Dear TPR WG members, Please find below the brief notes and action items from the ICANN81 working session. The next meeting will take place on Tuesday, 26 November 2024 at 16:00 UTC. Kind regards, Feodora on behalf of the TPR WG Support Team 2024-11-09 Transfer Policy Review PDP Working Group - ICANN81<https://community.icann.org/display/TPRPDP/2024-11-09+Transfer+Policy+Review...> Documents: 1. Link to Public Comment Review Tool (PCRT):https://docs.google.com/spreadsheets/d/1lyX27uECA5bNKRw-UOIH2bAaTRvec1YkX1EK... [docs.google.com]<https://urldefense.com/v3/__https:/docs.google.com/spreadsheets/d/1lyX27uECA...> 2. Link to Rec Drafting Guide: https://docs.google.com/document/d/1YODFe-aZOi1AQ3c8f2-y8MXtcUU4PjzsByFzk-dp... [docs.google.com]<https://urldefense.com/v3/__https:/docs.google.com/document/d/1YODFe-aZOi1AQ...> Action Item: Assignment 5 – Rec #34 – 47 (Group 2 ICANN-approved transfers + BTAPPA) - Deadline:11/25/2024 1. Welcome and Chair Updates 2. Recommendation 27 (Change of Registrant Data Notifications) * 27.2 – Time Period for Registrant Actions Discussion centered on whether to define a time limit for registrants to act on notifications regarding unauthorized changes. Adding a time constraint might unnecessarily restrict registrant flexibility. A time frame could prevent outdated or irrelevant disputes. No need to add a specific time limit. * 27.5 – Material Changes and Notifications Comment: Clarify if changes in phone numbers and addresses, in conjunction with name/organization changes, must trigger notifications. Concerns raised about mixed language (“may” vs. “must”) within the recommendation. Agreed to refine language, possibly referencing existing definitions from Recommendation 25. * 27.6 – Consolidated Notifications Comments addressed the potential issue of registrants receiving overwhelming notifications for bulk domain updates. Security concerns raised about displaying all affected domains in notifications, especially for SMS alerts with character limits. WG members suggested consolidated notifications should be allowed. Specific details (e.g., list of domains) should be accessible through secure systems rather than included in notifications. * 27.8 – Participants suggested clearer wording on remedial action. Chair suggested to review RAA for overlap with existing requirements. 3. Recommendation 28 * Participants discussed concerns about complexity and risk of compromised accounts enabling opt-outs. * Security for Opt-Outs Suggestion to mandate two-factor authentication (2FA) for registrants opting out of notifications. Feodora Hamza Policy Development Support Manager (GNSO) Internet Corporation for Assigned Names and Numbers (ICANN) Mobile: +32 496 30 24 15 Email: feodora.hamza@icann.org<mailto:feodora.hamza@icann.org> Website: www.icann.org<http://www.icann.org>