Dear RDA Small Team Members, Below, please find the notes and action items below from today’s Council Accuracy Small Team meeting. Thank you. Best regards, Feodora and Caitlin -- Council Accuracy Small Team Meeting #3 Thursday, 29 May, 13:00 UTC Action Items: 1. Small Team Members to continue considering and socializing the three “golden nuggets” in preparation for updates to the GAC and GNSO Council at ICANN83. Updated Golden Nuggets: 🟡 The recent INFERMAL study reported that validation/verification of contact details before or during the registration process resulted in a 70% decrease in malicious registrations. The current 2023 RAA requires validation and verification within 15 days. This golden nugget looks at potentially shortening that timeline of 15 days. Note: this does NOT involve identify verification, but rather shortening the timeframe the verification and validation that is already required under the 2023 RAA. 🟡 Creation of clear and user-friendly educational tools before, during, and after domain name registration to assist registrants in understanding the (i) importance of providing and maintaining accurate registration data through the lifecycle of their domain name(s), (ii) how their data is protected, and (iii) the consequences of providing inaccurate data or not verifying email/phone under the required timeline. The educational tools could, for example, include pop-ups during the registration process. 🟡 Recommendation CC.1 remains outstanding and recommends including a notation in the RDDS record that the domain name is suspended due to incorrect data and that domain names with this notation should not be unsuspended until the data is corrected. The GNSO Council committed to including this in future policy work, and the Small Team agrees that this could be the subject of future policy work, noting, however, that how this notation is done may require further discussion and/or involve another group like the IETF. 1. Leadership and Support Staff to draft preliminary recommendations based on the above golden nuggets to assist the Small Team in its review. (Note: these are very preliminary, and the Small Team is invited to edit.) 2. Leadership and Support Staff to work on draft talking points for the GAC and Council updates, which will be circulated to the small team when available. 3. Support Staff to provide additional context on the history of Rec. CC.1 and the rationale for its recommendation. Notes: 1. Welcome (5 min) 2. Reminder of Golden Nuggets + Current Contractual Requirements (30 min) * Reminder of the Venn diagram, or “three-ring circus”, which endeavors to show high-level areas of agreement and divergence in the responses to the Council’s framing questions * Staff to change “incremental” improvements to “additional” improvements (complete) * This slide could be used during the update to the GAC and Council * Golden Nugget #1 (earlier timeline for existing validation/verification) * In terms of discussing accuracy, the RrSG provided feedback on the terminology, which may be helpful as the group discusses current requirements: * Fidelity - accurately collecting, storing, and disclosing data provided without error or omission. * Validation - format checks, city/postal code match * Verification - actually sending email, text, phone call or mail piece to confirm receipt. * Under the 2023 RAA, validation is looking at the format of the data, and verification an affirmative response from the registrant from phone or email. This is not about identity verification. * The registrar performs the validation, and the verification is a joint process b/w the registrar and registrant. * The RrSG is aligned with taking a closer look at validation and verification, but the answer may not be to conduct this earlier based on one study. However, the study raises good questions, and the RrSG is aligned that this could be a further area to explore. * This group is still very early in its process and has not reached any conclusions or recommendations yet. * NCSG is against identity verification in any form as accuracy is for the purposes of contactability. In saying that, there was not a strong objection to shortening the time to verify email address (from maybe 2 weeks to one week, for example). * NCSG also believes that proactive, user-friendly education that explains the implications of not verifying, for example, is very important. * The GAC has relayed that email verification should involve an email or SMS in response, confirming the email or SMS has been received. * Important to ensure the work we are doing does not conflict with NIS2. * Important to note that this is a starting point for what the group can get to consensus on to get the ball rolling forward; these agreements do not inhibit more changes in the future. * The group could potentially agree on items that could be worked on in a narrow PDP, or bilateral contractual amendments. This, however, does not preclude other work. * This work of this group should be jurisdiction agnostic. * Re: potentially shortening timeframe for validation/verification), the group has not yet agreed on proposed timing; this is still an idea to see if the group can get behind it. * Group seems to align on looking into this further, in conjunction with better user-friendly education of registrants. * Golden nugget #2 (increased education) * NCSG is concerned about traditional forms of education (like reading 100-page document); recommend, for example, crisp user-friendly pop-ups before, during, and after registration to raise awareness on why registrants should keep their registration data accurate and what could happen if they do not) * IPC will also likely support additional registrant education; this could be a good area of collaboration. * Group agrees this nugget should include addition around user-friendly educational materials, initiative, etc. * Golden nugget #3 (Notation in RDDS) * Not a strong pushback from the RrSG regarding this nugget, but in terms of understanding the recommendation, it would be helpful to understand thinking behind the recommendation and why this Review Team thought this would be beneficial. * Could the nugget include something like “fast-track” or “implement” this recommendation. * Does this CC.1 recommendation mean the notation will be in the domain name data the registrant has access to? * The recommendation is recommending a notation in the public RDDS. This may, for example, involve the creation of a new EPP status code because this does not currently exist. Important to understand that this would likely need to be uniform and does not involve putting a text line in RDDS. It may involve IETF. 1. Next Steps + Homework (10 min) * Small Team Members to continue considering and socializing the three “golden nuggets” in preparation for updates to the GAC and GNSO Council at ICANN83. * Leadership and Support Staff to draft preliminary recommendations based on the above golden nuggets to assist the Small Team in its review. (Note: these are very preliminary, and the Small Team is invited to edit.) * Leadership and Support Staff to work on draft talking points for the GAC and Council updates, which will be circulated to the small team when available. * Support Staff to provide additional context on the history of Rec. CC.1 and the rationale for its recommendation. 1. AOB (5 min)