First Report questions
Hello all, I've watched the meeting recording and reviewed the report, and have a couple questions. Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? *At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual /request/ rate for domains /with /participating registrars, which is not an 'apples to apples' comparison. * There was also some discussion about request type vs request*or* type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". *Maybe this metric should simply be renamed to "Disclosure Requests by Category"? * Thanks very much*, * -- *Sarah Wyld, CIPP/E* Policy & Privacy Manager Pronouns: she/they swyld@tucows.com
Dear Sarah, Thank you very much for your feedback. I wanted to share a few replies to your comments and questions below from the project team: “At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual request rate for domains with participating registrars, which is not an 'apples to apples' comparison.” ICANN org response: While we do not have precise data on the number of lookup as we looked into it as an afterthought, your comment about how Metric 10 is not an apples-to-apples comparison, and how many lookup that resulted in participating registrars did not proceed to request submission is correct. Initially, the Small Team requested the number of requests submitted to participating vs non-participating registrars. As the RDRS did not have an ability to enable submission of requests to the non-participating registrars, the closest thing we settled on tracking was a number for lookups for non-participating registrars. This has resulted in painting a skewed picture, as if most of the lookups resulted in non-participating registrars when this was not the case. We will explore whether we can improve the data presented in Metric 10 to reduce confusion. “Maybe this metric (8)should simply be renamed to "Disclosure Requests by Category"?” ICANN org response: You are correct. This will be renamed “Disclosure Requests by Request Type.” Thank you again, Eleeza ICANN org liaison From: Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> on behalf of Sarah Wyld <swyld@tucows.com> Organization: Tucows Date: Thursday, January 25, 2024 at 6:18 AM To: "gnso-rdrs-sc@icann.org" <gnso-rdrs-sc@icann.org> Subject: [Gnso-rdrs-sc] First Report questions Hello all, I've watched the meeting recording and reviewed the report, and have a couple questions. Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual request rate for domains with participating registrars, which is not an 'apples to apples' comparison. There was also some discussion about request type vs requestor type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". Maybe this metric should simply be renamed to "Disclosure Requests by Category"? Thanks very much, -- Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com>
Thanks Eleeza, I appreciate this response and look forward to seeing the next report. I truly hope that Metric 10 will be revised so that we do not continue to paint an inaccurate picture of the data for the broader community, even inadvertently. *Sarah Wyld, CIPP/E* Policy & Privacy Manager Pronouns: she/they swyld@tucows.com On 2024-02-01 5:02 p.m., Eleeza Agopian wrote:
Dear Sarah,
Thank you very much for your feedback. I wanted to share a few replies to your comments and questions below from the project team:
*“At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual /request/ rate for domains /with /participating registrars, which is not an 'apples to apples' comparison.” *
ICANN org response: While we do not have precise data on the number of lookup as we looked into it as an afterthought, your comment about how Metric 10 is not an apples-to-apples comparison, and how many lookup that resulted in participating registrars did not proceed to request submission is correct. Initially, the Small Team requested the number of requests submitted to participating vs non-participating registrars. As the RDRS did not have an ability to enable submission of requests to the non-participating registrars, the closest thing we settled on tracking was a number for lookups for non-participating registrars. This has resulted in painting a skewed picture, as if most of the lookups resulted in non-participating registrars when this was not the case. We will explore whether we can improve the data presented in Metric 10 to reduce confusion.
*“Maybe this metric (8)should simply be renamed to "Disclosure Requests by Category"?”*
*ICANN org response: *You are correct. This will be renamed “Disclosure Requests by Request Type.”
Thank you again,
Eleeza
ICANN org liaison
*From: *Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> on behalf of Sarah Wyld <swyld@tucows.com> *Organization: *Tucows *Date: *Thursday, January 25, 2024 at 6:18 AM *To: *"gnso-rdrs-sc@icann.org" <gnso-rdrs-sc@icann.org> *Subject: *[Gnso-rdrs-sc] First Report questions
Hello all,
I've watched the meeting recording and reviewed the report, and have a couple questions.
Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? *At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual /request/ rate for domains /with /participating registrars, which is not an 'apples to apples' comparison. *
There was also some discussion about request type vs request*or* type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". *Maybe this metric should simply be renamed to "Disclosure Requests by Category"? *
Thanks very much*,*
--
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
Question for the Standing Committee – Given that multiple standing committee members and their constituencies have been compiling feedback on the RDRS tool and the reporting derived from its use, and given that the current calls are scheduled (unless I’m mistaken) monthly for 1 hour, is there appetite to have a more frequent call cadence for the express purpose of providing / considering / implementing feedback, and maintaining awareness of whether/not it is resulting in changes to RDRS & RDRS reporting? Such calls could naturally decline in frequency or halt altogether once the initial flow of feedback is reviewed, but at the outset of the RDRS trial there may be more to discuss than there will be in later months. Thoughts? Gabriel From: Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> On Behalf Of Sarah Wyld Sent: Thursday, January 25, 2024 6:18 AM To: gnso-rdrs-sc@icann.org Subject: [EXTERNAL EMAIL] - [Gnso-rdrs-sc] First Report questions Hello all, I've watched the meeting recording and reviewed the report, and have a couple questions. Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual request rate for domains with participating registrars, which is not an 'apples to apples' comparison. There was also some discussion about request type vs requestor type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". Maybe this metric should simply be renamed to "Disclosure Requests by Category"? Thanks very much, -- Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com>
Hi all, I have also been wondering if/how/when we will discuss the registrar feedback to the RDRS. That said, I am also interested in feedback from other groups, and I notice that the top section of the Impressions doc <https://docs.google.com/document/d/14b6bG1Odmx-pLkTHrLSNiqAA4JCky2bewidHa5Yt...> remains empty. Will anyone from the requestor community be adding input as to their RDRS experiences? Thanks, *Sarah Wyld, CIPP/E* Policy & Privacy Manager Pronouns: she/they swyld@tucows.com On 2024-02-06 4:38 p.m., Gabriel Andrews wrote:
Question for the Standing Committee –
Given that multiple standing committee members and their constituencies have been compiling feedback on the RDRS tool and the reporting derived from its use, and given that the current calls are scheduled (unless I’m mistaken) monthly for 1 hour, is there appetite to have a more frequent call cadence for the express purpose of providing / considering / implementing feedback, and maintaining awareness of whether/not it is resulting in changes to RDRS & RDRS reporting?
Such calls could naturally decline in frequency or halt altogether once the initial flow of feedback is reviewed, but at the outset of the RDRS trial there may be more to discuss than there will be in later months.
