.wong@icann.org <mailto:mary.wong@icann.org>
*From: *<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>> *Date: *Thursday, September 24, 2015 at 23:56 *To: *"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject: *Re: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hi Holly, Were you able to attend this call? I am sorry, but I cannot see your text in the email below :-(.
As for me, I am very unlikely to be able to attend a call at this time tomorrow. Can we try for Monday? Best, Kathy
On 9/23/2015 9:58 PM, Holly Raiche wrote:
On 24 Sep 2015, at 5:14 am, Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> wrote:
Works for me. Thanks Mary.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 23, 2015 3:10 PM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday)
Hello everyone – can we do a call this Friday 25 September at 1900 UTC?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Tuesday, September 22, 2015 at 23:12 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: Sub Team call? (Re: Follow up from WG call yesterday)
Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all!
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 22, 2015 at 23:00 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: Sub Team call? (Re: Follow up from WG call yesterday)
Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Tuesday, September 22, 2015 5:05 AM *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) *Importance:*High
Hello again everyone,
Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September).
If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you?
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Wednesday, September 16, 2015 at 16:27 *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Follow up from WG call yesterday
Hello everybody,
Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion:
Section I.B.(iii):
- Need to discuss retaining it in some form; costs are real for providers
Section II:
- Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add)
- A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them?
Section III:
- III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical)
- 5 calendar days rather than 3 is more reasonable from providers' perspective
- saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected)
- III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices)
- III.C.(v) & (vi): do they overlap? Should they be merged?
Annex I:
- Keep both options to clarify they are two possible ways of dealing with the issues?
Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible).
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Tuesday, September 15, 2015 at 21:19 *To:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Holly. As I mentioned when I circulated the draft (see attached email):
“for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.”
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Holly Raiche *Sent:*Tuesday, September 15, 2015 8:43 AM *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Cc:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to.
Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of.
Holly
On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> wrote:
Hi Holly and everyone,
As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis.
Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented:
"Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases."
Does this help?
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Holly Raiche <h.raiche@internode.on.net <mailto:h.raiche@internode.on.net>> *Date:*Tuesday, September 15, 2015 at 20:18 *To:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Cc:*"Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Folks
I apologise for not participating over the past week - I’ve been away.
My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’….
What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this?
My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test.
So Mary, others, was this agreed?
Thanks
Holly
On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> wrote:
Thanks, Todd.
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 1:18 PM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Thanks Sara. I’m still confused. In order:
·I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I_do_see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added_specifically_to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii).
·The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F)_precisely because of_the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E).
·I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”).
Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Monday, September 14, 2015 3:50 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Todd,
Please see my comments inline below.
Disclaimer: I do not support Annex E.
Sara
*From:*"Williams, Todd" *Date:*Monday, September 14, 2015 at 11:57 AM *To:*Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Sara:
Two quick questions on this as I was getting ready for our call tomorrow:
1)Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on?
Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E.
Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters.
Revealing a customer’s registration data should only occur when there has been a substantial
showing of likelihood of abuse and only after due process.
2)Can you show me where in the NCSG comment (here:
http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd...
) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it.
Based on NCSG comment re unlimited appeals .
Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created.
Key Systems’ comment would also support this addition:
We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint.
As well as Ralf Haring’s comment:
[Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark.
And Adam Creighton’s comment:
I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence.
Thanks.
Todd.
*From:*Sara Bockey [mailto:sbockey@godaddy.com] *Sent:*Friday, September 04, 2015 4:40 PM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Cc:*Sara Bockey <sbockey@godaddy.com <mailto:sbockey@godaddy.com>> *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hi all,
As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions.
Best regards,
Sara
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" *Date:*Wednesday, September 2, 2015 at 2:58 PM *To:*Mary Wong, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" *Subject:*Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration
All:
As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review:
·I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from thesavedomainprivacy.org <http://savedomainprivacy.org/>petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.
·You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed.
·Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how*/_I_/*would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue*/_against_/*some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document).
Thanks.
Todd.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Mary Wong *Sent:*Wednesday, September 02, 2015 6:59 AM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*[Gnso-ppsai3] Additional Comments for Sub Team Consideration
Hello again everyone,
As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally.
I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document.
As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed.
Thanks and cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*Mary Wong <mary.wong@icann.org <mailto:mary.wong@icann.org>> *Date:*Monday, August 31, 2015 at 15:46 *To:*"gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful.
Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful.
Cheers
Mary
Mary Wong
Senior Policy Director
Internet Corporation for Assigned Names & Numbers (ICANN)
Telephone: +1 603 574 4889
Email:mary.wong@icann.org <mailto:mary.wong@icann.org>
*From:*<gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>> *Date:*Friday, August 28, 2015 at 22:40 *To:*Kathy Kleiman <kathy@kathykleiman.com <mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org>> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Thanks Kathy. I both agree and disagree with what you’ve said below.
I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached).
And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it.
But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that_requires_them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others):
·Blacknight:https://www.blacknight.com/acceptable-usage.html.
·Whoisprivacy.com <http://whoisprivacy.com/>, Ltd.:http://www.whoisprivacyservices.com.au/terms.htm.
·EuroDNS S.A.:https://www.eurodns.com/terms-and-conditions/whois-privacy.
·1&1 Internet, Inc.:http://www.1and1.com/TcPdr?__lf=Static.
·Domain.com <http://domain.com/>, LLC:http://www.domain.com/legal/legal_domain.bml#domain-privacy-service.
·DomainIt, Inc.:https://www.domainit.com/terms.html.
·Moniker Privacy Services, LLC:http://www.moniker.com/legal/registration-agreement.
So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers.
My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Friday, August 28, 2015 8:44 AM *To:*Williams, Todd <Todd.Williams@turner.com <mailto:Todd.Williams@turner.com>>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the/minimum requirement/for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently.
What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week.
Best, Kathy :
Thanks Kathy.
·When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions.
·Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate.
·I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration.
·I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E.
·On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t.
*From:*Kathy Kleiman [mailto:kathy@kathykleiman.com] *Sent:*Wednesday, August 26, 2015 10:59 PM *To:*Williams, Todd<Todd.Williams@turner.com> <mailto:Todd.Williams@turner.com>;gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data?
With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issuewe are evaluating.
So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2.
The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know.
Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here.
Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand.
As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it!
Best, Kathy :
Thanks Kathy. One minor formatting suggestion:
I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move:
·The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3.
·The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4.
Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each:
·Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”?
·I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse.
·I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E.
*From:*gnso-ppsai3-bounces@icann.org <mailto:gnso-ppsai3-bounces@icann.org>[mailto:gnso-ppsai3-bounces@icann.org]*On Behalf Of*Kathy Kleiman *Sent:*Wednesday, August 26, 2015 5:17 PM *To:*gnso-ppsai3@icann.org <mailto:gnso-ppsai3@icann.org> *Subject:*Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview
Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies.
I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes."
Best, Kathy
:
Hi, all!
In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview.
I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed.
Please let me know if there are any questions.
Thanks,
Darcy
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
https://mm.icann.org/mailman/listinfo/gnso-ppsai3
<Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>https://mm.icann.org/mailman/listinfo/gnso-ppsai3
_______________________________________________
Gnso-ppsai3 mailing list
Gnso-ppsai3@icann.org <mailto:Gnso-ppsai3@icann.org>
I’m not available. Please note my regrets. Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of Mary Wong Date: Wednesday, September 23, 2015 at 12:10 PM Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: [Gnso-ppsai3] PROPOSAL: Sub Team 3 call this Friday? (Re: Follow up from WG call yesterday) Hello everyone – can we do a call this Friday 25 September at 1900 UTC? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Tuesday, September 22, 2015 at 23:12 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: Sub Team call? (Re: Follow up from WG call yesterday) Thanks very much, Todd! Everyone – can we ask that you let us know your availability for a Sub Team call at any of the times indicated by Todd, below? Thank you all! Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 22, 2015 at 23:00 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: Sub Team call? (Re: Follow up from WG call yesterday) Thank you Mary. I think a call is a good idea. Friday at or after 1900 UTC is better for me. Though if we want to do tomorrow, I could do 1400-1500 UTC or 1600-1800 UTC. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Tuesday, September 22, 2015 5:05 AM Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Sub Team call? (Re: Follow up from WG call yesterday) Importance: High Hello again everyone, Following a discussion with the WG co-chairs yesterday, we would like to suggest that the Sub Team consider doing a call this week to review the notes from the last WG call (see below), with the goal of presenting recommendations and/or alternative proposals to the full WG for discussion next week (i.e. Tuesday 29 September). If you are able to do a call this week, would either Wednesday (at or after 1400 UTC) or Friday (at or after 1900 UTC) work for you? Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Wednesday, September 16, 2015 at 16:27 Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Follow up from WG call yesterday Hello everybody, Here are the notes I captured from the WG discussion yesterday; we should have the full transcript and MP3 recording uploaded by tomorrow at the latest but I thought these notes might be helpful, at least as an initial framework for the next Sub Team discussion: Section I.B.(iii): - Need to discuss retaining it in some form; costs are real for providers Section II: - Should there be provision for indemnification to provider against misuse of data? (NOTE: unlikely to gain support, so possibly no need to add) - A(6)(b)(ii): can a requester under the new wording keep/use the data to assocate with other information about the registrant e.g. for future or other requests? Does reverse apply to registrar/provider ie do they keep data that's sent to them? Section III: - III.B: Secure communications may not be as easily or readily done as might be desired (so revision is well-intended but maybe not entirely practical) - 5 calendar days rather than 3 is more reasonable from providers' perspective - saying "encouraged" but not mandating action would nullify need for this section B (NOTE: many people on the call agree with this, one objected) - III.C.: use some other word than “surrender”, and one that makes clear this does not mean a transfer; in any event, clarify that it's a deletion at the option of a customer (NOTE: there was some discussion over whether providers must be required to offer this option; reminder that previous WG discussions had led to agreement to NOT make it mandatory due to varying provider practices) - III.C.(v) & (vi): do they overlap? Should they be merged? Annex I: - Keep both options to clarify they are two possible ways of dealing with the issues? Would you like to do a Sub Team call to walk through these suggestions, or should we continue to discuss first by email? I will check with the WG co-chairs when they would like a revised, more finalized, set of recommendations to be presented to the WG (if possible). Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Tuesday, September 15, 2015 at 21:19 To: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>>, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Holly. As I mentioned when I circulated the draft (see attached email): “for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind.” From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Holly Raiche Sent: Tuesday, September 15, 2015 8:43 AM To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Cc: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Yes, it does help - particularly since I recognise my words in the extract. What it suggests, however, is acceptance that the elements a requested gives to a provider amounts to the standard of evidence that is ‘verifiable’ - as described below. My question to the group, therefore, is whether the addition of those words has been agreed upon by the group. If not, the words should not be there; their mere presence suggests agreement, and puts the onus on those of us who don’t agree to argue for the removal of words that were not agreed to. Sorry to be pedantic, folks, but the presence of those words suggests a level of agreement that I am not aware of. Holly On 15 Sep 2015, at 10:27 pm, Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> wrote: Hi Holly and everyone, As Todd noted in his report to the full WG last week on behalf of the Sub Team, the document doesn’t represent the finished consensus product of the Sub Team but rather is being presented as a tool for further WG discussion. The document includes certain revisions that were added to more fully reflect the comments that were received, and as such could be one form of a revised Annex E – however, as Todd mentioned, it isn’t the agreed result of the Sub Team’s substantive analysis. Similarly, in the summary document that was also sent out in tandem, here is how the Sub Team’s discussion on the question of “verifiable evidence” was presented: "Further, the Save Domain Privacy petition, which had 10,042 signatories and also included [x] number of additional statements, argued that “privacy providers should not be forced to reveal my private information without verifiable evidence of wrongdoing.” We as a sub-team could not agree on how to interpret “verifiable evidence,” and will leave that discussion to the larger WG. Some on the sub-team viewed these comments as supporting Annex E because the requirements in Annex E as currently formulated can be interpreted as constituting verifiable evidence, while others on the sub-team interpret ‘verifiable evidence’ as requiring a court order and therefore not in support of Annex E. However, some also noted that the word “verifiable” does not imply that the evidence has been tested through a legal process; rather, it simply points toward requiring that evidence provided must be credible/provable enough so that, in a legal proceeding, it would withstand legal scrutiny, but does not necessarily imply that there must have been a court process in all cases." Does this help? Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Holly Raiche <h.raiche@internode.on.net<mailto:h.raiche@internode.on.net>> Date: Tuesday, September 15, 2015 at 20:18 To: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Cc: "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Folks I apologise for not participating over the past week - I’ve been away. My question is, next to the headings on request for templates, the words after requester provides to the service provider, the words ‘verifiable evidence of wrong doing, including’…. What that implies is that the following text lists what would constitute ‘verifiable evidence’ and indeed, the word ‘including’ suggests that other elements can also constitute ‘verifiable evidence’. Has the group agreed on this? My impression was that we had not yet agreed what the term meant, but that it must be evidence of a very high standard - impliedly something that could be used in court processes. I am not convinced that the elements listed under Heading II meet that test. So Mary, others, was this agreed? Thanks Holly On 15 Sep 2015, at 7:11 am, Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> wrote: Thanks, Todd. From: "Williams, Todd" Date: Monday, September 14, 2015 at 1:18 PM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Thanks Sara. I’m still confused. In order: · I still don’t see any mention in the CDT comment re: removal of alleged infringing materials in lieu of disclosure. I do see support for the additional language that the attached draft adds to III(C)(vii) about “specific information, facts and/or circumstances showing that disclosure to the Requester will endanger the safety of the Customer” (in fact, that language was added specifically to capture the point of the paragraph from the CDT comment that you’ve quoted below). But that is completely different from what you’ve added, for which I cannot find any support in any of the public comments. I also don’t understand your claim that “rights and actions available to the registrant are sorely lacking in Annex E” – given that Annex E explicitly contemplates notice to the registrant and contemplates input from the registrant in Sections III(A), III(C)(ii), III(C)(iii), III(C)(iv), III(C)(vi), and III(C)(vii). · The portion of the NCSG comment that you’ve cited addressed the appeals mechanism of Section III(F), not the reconsideration mechanism of III(E). In fact, the attached draft removes the appeal mechanism of III(F) precisely because of the language that you quoted below from the NCSG comment (among others). But that language has nothing to do with III(E). · I don’t understand what the comments from Key Systems, Ralf Haring, or Adam Creighton have to do with III(E) – which again, is only talking about a request for reconsideration. Moreover, the Key Systems comment is simply inaccurate: the Disclosure Framework never “assume[d] disclosure if certain process steps are followed regardless of the merits of the complaint” – a point that the attached revised draft now makes explicit in the preamble (“by not requiring that disclosure automatically follow any given request”). Just to reiterate: I’ve always viewed our job in the two documents that our sub-team has drafted as being to accurately report to the larger WG what the comments that we’ve reviewed say. Which means two things: 1) we have to be true to the comments, and not reinterpret them to say something they don’t; and 2) we have to reserve our advocacy for or against certain points from those comments for the larger WG discussion. That’s what I tried to do in the attached. So if you want to argue against Annex E, that’s fine – do so on the call tomorrow. In fact, I’m planning to argue against several of the proposed changes that are included in the attached. But I still included those proposed changes in the attached draft, and accurately noted which comments they were based on – because to do otherwise would be misleading to the larger WG. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Monday, September 14, 2015 3:50 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Todd, Please see my comments inline below. Disclaimer: I do not support Annex E. Sara From: "Williams, Todd" Date: Monday, September 14, 2015 at 11:57 AM To: Sara Bockey, Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: RE: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Sara: Two quick questions on this as I was getting ready for our call tomorrow: 1) Your addition of a new III(C)(v) stating “the Customer has removed the infringing trademark and/or copyright material in lieu of disclosure” – what public comment that we reviewed was that change based on? Based on CDT’s comment re registrant’s ability to respond to allegations – removal of alleged infringing materials in lieu of disclosure would fall into this category. Rights and actions available to the registrant are sorely lacking in Annex E. Mere allegation of infringement or illegality is insufficient cause for a provider to disclose a customer’s data to a third party; it is frequently trivially easy for a party abusing the system to allege frivolous or nonexistent civil claims to justify a demand for personal information. Registrants should have the ability and opportunity to respond to the allegations and to the dangers to which they, their families, and their organizations might be subjected, and to obtain counsel on these matters. Revealing a customer’s registration data should only occur when there has been a substantial showing of likelihood of abuse and only after due process. 