Dear All, Please find below the notes and action items from today’s meeting. Please look out for next iterations of the Criminal Investigation/DNS Abuse Mitigation Use Case & Purpose statement by Rod. As the turnaround time is short, please share your feedback as soon as possible with the mailing list. The objective is to finalise the draft by Thursday so it can be submitted to the full WG for review by Friday 10 November. Best regards, Marika ============ DT7 Meeting on Tuesday 7 November 2017 Notes: 1. Roll Call * On the call, Dick Leaning, Rod Rasmussen and Marc Anderson 2. Reactions to ICANN60 feedback – any edits that are required as a result? * See notes from F2F meeting in Abu Dhabi * Consider extracting discussion that was held with the GAC to annex. Action item #1: Staff to add links to relevant GAC sessions to the document as another venue in which similar use cases were discussed. 3. Edits to address action item from ICANN60 (see a-e below) * One purpose of multiple purposes? One high level purpose, or does it make sense to break it out in multiple purposes? * At least 3, but probably more: identification of a domain name has been registered maliciously, notification of certain action associated with abuse, risk assessment of domains (investigate, notify the appropriate party, automate reputation). Each of these need different data and have different actors involved so would warrant different purposes. * Further sub-categories may need to be identified to allow for differentiated access (roll-based access). * Need to distinguish between name that has been registered maliciously and a name that has been compromised? * Check EWG report as it identified a number of contact points in relation to criminal investigation. * Keep details but roll up to higher level statement. * Should focus be on existing data collected or future ones – latter, forward looking approach as per the WG charter. * Consider including the consequences of not providing consent so that it is clear to registrants of what may happen if they opt-out. Important for end-users to be able to make an informed decision also based on the consequences of no consent. Possible example for notification purpose: “The following information is collected for the purpose of enabling notification by regulatory authorities, law enforcement, cybersecurity professionals, IT administrators, automated protection systems and other incident responders of the appropriate party (registrant, providers of associated services, registrar, etc), of abuse linked to a certain domain name registration to allow for mitigation and resolution of the abuse identified: Registrant contact information, Registrar contact Information, DNS contact, etc.. The possible consequences of not collecting / allowing access to this information are: [include examples]. 4. Plan to complete drafting team’s work: a. Volunteer needed to apply final edits by Wednesday 8 Nov Action item #2: Rod Rasmussen will send current interim draft to DT for input today and will circulate additional draft purpose statements as completed, for DT review at the latest by COB Wednesday 8 November. Action item #3: All DT7 members to review and finalize output on Thursday 9 Nov Action item #4: Marika to submit final output to WG no later than Friday 10 Nov d. Volunteer needed to present to WG on 5.Tuesday 14 Nov call Rod Rasmussen will present the DT output during next week's WG meeting. 6. AOB/Adjourn Marika Konings Vice President, Policy Development Support – GNSO, Internet Corporation for Assigned Names and Numbers (ICANN) Email: marika.konings@icann.org<mailto:marika.konings@icann.org> Follow the GNSO via Twitter @ICANN_GNSO Find out more about the GNSO by taking our interactive courses<http://learn.icann.org/courses/gnso> and visiting the GNSO Newcomer pages<http://gnso.icann.org/sites/gnso.icann.org/files/gnso/presentations/policy-e...>.