Thoughts?
Gabriel
*From:* Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> *On Behalf Of *Sarah Wyld *Sent:* Thursday, January 25, 2024 6:18 AM *To:* gnso-rdrs-sc@icann.org *Subject:* [EXTERNAL EMAIL] - [Gnso-rdrs-sc] First Report questions
Hello all,
I've watched the meeting recording and reviewed the report, and have a couple questions.
Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? *At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual /request/ rate for domains /with /participating registrars, which is not an 'apples to apples' comparison. *
There was also some discussion about request type vs request*or* type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". *Maybe this metric should simply be renamed to "Disclosure Requests by Category"? *
Thanks very much*,*
--
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
I'm happy to do more frequent calls if others are, but we all know that with only a month or so under our belts, there isn't enough data to draw any stable conclusions. I'll leave it to the IPC folks who are on this team to add any impressions they may have from the requestor community, but if pressed to do so today my impression would be "could be more user friendly (and we addressed some ideas how on our last call); too early to tell much else." Maybe we gather 2-3 months of data and see what we see. If we are having trouble digesting all that data in 1 hour a month, maybe bump up the frequency then? Best, Paul From: Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> On Behalf Of Sarah Wyld Sent: Wednesday, February 7, 2024 8:23 AM To: gnso-rdrs-sc@icann.org Subject: Re: [Gnso-rdrs-sc] [EXTERNAL EMAIL] - First Report questions You don't often get email from swyld@tucows.com<mailto:swyld@tucows.com>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification> Hi all, I have also been wondering if/how/when we will discuss the registrar feedback to the RDRS. That said, I am also interested in feedback from other groups, and I notice that the top section of the Impressions doc<https://docs.google.com/document/d/14b6bG1Odmx-pLkTHrLSNiqAA4JCky2bewidHa5Yt...> remains empty. Will anyone from the requestor community be adding input as to their RDRS experiences? Thanks, Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com> On 2024-02-06 4:38 p.m., Gabriel Andrews wrote: Question for the Standing Committee - Given that multiple standing committee members and their constituencies have been compiling feedback on the RDRS tool and the reporting derived from its use, and given that the current calls are scheduled (unless I'm mistaken) monthly for 1 hour, is there appetite to have a more frequent call cadence for the express purpose of providing / considering / implementing feedback, and maintaining awareness of whether/not it is resulting in changes to RDRS & RDRS reporting? Such calls could naturally decline in frequency or halt altogether once the initial flow of feedback is reviewed, but at the outset of the RDRS trial there may be more to discuss than there will be in later months. Thoughts? Gabriel From: Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org><mailto:gnso-rdrs-sc-bounces@icann.org> On Behalf Of Sarah Wyld Sent: Thursday, January 25, 2024 6:18 AM To: gnso-rdrs-sc@icann.org<mailto:gnso-rdrs-sc@icann.org> Subject: [EXTERNAL EMAIL] - [Gnso-rdrs-sc] First Report questions Hello all, I've watched the meeting recording and reviewed the report, and have a couple questions. Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual request rate for domains with participating registrars, which is not an 'apples to apples' comparison. There was also some discussion about request type vs requestor type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". Maybe this metric should simply be renamed to "Disclosure Requests by Category"? Thanks very much, -- Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com> This email originated from outside the firm. Please use caution.
Thank you for your message, Gabriel. Our next meeting is scheduled for Monday, 26 February at 17:30 UTC. During the meeting, we can discuss the cadence for meetings and if additional meetings may be needed to discuss registrar and requestor feedback and experience with the RDRS. As Sarah notes, we do have an RDRS Impressions document (https://docs.google.com/document/d/14b6bG1Odmx-pLkTHrLSNiqAA4JCky2bewidHa5Yt...) that we are using to catalog feedback on the RDRS. ICANN org support staff regularly checks this document, and we invite requestors to share impressions and feedback here so both requestor and registrar feedback can be recorded in one easy-to-find, transparent document. If you have an issue with the Google document or would prefer to submit feedback directly to the list, Support Staff would be happy to enter the feedback on your behalf. Kindly, Sebastien Ducos GoDaddy Registry | Senior Client Services Manager [signature_2864097534] +33612284445 France & Australia sebastien@registry.godaddy<mailto:sebastien@registry.godaddy> From: Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> on behalf of Gabriel Andrews via Gnso-rdrs-sc <gnso-rdrs-sc@icann.org> Date: Tuesday, 6 February 2024 at 10:39 pm To: Sarah Wyld <swyld@tucows.com>, gnso-rdrs-sc@icann.org <gnso-rdrs-sc@icann.org> Subject: Re: [Gnso-rdrs-sc] [EXTERNAL EMAIL] - First Report questions You don't often get email from gnso-rdrs-sc@icann.org. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification> Caution: This email is from an external sender. Please do not click links or open attachments unless you recognize the sender and know the content is safe. Forward suspicious emails to isitbad@. Question for the Standing Committee – Given that multiple standing committee members and their constituencies have been compiling feedback on the RDRS tool and the reporting derived from its use, and given that the current calls are scheduled (unless I’m mistaken) monthly for 1 hour, is there appetite to have a more frequent call cadence for the express purpose of providing / considering / implementing feedback, and maintaining awareness of whether/not it is resulting in changes to RDRS & RDRS reporting? Such calls could naturally decline in frequency or halt altogether once the initial flow of feedback is reviewed, but at the outset of the RDRS trial there may be more to discuss than there will be in later months. Thoughts? Gabriel From: Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> On Behalf Of Sarah Wyld Sent: Thursday, January 25, 2024 6:18 AM To: gnso-rdrs-sc@icann.org Subject: [EXTERNAL EMAIL] - [Gnso-rdrs-sc] First Report questions Hello all, I've watched the meeting recording and reviewed the report, and have a couple questions. Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual request rate for domains with participating registrars, which is not an 'apples to apples' comparison. There was also some discussion about request type vs requestor type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". Maybe this metric should simply be renamed to "Disclosure Requests by Category"? Thanks very much, -- Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com>
