Thanks, Marc. It looks like most others on the team are unable to weigh in prior to Puerto Rico. Would you be in a position to continue your line of thought for the identification / prosecution of a criminal?

 

In relation to your proposed responses, instead of referring to the traditional roles, you may want to try and describe what you are looking for in the person(s) that you are trying to identify and/or contact in the response to question 1? Presumably in the victim notification use case you are looking for the person who is able to mitigate the abuse and as such is in control of the domain name registration or able to demonstrate ownership of the registration to reclaim control? Is it helpful/necessary to describe the type of abuse that is involved, e.g. whether the domain name registration is still under the control of the domain name registrant or whether control has been taken over by the abuser?

 

Best regards,

 

Marika

 

Marika, thanks for the recap of the assignment.  I’ve been swamped as I’m sure the rest of you are, but I wanted to send out a few thoughts before we get into the weekend to try and kick start the conversation.

 

Based on our discussions last time I’d say the answers to these questions depend on the use case.  We identified a number of use cases but I think for these questions they can probably be divided between two categories.   1) RDS data used to notify a victim and 2) RDS data used to identify/prosecute a criminal.  I know this is over simplifying things and ignores the gray area in between where (especially initially) it might not be know if the domain registrant is the victim or the abuser, but given the short time frame until ICANN 61, it might be helpful to frame our answers around those two scenarios.  Any thoughts… does that sound reasonable?

 

I’ll take a first pass at some answers for the victim notification use case (mostly because I think those will be easier to answer J ).

 

1. Who associated with the domain name registration needs to be identified and/or contacted for each purpose?

With traditional Whois data fields I would answer this by saying the Registrant, Admin and Technical contact.  As I’m a proponent of trying not to think in terms of the legacy data fields (and like the roles based approach suggested by the EWG) I’d answer with the domain name owner and the admin, tech and abuse roles for the domain.  Here I think “contact-ability” is key and so what’s important for this use case if having accurate and up to date information about how to contact someone with authority for the domain name is what is needed.

2. What is the objective achieved by identifying and/or contacting each of those entities?

The objective seems to be basically stated in the use case: notify the domain name owner and/or someone with authority for the domain name of abuse associated with the domain name registration.

3. What might be expected of that entity with regard to the domain name?

Here I think the expected action is for the domain name owner or person with authority for the domain name to take action to correct the abuse associated with the domain name.

 

 

Hopefully I’m on the right track and that gets us started.

 

Thanks,
Marc

 

 

 

 

 

 

Dear Drafting Team 7,

 

As those who were on today’s call heard, we have decided to take a week to prep for ICANN61 by working on a specific assignment in drafting team mode.

 

Our team’s assignment is to reexamine our past output on Criminal Activity/ DNS Abuse Mitigation:

 

https://community.icann.org/download/attachments/74580010/DraftingTeam7-CrimInvAbuseMit-10%20Nov%202017%20clean.pdf?version=1&modificationDate=1510442602000&api=v2[community.icann.org]

 

to answer the following questions more explicitly and conceptually:

1. Who associated with the domain name registration needs to be identified and/or contacted for each purpose?
2. What is the objective achieved by identifying and/or contacting each of those entities?
3. What might be expected of that entity with regard to the domain name?

 

To prep for ICANN61, it is imperative that we discuss these questions and produce output over the next week – ideally by 5 March but no later than 7 March.

 

We know this is a tall order, give a short timeframe. However, the leadership believes that this will help us use our F2F time at ICANN61 more effectively, which I hope we all agree would be a terrific idea.

 

To give us a head start, attached please find a first draft at answers, prepared by me from our past output, and raising a few potential gaps for discussion.

 

To learn more about this assignment, please read these instructions: https://community.icann.org/download/attachments/79432608/Drafting%20Team%20Assignment%2026%20Feb.pdf[community.icann.org].  

 

If you were unable to attend today’s WG call, please catch up by reading or listening to the call recording/notes/transcript: https://community.icann.org/x/oAu8B[community.icann.org].

 

To get started, please ask any questions you may have about this assignment within the next 24 hours.

 

If you have any suggested edits or additions or deletions to the attached first draft, even better!  I encourage you to share them in reply to this message, copying the DT mailing list gnso-rds-pdp-7@icann.org.

 

Thanks for doing what you can to help this drafting team come through on this new assignment.

 

Best regards,

 

Marika

 

Marika Konings

Vice President, Policy Development Support – GNSO, Internet Corporation for Assigned Names and Numbers (ICANN) 

Email: marika.konings@icann.org  

 

Follow the GNSO via Twitter @ICANN_GNSO

Find out more about the GNSO by taking our interactive courses[learn.icann.org] and visiting the GNSO Newcomer pages[gnso.icann.org].