Hello all, We should keep DNS Abuse separate from this Urgent disclosure request conversation. DNS Abuse, which is defined as phishing, pharming, malware, botnets, and spam when delivering the other four types of Abuse, has (in comparison to Urgent disclosure requests) a different process for escalation to the Registrar's Abuse contact (often not the same person as the one evaluating the disclosure request), and a completely different review and decision-making process. Identifying malware or phishing on a website is a completely different skillset than conducting a legal balancing test of rights. The differences in these two problems and processes also mean that the time it takes to address them is different. Although 24 hours has been accepted for responding to abuse reports it is not what the Phase 1 EPDP team agreed on for answering disclosure requests and it is not a reasonable timeframe for registrars to be held to meet. It cannot be what this IRT includes in the Policy. -- Sarah Wyld, CIPP/E Policy & Privacy Manager Pronouns: she/they swyld@tucows.com From: Kapin, Laureen via IRT.RegDataPolicy Sent: July 19, 2023 1:14 PM To: Rubens Kuhl; Dennis Chang via IRT.RegDataPolicy Subject: Re: [IRT.RegDataPolicy] [EXTERNAL] Proposal for reconcilingcompeting issues related to Urgent requests Thanks for this exchange. Urgent requests (which only apply to circumstances that pose an imminent threat to life, of serious bodily injury, to critical infrastructure, or of child exploitation) may or may not involve DNS Abuse (perhaps more likely re: threats to infrastructure) but certainly involve very grave situations. That’s the rationale for the 24 hour response timeframe. Looking forward to our discussion later today. Kind regards, Laureen Kapin Assistant Director for International Consumer Protection Office of International Affairs Federal Trade Commission lkapin@ftc.gov From: IRT.RegDataPolicy <irt.regdatapolicy-bounces@icann.org> On Behalf Of Rubens Kuhl via IRT.RegDataPolicy Sent: Wednesday, July 19, 2023 12:55 PM To: Dennis Chang via IRT.RegDataPolicy <irt.regdatapolicy@icann.org> Subject: Re: [IRT.RegDataPolicy] [EXTERNAL] Proposal for reconciling competing issues related to Urgent requests Em 19 de jul. de 2023, à(s) 13:32, BF <bettyfausta@gmail.com> escreveu: I support the proposition of June 7 For Urgent Requests for Lawful Disclosure, Registrar and Registry Operator MUST acknowledge and respond without undue delay, but no more than 24 hours two (2) business days from receipt. This for me is useful for crises like DNS Abuse and can be comprehensive for large time zone matters. This policy is about urgent disclosure requests, not DNS Abuse. For DNS Abuse there are contractual provisions other than Reg Data Policy. Conflating the issues is not helpful. Rubens