Thanks Sebastien & Sarah for reminding me of – and linking to - the google feedback document! I’ve been compiling RDRS feedback from law enforcement / public safety users, and will gladly push such to that document now. From: Sebastien@registry.godaddy <Sebastien@registry.godaddy> Sent: Wednesday, February 7, 2024 8:30 AM To: Andrews, Gabriel F. (STB) (FBI) <gfandrews@fbi.gov>; Sarah Wyld <swyld@tucows.com>; gnso-rdrs-sc@icann.org Subject: Re: [Gnso-rdrs-sc] [EXTERNAL EMAIL] - First Report questions Thank you for your message, Gabriel. Our next meeting is scheduled for Monday, 26 February at 17:30 UTC. During the meeting, we can discuss the cadence for meetings and if additional meetings may be needed to discuss registrar and requestor feedback and experience with the RDRS. As Sarah notes, we do have an RDRS Impressions document (https://docs.google.com/document/d/14b6bG1Odmx-pLkTHrLSNiqAA4JCky2bewidHa5Yt...) that we are using to catalog feedback on the RDRS. ICANN org support staff regularly checks this document, and we invite requestors to share impressions and feedback here so both requestor and registrar feedback can be recorded in one easy-to-find, transparent document. If you have an issue with the Google document or would prefer to submit feedback directly to the list, Support Staff would be happy to enter the feedback on your behalf. Kindly, Sebastien Ducos GoDaddy Registry | Senior Client Services Manager [signature_2864097534] +33612284445 France & Australia sebastien@registry.godaddy<mailto:sebastien@registry.godaddy> From: Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org<mailto:gnso-rdrs-sc-bounces@icann.org>> on behalf of Gabriel Andrews via Gnso-rdrs-sc <gnso-rdrs-sc@icann.org<mailto:gnso-rdrs-sc@icann.org>> Date: Tuesday, 6 February 2024 at 10:39 pm To: Sarah Wyld <swyld@tucows.com<mailto:swyld@tucows.com>>, gnso-rdrs-sc@icann.org<mailto:gnso-rdrs-sc@icann.org> <gnso-rdrs-sc@icann.org<mailto:gnso-rdrs-sc@icann.org>> Subject: Re: [Gnso-rdrs-sc] [EXTERNAL EMAIL] - First Report questions You don't often get email from gnso-rdrs-sc@icann.org<mailto:gnso-rdrs-sc@icann.org>. Learn why this is important<https://aka.ms/LearnAboutSenderIdentification> Caution: This email is from an external sender. Please do not click links or open attachments unless you recognize the sender and know the content is safe. Forward suspicious emails to isitbad@. Question for the Standing Committee – Given that multiple standing committee members and their constituencies have been compiling feedback on the RDRS tool and the reporting derived from its use, and given that the current calls are scheduled (unless I’m mistaken) monthly for 1 hour, is there appetite to have a more frequent call cadence for the express purpose of providing / considering / implementing feedback, and maintaining awareness of whether/not it is resulting in changes to RDRS & RDRS reporting? Such calls could naturally decline in frequency or halt altogether once the initial flow of feedback is reviewed, but at the outset of the RDRS trial there may be more to discuss than there will be in later months. Thoughts? Gabriel From: Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org<mailto:gnso-rdrs-sc-bounces@icann.org>> On Behalf Of Sarah Wyld Sent: Thursday, January 25, 2024 6:18 AM To: gnso-rdrs-sc@icann.org<mailto:gnso-rdrs-sc@icann.org> Subject: [EXTERNAL EMAIL] - [Gnso-rdrs-sc] First Report questions Hello all, I've watched the meeting recording and reviewed the report, and have a couple questions. Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual request rate for domains with participating registrars, which is not an 'apples to apples' comparison. There was also some discussion about request type vs requestor type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". Maybe this metric should simply be renamed to "Disclosure Requests by Category"? Thanks very much, -- Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com>
Hi all, I understand that a request in the LEA category can have a confidentiality request along with it (the special checkbox). Will there be metric on the use of this checkbox in future reports? I didn't find it in the first one, maybe nobody had used it when that report was generated. Thanks, *Sarah Wyld, CIPP/E* Policy & Privacy Manager Pronouns: she/they swyld@tucows.com On 2024-01-25 9:17 a.m., Sarah Wyld wrote:
Hello all,
I've watched the meeting recording and reviewed the report, and have a couple questions.
Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? *At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual /request/ rate for domains /with /participating registrars, which is not an 'apples to apples' comparison. *
There was also some discussion about request type vs request*or* type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". *Maybe this metric should simply be renamed to "Disclosure Requests by Category"? *
Thanks very much*, *
--
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
_______________________________________________ Gnso-rdrs-sc mailing list Gnso-rdrs-sc@icann.org https://mm.icann.org/mailman/listinfo/gnso-rdrs-sc
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Concur I'd find that information useful. I'm not sure about review period 1, but I'm certain there were instances of the confidentiality checkbox being used since (as automatic denials associated with the box being checked is an item of feedback from LEA requestors). From: Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> On Behalf Of Sarah Wyld Sent: Wednesday, February 14, 2024 7:20 AM To: gnso-rdrs-sc@icann.org Subject: [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions Hi all, I understand that a request in the LEA category can have a confidentiality request along with it (the special checkbox). Will there be metric on the use of this checkbox in future reports? I didn't find it in the first one, maybe nobody had used it when that report was generated. Thanks, Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com> On 2024-01-25 9:17 a.m., Sarah Wyld wrote: Hello all, I've watched the meeting recording and reviewed the report, and have a couple questions. Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual request rate for domains with participating registrars, which is not an 'apples to apples' comparison. There was also some discussion about request type vs requestor type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". Maybe this metric should simply be renamed to "Disclosure Requests by Category"? Thanks very much, -- Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com> _______________________________________________ Gnso-rdrs-sc mailing list Gnso-rdrs-sc@icann.org<mailto:Gnso-rdrs-sc@icann.org> https://mm.icann.org/mailman/listinfo/gnso-rdrs-sc _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Hi all, Apologies if this is nitpicky, but I think it's important to understand that there are no automated denials in RDRS. Each request is reviewed and updated by a human; although it may be the case that all requests with the confidentiality checkbox were denied, it is not automatic. *Sarah Wyld, CIPP/E* Policy & Privacy Manager Pronouns: she/they swyld@tucows.com On 2024-02-14 12:39 p.m., Gabriel Andrews wrote:
Concur I’d find that information useful. I’m not sure about review period 1, but I’m certain there were instances of the confidentiality checkbox being used since (as automatic denials associated with the box being checked is an item of feedback from LEA requestors).
*From:* Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> *On Behalf Of *Sarah Wyld *Sent:* Wednesday, February 14, 2024 7:20 AM *To:* gnso-rdrs-sc@icann.org *Subject:* [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions
Hi all,
I understand that a request in the LEA category can have a confidentiality request along with it (the special checkbox). Will there be metric on the use of this checkbox in future reports? I didn't find it in the first one, maybe nobody had used it when that report was generated.