2)Can you show me where in the NCSG comment (here: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfBoyWzlMS3q.pd... ) the NCSG argued for the addition of the clause “in instances where Requester has discovered and submitted additional evidence or information which warrants consideration” to III(E)? You noted that this change was based on the NCSG comment, but I can’t find anything in that comment that mentions III(E) – though admittedly I could have missed it. Based on NCSG comment re unlimited appeals . Under no circumstances should Intellectual Property Interests, Law Enforcement or any other Requestors have unlimited appeals to third party dispute resolution providers. It will be far more than an implementation detail to define this appellate procedure – but a whole new arbitration forum of its own will need to be created and a UDRP process un–discussed and un–planned by this Working Group. All deliberation about appeal mechanisms should be set aside at this time. Any Intellectual Property owner or group that feels a Provider is routinely denying appropriate requests will have full access to the growing and increasingly responsive ICANN Compliance Team – which will be accessible to Complainers through the accreditation process now being created. Key Systems’ comment would also support this addition: We do not support the proposed Disclosure Framework as it assumes disclosure if certain process steps are followed regardless of the merits of the complaint. As well as Ralf Haring’s comment: [Disagree with proposal that] Providers can be forced to give your private contact details to anyone complaining that your site violates their copyright or trademark. And Adam Creighton’s comment: I think the language is too loose, and opens individuals up to frivolous litigation from IP rights owners and third-party agencies whose contracted relationship is to expand IP brand presence. Thanks. Todd. From: Sara Bockey [mailto:sbockey@godaddy.com] Sent: Friday, September 04, 2015 4:40 PM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Cc: Sara Bockey <sbockey@godaddy.com<mailto:sbockey@godaddy.com>> Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hi all, As promised, attached is a redline of my input to the proposed changes Todd drafted. Todd was pretty thorough and had included several revisions I had in mind based on the comments so my edits are limited to a few comments and additions. Best regards, Sara From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" Date: Wednesday, September 2, 2015 at 2:58 PM To: Mary Wong, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" Subject: Re: [Gnso-ppsai3] Additional Comments for Sub Team Consideration All: As promised on our call, attached is a redline of the Draft Disclosure Framework, with annotations noting the source of each proposed change. Several notes as you review: · I know that we’ve debated whether “verifiable evidence” means more than what is currently in Sections II(A), (B), and (C). You’ll see that I’ve added the exact wording from the savedomainprivacy.org<http://savedomainprivacy.org/> petition – “verifiable evidence of wrongdoing” – to those sections. I think that is a good fit, as of right now. But for Sara, Kathy, and the others on our sub-team who have argued that “verifiable evidence” means something higher – let us know how you would further edit Sections II(A), (B), and (C) to meet whatever “higher” standard you have in mind. · You’ll note that I briefly added a reference to the comment from Com Laude (which I think we had omitted from our summary). And that I did not reference the comment from Aaron Myers (which we’ve referenced in our summary, but which doesn’t really offer any edits to the Disclosure Framework). Otherwise I think I’ve covered everything that we reviewed in terms of edits to the Disclosure Framework – though let me know if anybody sees anything I’ve missed. · Just to be clear for the record: the attached is a revised Disclosure Framework that illustrates and attempts to account for all of the proposed edits that we received from the public comments, for the larger Working Group’s reference. But it is not how I would have edited the Disclosure Framework. In fact, I’ll reserve the right to argue against some of these proposed edits, once we get into the larger WG discussion. Just wanted to make that clear so that nobody thinks these edits are mine (since I’m the one who drafted the document). Thanks. Todd. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Mary Wong Sent: Wednesday, September 02, 2015 6:59 AM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: [Gnso-ppsai3] Additional Comments for Sub Team Consideration Hello again everyone, As you look through the proposed revised summary document (below), you may also wish to consider whether some of the additional comments that were included in Part 4 of the overall WG Public Comment Review Tool might be useful such that additional notes or recommendations can be made, or existing language amended. For your convenience I’ve extracted ten such comments which, while not sent in as specific responses to the Preliminary Recommendations and Annex E that this Sub Team is analysing, nonetheless seem relevant generally. I attach these ten comments in tabular form to this email, and welcome the Sub Team’s discussion and comments on whether any of them ought to be considered as well as your thoughts on the summary document. As the Sub Team is due to report back to the full WG next Tuesday, please let me know also if you think a call before then amongst the Sub Team members might be needed. Thanks and cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: Mary Wong <mary.wong@icann.org<mailto:mary.wong@icann.org>> Date: Monday, August 31, 2015 at 15:46 To: "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hello everyone, in an attempt to facilitate further dialogue and, hopefully, consensus on a way forward on this issue, I’ve taken the liberty of amending Kathy’s document to take into account Holly’s comments as well as to attempt to place certain comments (e.g. the ICA’s, EasyDNS’) more specifically within a particular category. I attach both a redlined and clean copy of this latest updated version (with the clean copy including yellow highlighted portions where the most significant language changes are suggested). I have not yet broken the comments down further into the registrant/provider distinction that Todd noted, but can of course do so if this is viewed as useful. Please note that this is not a staff position that is being suggested, but merely an attempt to document where the Sub Team’s discussion seems to be at the moment. I hope this is helpful. Cheers Mary Mary Wong Senior Policy Director Internet Corporation for Assigned Names & Numbers (ICANN) Telephone: +1 603 574 4889 Email: mary.wong@icann.org<mailto:mary.wong@icann.org> From: <gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org>> on behalf of "Williams, Todd" <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>> Date: Friday, August 28, 2015 at 22:40 To: Kathy Kleiman <kathy@kathykleiman.com<mailto:kathy@kathykleiman.com>>, "gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>" <gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org>> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Thanks Kathy. I both agree and disagree with what you’ve said below. I strongly agree that “the key is the quotes that have come out of the comments.” I’ve said repeatedly that our job as a sub-team is not to advocate, but to simply present the comments to the WG in as accurate and objective a way as possible. To the extent that we then want to advocate for our own positions as part of the larger WG, we can do so. Moreover, part of the reason why I feel so strongly that “the key is the quotes” is that I think we have to take the comments at face value, and then debate as WG whether we can reach consensus on what they actually say – not on what we want them to say. That’s why I felt so strongly that “verifiable evidence” should not be reinterpreted to mean a court order. It is also what animated my email exchange with Stephanie in the larger WG (attached). And if we are in fact faithful to what the comments actually say, then it is a mistake to lump all of the “court order” comments into one monolithic group. I’ve given some examples of substantive differences below. But let me give another one: if we look at what they actually say, the “court order” comments are very much divided based on whether the comment came from an individual registrant or from a registrar/provider. Which of course makes sense: a registrant will tend to look at these issues very differently than a provider. Specifically, as you correctly note in our draft, the vast majority of comments (11,000+) from individuals/registrants said that “Everyone deserves the right to privacy” and that “No one’s personal information should be revealed without a court order, regardless of whether the request comes from a private individual or law enforcement agency.” And of course, we can understand why registrants would argue that their right to privacy is inviolate, and that it should never be abrogated unless a court blesses it. But note that the registrar/provider comments in the “court order” group do NOT say the same thing. Rather, they are focused on retaining their discretion as to when to disclose or publish, and do not want an accreditation standard that requires them to do so absent a court order. Hence my point about the word “require” in the Blacknight comment. See also the Key Systems comment: “Disclosure or publication should never be the automatic result of a process, but rather remain an option of the provider.” And others. So one key distinction b/w the registrant/individual comments and the registrar/provider comments is that the registrant comments do not want disclosure or publication EVER unless following a court order, while the provider comments want a court order first if SOMEBODY ELSE wants them to disclose or publish, but not if THEY want to disclose or publish. And we can understand why, given how many provider Terms of Service include language that gives them discretion to basically turn off a P/P Service whenever they want (for example, if the registrant stops paying them), without any kind of process beforehand (due process or otherwise). See below (among many others): · Blacknight: https://www.blacknight.com/acceptable-usage.html. · Whoisprivacy.com<http://whoisprivacy.com/>, Ltd.: http://www.whoisprivacyservices.com.au/terms.htm. · EuroDNS S.A.: https://www.eurodns.com/terms-and-conditions/whois-privacy. · 1&1 Internet, Inc.: http://www.1and1.com/TcPdr?__lf=Static. · Domain.com<http://domain.com/>, LLC: http://www.domain.com/legal/legal_domain.bml#domain-privacy-service. · DomainIt, Inc.: https://www.domainit.com/terms.html. · Moniker Privacy Services, LLC: http://www.moniker.com/legal/registration-agreement. So we can understand why providers would not want an accreditation regime that requires them to get a court order before they turn off a registrant’s privacy service (and to rewrite their Terms of Service accordingly). In fact, Volker has already admitted – both on the email list (see attached) and on our weekly calls (see transcript of 8-11-15 call) – that such an accreditation requirement would have such a “severe impact” on the economic realities of providers (in other words, would cost them so much money), that they could never agree to such a requirement. But of course, if I’m an individual registrant concerned about my privacy and due process, then I could care less about the “economic realities” of providers. My point is only that we can’t gloss over that important distinction (and others) by lumping all of the “court order” comments together as if they were coming from the same place and advocating for the same thing. They’re not. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Friday, August 28, 2015 8:44 AM To: Williams, Todd <Todd.Williams@turner.com<mailto:Todd.Williams@turner.com>>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, The entire WG is now looking to our comments to show what supports Annex E (deemed generally to be a lower standard than court order) and Court Order (deemed to be a much higher standard than Annex E). What we are talking about is the floor, not the ceiling, right, for accreditation? Namely, what is the minimum requirement for disclosure of proxied data? I see it as really quite binary - up or down (Annex E or court order for private requests to p/p providers) - but I can understand if the subteam thinks differently. What I think is key is the quotes that have come out of the comments. Provided we keep the quotes, I'm good.I can rework, but not until end of weekend or early next week. Best, Kathy : Thanks Kathy. · When you say that “in the weeks since the original draft, I think the discussion has evolved from a multipart one . . . to a binary one” – what are you basing that on? Can you point to any transcripts or emails? I certainly don’t remember being part of those discussions. · Moreover, had I been involved in those discussions, I would have objected, because I think that lumping the comments together in the way that you have, and ignoring the categories that our sub-team had already agreed upon, does a disservice to the nuance of the comments from Google, ICA, EasyDNS, and the like. For example, a UDRP panel is not a court. I think that is an important distinction between Categories 2 and 3. And the fact that the ICA and EasyDNS comments would allow for “some exceptions for cases of abuse” is another important distinction that the broader WG ought to know about. I’m fine if we want to include some sort of introductory sentence saying that __ comments opposed the basic premise of Annex E (which we do). But to then argue that those comments are monolithic, or that they all oppose the premise of Annex E in the same way, is not accurate. · I simply understood the ISPCP comment to mean that allegations of infringement should not always be automatically taken as true (“not indisputably wronged parties”), and that some independent adjudicator (meaning, somebody other than the IP owner who is making the allegation) should evaluate the merits of those claims. Annex E as currently drafted provides for that. But I also don’t think that you or I should necessarily be the ones to decide this argument. Why can’t we just say that we weren’t quite sure what to do with this one (as was true with some others), and take it to the larger WG for their consideration. · I think you’re missing my point on Blacknight. My point is that the key word is “require.” As I mentioned below, nothing in Annex E “requires” Blacknight to disclose (merely to give reasons if they refuse to disclose). So I don’t see anything in their comment that is inconsistent with Annex E. · On the APC comment: I don’t disagree with you that the comment has important value for the WG. But that’s not the same thing as saying that it advocates for disclosure only following a court order. It doesn’t. From: Kathy Kleiman [mailto:kathy@kathykleiman.com] Sent: Wednesday, August 26, 2015 10:59 PM To: Williams, Todd <Todd.Williams@turner.com><mailto:Todd.Williams@turner.com>; gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi Todd, Tx you for the close read. In the weeks since the original draft, I think the discussion has evolved from a multipart one - such as the 5 categories originally created in Section III -- to a more binary one: do commenters support a system such as Annex E or do they want court order prior to the reveal of the data? With apologies, I don't understand the differentiation into Categories 2, 3 and 4 in Section III. Some parties may have mentioned UDRP, and others not, but that does not take away from the totality of the commenters who want court orders -- or want court orders for certain categories of requests such as privacy requests to p/p providers from third parties, such as intellectual property requests. To divide up these comments really dilutes the argument, I think, as these commenters favor court order for the key issue we are evaluating. So I would recommend keeping Google, Endurance, Wheelhouse, ICA and Easy DNS together in Category 2. The ISPCP Constituency Comments call for an "independent adjudicator" to "determine the merits of their ("intellectual property rights holders") claims. I thought that was pretty clear reference to a judge or magistrate, but if you see it differently, please let me know. Re Blacknight, on the issue of Annex E or court order, the comments appear to come down squarely for court orders. For LEA, it recommends a different approach, but there is no reference to Annex E, only "a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us." The intellectual property requests falls into the final category -- court order -- and as such, this comment would be properly listed here. Re: APC, Alliance for Progressive Communications, you are right that I missed a