Thanks,
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
On 2024-01-25 9:17 a.m., Sarah Wyld wrote:
Hello all,
I've watched the meeting recording and reviewed the report, and have a couple questions.
Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? *At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual /request/ rate for domains /with /participating registrars, which is not an 'apples to apples' comparison. *
There was also some discussion about request type vs request*or* type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". *Maybe this metric should simply be renamed to "Disclosure Requests by Category"? *
Thanks very much*,*
--
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
_______________________________________________
Gnso-rdrs-sc mailing list
Gnso-rdrs-sc@icann.org
https://mm.icann.org/mailman/listinfo/gnso-rdrs-sc
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Poor choice of words on my part, Sarah, and fair to correct me, as the requests aren't even making it to the point of approval vs denial. Instead, we're being told that when the confidentiality box is checked, that the participating registrar(s) ~"isn't able to process confidential requests through RDRS at this time", and a non-RDRS external link is provided for reissuance of the request via non-RDRS means. So the desire here is to collaborate on a solution to whatever issue(s) may be preventing participating registrars from being able to process requests when the box is ticked. This can happen privately or via Standing Committee, as those registrars prefer, but it seemed quite worth noting in RDRS SC contexts, as it impacts both data collected as well as our understanding of what technical/policy features are needed for this or future request systems to be able to process confidential requests. From: Sarah Wyld <swyld@tucows.com> Sent: Thursday, February 15, 2024 8:30 AM To: Andrews, Gabriel F. (STB) (FBI) <gfandrews@fbi.gov>; gnso-rdrs-sc@icann.org Subject: Re: [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions Hi all, Apologies if this is nitpicky, but I think it's important to understand that there are no automated denials in RDRS. Each request is reviewed and updated by a human; although it may be the case that all requests with the confidentiality checkbox were denied, it is not automatic. Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com> On 2024-02-14 12:39 p.m., Gabriel Andrews wrote: Concur I'd find that information useful. I'm not sure about review period 1, but I'm certain there were instances of the confidentiality checkbox being used since (as automatic denials associated with the box being checked is an item of feedback from LEA requestors). From: Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org><mailto:gnso-rdrs-sc-bounces@icann.org> On Behalf Of Sarah Wyld Sent: Wednesday, February 14, 2024 7:20 AM To: gnso-rdrs-sc@icann.org<mailto:gnso-rdrs-sc@icann.org> Subject: [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions Hi all, I understand that a request in the LEA category can have a confidentiality request along with it (the special checkbox). Will there be metric on the use of this checkbox in future reports? I didn't find it in the first one, maybe nobody had used it when that report was generated. Thanks, Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com> On 2024-01-25 9:17 a.m., Sarah Wyld wrote: Hello all, I've watched the meeting recording and reviewed the report, and have a couple questions. Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual request rate for domains with participating registrars, which is not an 'apples to apples' comparison. There was also some discussion about request type vs requestor type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". Maybe this metric should simply be renamed to "Disclosure Requests by Category"? Thanks very much, -- Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com> _______________________________________________ Gnso-rdrs-sc mailing list Gnso-rdrs-sc@icann.org<mailto:Gnso-rdrs-sc@icann.org> https://mm.icann.org/mailman/listinfo/gnso-rdrs-sc _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Hi, Why do you say the requests aren't making it to the point of approval or denial? It sounds like because the request includes the confidentiality request and the registrar is not able to disclose the data without notifying the data subject that it is denied. Regarding "/a non-RDRS external link is provided for reissuance of the request via non-RDRS means/", this is expected - the RDRS was not built to send information back and forth when the request is incomplete and needs to be supplemented, and I seem to recall feedback from LEA earlier in this RDRS process saying that adequate due process would generally be provided directly to the Registrar, not through RDRS, for confidentiality reasons. We've noted already that once a request is marked as 'denied' in RDRS it can't be updated even if the requestor then provides more information and it can be approved; perhaps altering that would help in this situation. When you say "/the desire here is to collaborate on a solution to whatever issue(s) may be preventing participating registrars from being able to process requests when the box is ticked/", I think the issue at hand is a legal obligation to notify the data subject about the disclosure, in the absence of some legal obligation /not /to do so, such as a warrant, subpoena, or other due process in the relevant jurisdiction. I'm not sure that addressing this is within the purview of the RDRS Small Team; it may be better suited for RrSG/GAC discussions as it is not related to RDRS functionality or data gathering but is instead a question of how the registrar makes the disclosure decision. Thanks, *Sarah Wyld, CIPP/E* Policy & Privacy Manager Pronouns: she/they swyld@tucows.com On 2024-02-15 12:24 p.m., Gabriel Andrews wrote:
Poor choice of words on my part, Sarah, and fair to correct me, as the requests aren’t even making it to the point of approval vs denial.
Instead, we’re being told that when the confidentiality box is checked, that the participating registrar(s) ~“isn’t able to process confidential requests through RDRS at this time”, and a non-RDRS external link is provided for reissuance of the request via non-RDRS means. So the desire here is to collaborate on a solution to whatever issue(s) may be preventing participating registrars from being able to process requests when the box is ticked. This can happen privately or via Standing Committee, as those registrars prefer, but it seemed quite worth noting in RDRS SC contexts, as it impacts both data collected as well as our understanding of what technical/policy features are needed for this or future request systems to be able to process confidential requests.
*From:* Sarah Wyld <swyld@tucows.com> *Sent:* Thursday, February 15, 2024 8:30 AM *To:* Andrews, Gabriel F. (STB) (FBI) <gfandrews@fbi.gov>; gnso-rdrs-sc@icann.org *Subject:* Re: [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions
Hi all,
Apologies if this is nitpicky, but I think it's important to understand that there are no automated denials in RDRS.
Each request is reviewed and updated by a human; although it may be the case that all requests with the confidentiality checkbox were denied, it is not automatic.
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
On 2024-02-14 12:39 p.m., Gabriel Andrews wrote:
Concur I’d find that information useful. I’m not sure about review period 1, but I’m certain there were instances of the confidentiality checkbox being used since (as automatic denials associated with the box being checked is an item of feedback from LEA requestors).
*From:* Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> <mailto:gnso-rdrs-sc-bounces@icann.org> *On Behalf Of *Sarah Wyld *Sent:* Wednesday, February 14, 2024 7:20 AM *To:* gnso-rdrs-sc@icann.org *Subject:* [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions
Hi all,
I understand that a request in the LEA category can have a confidentiality request along with it (the special checkbox). Will there be metric on the use of this checkbox in future reports? I didn't find it in the first one, maybe nobody had used it when that report was generated.
Thanks,
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
On 2024-01-25 9:17 a.m., Sarah Wyld wrote:
Hello all,
I've watched the meeting recording and reviewed the report, and have a couple questions.
Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? *At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual /request/ rate for domains /with /participating registrars, which is not an 'apples to apples' comparison. *
There was also some discussion about request type vs request*or* type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". *Maybe this metric should simply be renamed to "Disclosure Requests by Category"? *
Thanks very much*,*
--
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
_______________________________________________
Gnso-rdrs-sc mailing list
Gnso-rdrs-sc@icann.org
https://mm.icann.org/mailman/listinfo/gnso-rdrs-sc
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Hi Steve, I would imagine that this may occur, I've no idea if it's frequent. *Sarah Wyld, CIPP/E* Policy & Privacy Manager Pronouns: she/they swyld@tucows.com On 2024-02-15 2:47 p.m., Steve Crocker wrote:
Sarah,
You mentioned notifying the data subject. For clarification, are there circumstances where the data subject would be consulted before the registrar makes the decision whether to disclose the data? This is distinct from whether the data subject is notified of the request.
Thanks,
Steve
Sent from my iPhone
On Feb 15, 2024, at 2:41 PM, Sarah Wyld <swyld@tucows.com> wrote:
Hi,
Why do you say the requests aren't making it to the point of approval or denial? It sounds like because the request includes the confidentiality request and the registrar is not able to disclose the data without notifying the data subject that it is denied.
Regarding "/a non-RDRS external link is provided for reissuance of the request via non-RDRS means/", this is expected - the RDRS was not built to send information back and forth when the request is incomplete and needs to be supplemented, and I seem to recall feedback from LEA earlier in this RDRS process saying that adequate due process would generally be provided directly to the Registrar, not through RDRS, for confidentiality reasons. We've noted already that once a request is marked as 'denied' in RDRS it can't be updated even if the requestor then provides more information and it can be approved; perhaps altering that would help in this situation.
When you say "/the desire here is to collaborate on a solution to whatever issue(s) may be preventing participating registrars from being able to process requests when the box is ticked/", I think the issue at hand is a legal obligation to notify the data subject about the disclosure, in the absence of some legal obligation /not /to do so, such as a warrant, subpoena, or other due process in the relevant jurisdiction. I'm not sure that addressing this is within the purview of the RDRS Small Team; it may be better suited for RrSG/GAC discussions as it is not related to RDRS functionality or data gathering but is instead a question of how the registrar makes the disclosure decision.
Thanks,
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
On 2024-02-15 12:24 p.m., Gabriel Andrews wrote:
Poor choice of words on my part, Sarah, and fair to correct me, as the requests aren’t even making it to the point of approval vs denial.
Instead, we’re being told that when the confidentiality box is checked, that the participating registrar(s) ~“isn’t able to process confidential requests through RDRS at this time”, and a non-RDRS external link is provided for reissuance of the request via non-RDRS means. So the desire here is to collaborate on a solution to whatever issue(s) may be preventing participating registrars from being able to process requests when the box is ticked. This can happen privately or via Standing Committee, as those registrars prefer, but it seemed quite worth noting in RDRS SC contexts, as it impacts both data collected as well as our understanding of what technical/policy features are needed for this or future request systems to be able to process confidential requests.
*From:* Sarah Wyld <swyld@tucows.com> *Sent:* Thursday, February 15, 2024 8:30 AM *To:* Andrews, Gabriel F. (STB) (FBI) <gfandrews@fbi.gov>; gnso-rdrs-sc@icann.org *Subject:* Re: [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions
Hi all,
Apologies if this is nitpicky, but I think it's important to understand that there are no automated denials in RDRS.
Each request is reviewed and updated by a human; although it may be the case that all requests with the confidentiality checkbox were denied, it is not automatic.
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
On 2024-02-14 12:39 p.m., Gabriel Andrews wrote:
Concur I’d find that information useful. I’m not sure about review period 1, but I’m certain there were instances of the confidentiality checkbox being used since (as automatic denials associated with the box being checked is an item of feedback from LEA requestors).
*From:* Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> <mailto:gnso-rdrs-sc-bounces@icann.org> *On Behalf Of *Sarah Wyld *Sent:* Wednesday, February 14, 2024 7:20 AM *To:* gnso-rdrs-sc@icann.org *Subject:* [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions
Hi all,
I understand that a request in the LEA category can have a confidentiality request along with it (the special checkbox). Will there be metric on the use of this checkbox in future reports? I didn't find it in the first one, maybe nobody had used it when that report was generated.
Thanks,
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
On 2024-01-25 9:17 a.m., Sarah Wyld wrote:
Hello all,
I've watched the meeting recording and reviewed the report, and have a couple questions.
Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? *At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual /request/ rate for domains /with /participating registrars, which is not an 'apples to apples' comparison. *
There was also some discussion about request type vs request*or* type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". *Maybe this metric should simply be renamed to "Disclosure Requests by Category"? *
Thanks very much*,*
--
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
_______________________________________________
Gnso-rdrs-sc mailing list
Gnso-rdrs-sc@icann.org
https://mm.icann.org/mailman/listinfo/gnso-rdrs-sc
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
_______________________________________________ Gnso-rdrs-sc mailing list Gnso-rdrs-sc@icann.org https://mm.icann.org/mailman/listinfo/gnso-rdrs-sc
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Thanks. Steve On Thu, Feb 15, 2024 at 2:55 PM Sarah Wyld <swyld@tucows.com> wrote:
Hi Steve, I would imagine that this may occur, I've no idea if it's frequent.
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com On 2024-02-15 2:47 p.m., Steve Crocker wrote:
Sarah,
You mentioned notifying the data subject. For clarification, are there circumstances where the data subject would be consulted before the registrar makes the decision whether to disclose the data? This is distinct from whether the data subject is notified of the request.
Thanks,
Steve
Sent from my iPhone
On Feb 15, 2024, at 2:41 PM, Sarah Wyld <swyld@tucows.com> <swyld@tucows.com> wrote:
Hi,
Why do you say the requests aren't making it to the point of approval or denial? It sounds like because the request includes the confidentiality request and the registrar is not able to disclose the data without notifying the data subject that it is denied.