step in putting this comment forward. The question this quote addresses, and it is a valuable one, is court orders and jurisdiction -- from which jurisdiction are court orders are valid? Here APC provides us with unique insight, very worth passing onto the WG: that release of domain name data in some countries has and will continue to result in arrest, prosecution, conviction, etc. of "domain owners" who are "exercising activism" online. This is a very tough issue that we discussed in the WG, and APC is on the ground in Africa and near the Middle East to see abuses first hand. As the WG explores the issue of court orders, the next question is: from what jurisdiction should/must p/p provider accept a court order? The APC comment reminds us that what is clearly legal in one country is punishable in another -- and that jurisdictional issues for court orders are a key part of what we (the WG) have to keep in mind. If you would like to create a introductory paragraph, or new section, for this type of discussion, I would certainly welcome it! Best, Kathy : Thanks Kathy. One minor formatting suggestion: I think the spectrum that we outline on page 5 (Categories 1-4) is useful, because not all of these comments are advocating for the same thing. Yet the quotes that we’ve added from the comments are all included under Category 2, which is somewhat confusing. I would suggest that we move: · The quotes from the comments from Google, Endurance International Group, and Jeff Wheelhouse to the paragraph on Category 3. · The quotes from the comments from ICA and Easy DNS to the paragraph on Category 4. Also, I saw that you added quotes from the comments from ISPCPC, Blacknight, and the Association for Progressive Communications, even though those weren’t in our initial summary and don’t specifically mention Annex E. My thoughts on each: · Here’s the full ISPCPC quote, from a section titled “Regarding LEA definitions & differentiations”: “While we respect the desire to utilize the official ICANN definition of Law Enforcement Agent (LEA), we acknowledge that intellectual property rights holders and private anti abuse organizations should be treated as complainants and not indisputably wronged parties, and accordingly an independent adjudicator should determine the merits of their claim before rights that users would otherwise have are abrogated by reason of those lawyers' claims.” To be honest, I’m not really sure what to make of that (especially given that it is included under a heading about LEA definitions). But I’m not sure that we can assume that it means disclosure only following a court order. Why would Annex E as currently drafted not satisfy the standard of “an independent adjudicator should determine the merits of their claim”? · I also don’t understand why we would think that the Blacknight quote is incompatible with Annex E. All it says is that “any policy that would require us to divulge our client’s information in the absence of either a request from law enforcement, Irish consumer protection agencies or a court order with jurisdiction over us is incompatible with Irish law.” But Annex E as currently drafted doesn’t require Blacknight to divulge its client’s information. Rather, it gives Blacknight the discretion to make that decision; all it requires is that Blacknight provide the complainant with its reasoning if it chooses to refuse. · I don’t understand why we’d include a quote from the APC comment in this section, given that it does not mention Annex E, and that it expressly endorsed the NCSG comment (see: http://forum.icann.org/lists/comments-ppsai-initial-05may15/pdfwOfjgYV0i9.pd...), which we analyze in the previous section that supports the premise of Annex E. From:gnso-ppsai3-bounces@icann.org<mailto:gnso-ppsai3-bounces@icann.org> [mailto:gnso-ppsai3-bounces@icann.org] On Behalf Of Kathy Kleiman Sent: Wednesday, August 26, 2015 5:17 PM To: gnso-ppsai3@icann.org<mailto:gnso-ppsai3@icann.org> Subject: Re: [Gnso-ppsai3] Revised Subteam 3 Summary with Overview Hi All, Tx to Darcy for the Overview work. I've taken her draft and added to it my work on Section III as promised on the last call. I added more quotes from commenters seeking court orders and the use of existing legal due process mechanisms prior to disclosure of proxied data. There was a wide array of comments on this issue, including from ISPs, individuals, organizations, and companies. I used Darcy's version as the base. Both her edits (Overview) and my edits (Section III) are shown in "track changes." Best, Kathy : Hi, all! In follow up to our call earlier this week, attached is an updated Sub-team 3 analysis draft with the overview added at the beginning. I redlined my changes so you can clearly see what I’ve done. I hope you find that I present a clear and accurate overview. I also made some minor revisions to Section V (“Comments that did not fit neatly into any of the above categories”) that I realized after submitting my original draft of that section made a bit more sense. Again, I’ve redlined the changes so you can easily see what changed. Please let me know if there are any questions. Thanks, Darcy _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 <Revised Illustrative Disclosure Framework for Intellectual Property Righ...[2][1].docx>_______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3 _______________________________________________ Gnso-ppsai3 mailing list Gnso-ppsai3@icann.org<mailto:Gnso-ppsai3@icann.org> https://mm.icann.org/mailman/listinfo/gnso-ppsai3
participants (6)
-
Darcy Southwell -
Holly Raiche -
Kathy Kleiman -
Mary Wong -
Sara Bockey -
Williams, Todd