Regarding "*a non-RDRS external link is provided for reissuance of the request via non-RDRS means*", this is expected - the RDRS was not built to send information back and forth when the request is incomplete and needs to be supplemented, and I seem to recall feedback from LEA earlier in this RDRS process saying that adequate due process would generally be provided directly to the Registrar, not through RDRS, for confidentiality reasons. We've noted already that once a request is marked as 'denied' in RDRS it can't be updated even if the requestor then provides more information and it can be approved; perhaps altering that would help in this situation.
When you say "*the desire here is to collaborate on a solution to whatever issue(s) may be preventing participating registrars from being able to process requests when the box is ticked*", I think the issue at hand is a legal obligation to notify the data subject about the disclosure, in the absence of some legal obligation *not *to do so, such as a warrant, subpoena, or other due process in the relevant jurisdiction. I'm not sure that addressing this is within the purview of the RDRS Small Team; it may be better suited for RrSG/GAC discussions as it is not related to RDRS functionality or data gathering but is instead a question of how the registrar makes the disclosure decision.
Thanks,
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com On 2024-02-15 12:24 p.m., Gabriel Andrews wrote:
Poor choice of words on my part, Sarah, and fair to correct me, as the requests aren’t even making it to the point of approval vs denial.
Instead, we’re being told that when the confidentiality box is checked, that the participating registrar(s) ~“isn’t able to process confidential requests through RDRS at this time”, and a non-RDRS external link is provided for reissuance of the request via non-RDRS means. So the desire here is to collaborate on a solution to whatever issue(s) may be preventing participating registrars from being able to process requests when the box is ticked. This can happen privately or via Standing Committee, as those registrars prefer, but it seemed quite worth noting in RDRS SC contexts, as it impacts both data collected as well as our understanding of what technical/policy features are needed for this or future request systems to be able to process confidential requests.
*From:* Sarah Wyld <swyld@tucows.com> <swyld@tucows.com> *Sent:* Thursday, February 15, 2024 8:30 AM *To:* Andrews, Gabriel F. (STB) (FBI) <gfandrews@fbi.gov> <gfandrews@fbi.gov>; gnso-rdrs-sc@icann.org *Subject:* Re: [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions
Hi all,
Apologies if this is nitpicky, but I think it's important to understand that there are no automated denials in RDRS.
Each request is reviewed and updated by a human; although it may be the case that all requests with the confidentiality checkbox were denied, it is not automatic.
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
On 2024-02-14 12:39 p.m., Gabriel Andrews wrote:
Concur I’d find that information useful. I’m not sure about review period 1, but I’m certain there were instances of the confidentiality checkbox being used since (as automatic denials associated with the box being checked is an item of feedback from LEA requestors).
*From:* Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> <gnso-rdrs-sc-bounces@icann.org> *On Behalf Of *Sarah Wyld *Sent:* Wednesday, February 14, 2024 7:20 AM *To:* gnso-rdrs-sc@icann.org *Subject:* [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions
Hi all,
I understand that a request in the LEA category can have a confidentiality request along with it (the special checkbox). Will there be metric on the use of this checkbox in future reports? I didn't find it in the first one, maybe nobody had used it when that report was generated.
Thanks,
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
On 2024-01-25 9:17 a.m., Sarah Wyld wrote:
Hello all,
I've watched the meeting recording and reviewed the report, and have a couple questions.
Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? *At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual request rate for domains with participating registrars, which is not an 'apples to apples' comparison. *
There was also some discussion about request type vs request*or* type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". *Maybe this metric should simply be renamed to "Disclosure Requests by Category"? *
Thanks very much*,*
--
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
_______________________________________________
Gnso-rdrs-sc mailing list
Gnso-rdrs-sc@icann.org
https://mm.icann.org/mailman/listinfo/gnso-rdrs-sc
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
_______________________________________________ Gnso-rdrs-sc mailing list Gnso-rdrs-sc@icann.org https://mm.icann.org/mailman/listinfo/gnso-rdrs-sc
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Happy to clarify: When I say the requests appear to not make it to the point of approval or denial, what I'm saying is the messaging the LE requestor received from the registrar seemed (to our reading) to indicate that the RDRS request does not appear to make it to the point of adjudication of whether/not legal basis for disclosure exists. If we're misreading, I invite clarification and further discussion: "We are not able to handle confidential request through this platform. If you would like request this data please visit <<external link>>" I think clarity as to how often this is occurring, and how its being tracked, is very much relevant to RDRS functionality and data collection. Apart from the impact on functionality and data collection, I do also very much appreciate your willingness to discuss further in any capacity, though I note I'm not able to speak as to what the causes of the registrar's inability 'to handle confidential requests through' the RDRS platform are; your suggestion that it might be a legal obligation is possible, but no reasoning has been provided to the LE requestors that I'm aware of. G From: Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> On Behalf Of Sarah Wyld Sent: Thursday, February 15, 2024 11:42 AM To: gnso-rdrs-sc@icann.org Subject: Re: [Gnso-rdrs-sc] [EXTERNAL EMAIL] - Re: First Report questions Hi, Why do you say the requests aren't making it to the point of approval or denial? It sounds like because the request includes the confidentiality request and the registrar is not able to disclose the data without notifying the data subject that it is denied. Regarding "a non-RDRS external link is provided for reissuance of the request via non-RDRS means", this is expected - the RDRS was not built to send information back and forth when the request is incomplete and needs to be supplemented, and I seem to recall feedback from LEA earlier in this RDRS process saying that adequate due process would generally be provided directly to the Registrar, not through RDRS, for confidentiality reasons. We've noted already that once a request is marked as 'denied' in RDRS it can't be updated even if the requestor then provides more information and it can be approved; perhaps altering that would help in this situation. When you say "the desire here is to collaborate on a solution to whatever issue(s) may be preventing participating registrars from being able to process requests when the box is ticked", I think the issue at hand is a legal obligation to notify the data subject about the disclosure, in the absence of some legal obligation not to do so, such as a warrant, subpoena, or other due process in the relevant jurisdiction. I'm not sure that addressing this is within the purview of the RDRS Small Team; it may be better suited for RrSG/GAC discussions as it is not related to RDRS functionality or data gathering but is instead a question of how the registrar makes the disclosure decision. Thanks, Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com> On 2024-02-15 12:24 p.m., Gabriel Andrews wrote: Poor choice of words on my part, Sarah, and fair to correct me, as the requests aren't even making it to the point of approval vs denial. Instead, we're being told that when the confidentiality box is checked, that the participating registrar(s) ~"isn't able to process confidential requests through RDRS at this time", and a non-RDRS external link is provided for reissuance of the request via non-RDRS means. So the desire here is to collaborate on a solution to whatever issue(s) may be preventing participating registrars from being able to process requests when the box is ticked. This can happen privately or via Standing Committee, as those registrars prefer, but it seemed quite worth noting in RDRS SC contexts, as it impacts both data collected as well as our understanding of what technical/policy features are needed for this or future request systems to be able to process confidential requests. From: Sarah Wyld <swyld@tucows.com><mailto:swyld@tucows.com> Sent: Thursday, February 15, 2024 8:30 AM To: Andrews, Gabriel F. (STB) (FBI) <gfandrews@fbi.gov><mailto:gfandrews@fbi.gov>; gnso-rdrs-sc@icann.org<mailto:gnso-rdrs-sc@icann.org> Subject: Re: [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions Hi all, Apologies if this is nitpicky, but I think it's important to understand that there are no automated denials in RDRS. Each request is reviewed and updated by a human; although it may be the case that all requests with the confidentiality checkbox were denied, it is not automatic. Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com> On 2024-02-14 12:39 p.m., Gabriel Andrews wrote: Concur I'd find that information useful. I'm not sure about review period 1, but I'm certain there were instances of the confidentiality checkbox being used since (as automatic denials associated with the box being checked is an item of feedback from LEA requestors). From: Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org><mailto:gnso-rdrs-sc-bounces@icann.org> On Behalf Of Sarah Wyld Sent: Wednesday, February 14, 2024 7:20 AM To: gnso-rdrs-sc@icann.org<mailto:gnso-rdrs-sc@icann.org> Subject: [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions Hi all, I understand that a request in the LEA category can have a confidentiality request along with it (the special checkbox). Will there be metric on the use of this checkbox in future reports? I didn't find it in the first one, maybe nobody had used it when that report was generated. Thanks, Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com> On 2024-01-25 9:17 a.m., Sarah Wyld wrote: Hello all, I've watched the meeting recording and reviewed the report, and have a couple questions. Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual request rate for domains with participating registrars, which is not an 'apples to apples' comparison. There was also some discussion about request type vs requestor type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". Maybe this metric should simply be renamed to "Disclosure Requests by Category"? Thanks very much, -- Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com> _______________________________________________ Gnso-rdrs-sc mailing list Gnso-rdrs-sc@icann.org<mailto:Gnso-rdrs-sc@icann.org> https://mm.icann.org/mailman/listinfo/gnso-rdrs-sc _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Hi, /"When I say the requests appear to not make it to the point of approval or denial, what I’m saying is the messaging the LE requestor received from the registrar seemed (to our reading) to indicate that the RDRS request does not appear to make it to the point of adjudication of whether/not legal basis for disclosure exists"/ Thanks, that makes more sense to me. It wouldn't get to the point of considering if there is a legal basis for the disclosure or not, because regardless it can't be done with the requested confidentiality. *Sarah Wyld, CIPP/E* Policy & Privacy Manager Pronouns: she/they swyld@tucows.com On 2024-02-15 4:05 p.m., Gabriel Andrews wrote:
Happy to clarify:
When I say the requests appear to not make it to the point of approval or denial, what I’m saying is the messaging the LE requestor received from the registrar seemed (to our reading) to indicate that the RDRS request does not appear to make it to the point of adjudication of whether/not legal basis for disclosure exists. If we’re misreading, I invite clarification and further discussion:
/"We are not able to handle confidential request through this platform. If you would like request this data please visit <<external link>>”///
I think clarity as to how often this is occurring, and how its being tracked, is very much relevant to RDRS functionality and data collection.
Apart from the impact on functionality and data collection, I do also very much appreciate your willingness to discuss further in any capacity, though I note I’m not able to speak as to what the causes of the registrar’s inability ‘to handle confidential requests through’ the RDRS platform are; your suggestion that it might be a legal obligation is possible, but no reasoning has been provided to the LE requestors that I’m aware of.
G
*From:* Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> *On Behalf Of *Sarah Wyld *Sent:* Thursday, February 15, 2024 11:42 AM *To:* gnso-rdrs-sc@icann.org *Subject:* Re: [Gnso-rdrs-sc] [EXTERNAL EMAIL] - Re: First Report questions
Hi,
Why do you say the requests aren't making it to the point of approval or denial? It sounds like because the request includes the confidentiality request and the registrar is not able to disclose the data without notifying the data subject that it is denied.
Regarding "/a non-RDRS external link is provided for reissuance of the request via non-RDRS means/", this is expected - the RDRS was not built to send information back and forth when the request is incomplete and needs to be supplemented, and I seem to recall feedback from LEA earlier in this RDRS process saying that adequate due process would generally be provided directly to the Registrar, not through RDRS, for confidentiality reasons. We've noted already that once a request is marked as 'denied' in RDRS it can't be updated even if the requestor then provides more information and it can be approved; perhaps altering that would help in this situation.
When you say "/the desire here is to collaborate on a solution to whatever issue(s) may be preventing participating registrars from being able to process requests when the box is ticked/", I think the issue at hand is a legal obligation to notify the data subject about the disclosure, in the absence of some legal obligation /not /to do so, such as a warrant, subpoena, or other due process in the relevant jurisdiction. I'm not sure that addressing this is within the purview of the RDRS Small Team; it may be better suited for RrSG/GAC discussions as it is not related to RDRS functionality or data gathering but is instead a question of how the registrar makes the disclosure decision.
Thanks,
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
On 2024-02-15 12:24 p.m., Gabriel Andrews wrote:
Poor choice of words on my part, Sarah, and fair to correct me, as the requests aren’t even making it to the point of approval vs denial.
Instead, we’re being told that when the confidentiality box is checked, that the participating registrar(s) ~“isn’t able to process confidential requests through RDRS at this time”, and a non-RDRS external link is provided for reissuance of the request via non-RDRS means. So the desire here is to collaborate on a solution to whatever issue(s) may be preventing participating registrars from being able to process requests when the box is ticked. This can happen privately or via Standing Committee, as those registrars prefer, but it seemed quite worth noting in RDRS SC contexts, as it impacts both data collected as well as our understanding of what technical/policy features are needed for this or future request systems to be able to process confidential requests.
*From:* Sarah Wyld <swyld@tucows.com> <mailto:swyld@tucows.com> *Sent:* Thursday, February 15, 2024 8:30 AM *To:* Andrews, Gabriel F. (STB) (FBI) <gfandrews@fbi.gov> <mailto:gfandrews@fbi.gov>; gnso-rdrs-sc@icann.org *Subject:* Re: [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions
Hi all,
Apologies if this is nitpicky, but I think it's important to understand that there are no automated denials in RDRS.
Each request is reviewed and updated by a human; although it may be the case that all requests with the confidentiality checkbox were denied, it is not automatic.
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
On 2024-02-14 12:39 p.m., Gabriel Andrews wrote:
Concur I’d find that information useful. I’m not sure about review period 1, but I’m certain there were instances of the confidentiality checkbox being used since (as automatic denials associated with the box being checked is an item of feedback from LEA requestors).
*From:* Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> <mailto:gnso-rdrs-sc-bounces@icann.org> *On Behalf Of *Sarah Wyld *Sent:* Wednesday, February 14, 2024 7:20 AM *To:* gnso-rdrs-sc@icann.org *Subject:* [EXTERNAL EMAIL] - Re: [Gnso-rdrs-sc] First Report questions
Hi all,
I understand that a request in the LEA category can have a confidentiality request along with it (the special checkbox). Will there be metric on the use of this checkbox in future reports? I didn't find it in the first one, maybe nobody had used it when that report was generated.
Thanks,
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
On 2024-01-25 9:17 a.m., Sarah Wyld wrote:
Hello all,
I've watched the meeting recording and reviewed the report, and have a couple questions.
Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? *At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual /request/ rate for domains /with /participating registrars, which is not an 'apples to apples' comparison. *
There was also some discussion about request type vs request*or* type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". *Maybe this metric should simply be renamed to "Disclosure Requests by Category"? *
Thanks very much*,*
--
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
_______________________________________________
Gnso-rdrs-sc mailing list
Gnso-rdrs-sc@icann.org
https://mm.icann.org/mailman/listinfo/gnso-rdrs-sc
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Hello Sarah and Standing Committee members, With my apologies for the delayed reply: I wanted to get back to Sarah on her question regarding a metric for the use of the “confidentiality request” feature. This is not included in the current metrics report, as it was not one of the agreed-upon metrics we discussed with the Small Team in 2023. That being said, we are tracking this data and could add a metric on it. So far, we’ve seen it used 53 times. More broadly, the project team would like to discuss the cadence of changes to metrics reporting on your 26 Feb. call. We look forward to discussing this topic more then. Many thanks, Eleeza From: Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> on behalf of Sarah Wyld <swyld@tucows.com> Organization: Tucows Date: Wednesday, February 14, 2024 at 7:20 AM To: "gnso-rdrs-sc@icann.org" <gnso-rdrs-sc@icann.org> Subject: Re: [Gnso-rdrs-sc] First Report questions Hi all, I understand that a request in the LEA category can have a confidentiality request along with it (the special checkbox). Will there be metric on the use of this checkbox in future reports? I didn't find it in the first one, maybe nobody had used it when that report was generated. Thanks, Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com> On 2024-01-25 9:17 a.m., Sarah Wyld wrote: Hello all, I've watched the meeting recording and reviewed the report, and have a couple questions. Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual request rate for domains with participating registrars, which is not an 'apples to apples' comparison. There was also some discussion about request type vs requestor type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". Maybe this metric should simply be renamed to "Disclosure Requests by Category"? Thanks very much, -- Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com<mailto:swyld@tucows.com> _______________________________________________ Gnso-rdrs-sc mailing list Gnso-rdrs-sc@icann.org<mailto:Gnso-rdrs-sc@icann.org> https://mm.icann.org/mailman/listinfo/gnso-rdrs-sc _______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Thanks Eleeza, looking forward to our meeting. *Sarah Wyld, CIPP/E* Policy & Privacy Manager Pronouns: she/they swyld@tucows.com On 2024-02-22 7:33 p.m., Eleeza Agopian wrote:
Hello Sarah and Standing Committee members,
With my apologies for the delayed reply: I wanted to get back to Sarah on her question regarding a metric for the use of the “confidentiality request” feature. This is not included in the current metrics report, as it was not one of the agreed-upon metrics we discussed with the Small Team in 2023. That being said, we are tracking this data and could add a metric on it. So far, we’ve seen it used 53 times.
More broadly, the project team would like to discuss the cadence of changes to metrics reporting on your 26 Feb. call. We look forward to discussing this topic more then.
Many thanks,
Eleeza
*From: *Gnso-rdrs-sc <gnso-rdrs-sc-bounces@icann.org> on behalf of Sarah Wyld <swyld@tucows.com> *Organization: *Tucows *Date: *Wednesday, February 14, 2024 at 7:20 AM *To: *"gnso-rdrs-sc@icann.org" <gnso-rdrs-sc@icann.org> *Subject: *Re: [Gnso-rdrs-sc] First Report questions
Hi all,
I understand that a request in the LEA category can have a confidentiality request along with it (the special checkbox). Will there be metric on the use of this checkbox in future reports? I didn't find it in the first one, maybe nobody had used it when that report was generated.
Thanks,
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
On 2024-01-25 9:17 a.m., Sarah Wyld wrote:
Hello all,
I've watched the meeting recording and reviewed the report, and have a couple questions.
Metric 10 was discussed during the meeting; the understanding I came away with was that although it shows that 80% of lookups were for domains registered with non-participating registrars, the actual distribution of lookup between participating and non-participating was about 50/50. It seemed that a large portion of the lookups for domains with participating registrars do not proceed to the request stage, so only 19% of those lookups turn into requests, leaving us with the impression that most lookups are for non-participating when that is actually not the case. If that understanding is correct (and I think it is, but it sure is convoluted upon re-reading it) can this be made more clear somehow in the report? *At this point the Metric 10 is comparing the lookup rate for domains with non-participating registrars against the actual /request/ rate for domains /with /participating registrars, which is not an 'apples to apples' comparison. *
There was also some discussion about request type vs request*or* type. Metric 8 is titled "Disclosure Requests by Requestor Type" but the chart itself has a column "Request Category". This may seem like a distinction without difference but I do think we should be consistent; are we categorizing the request itself, or the requestor? I think it's the request, since in RDRS the user selects a "request category". *Maybe this metric should simply be renamed to "Disclosure Requests by Category"? *
Thanks very much*,*
--
*Sarah Wyld, CIPP/E*
Policy & Privacy Manager Pronouns: she/they
swyld@tucows.com
_______________________________________________
Gnso-rdrs-sc mailing list
Gnso-rdrs-sc@icann.org
https://mm.icann.org/mailman/listinfo/gnso-rdrs-sc
_______________________________________________
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
participants (6)
-
Eleeza Agopian -
Gabriel Andrews -
Paul McGrady -
Sarah Wyld -
Sebastien@registry.godaddy -
Steve Crocker