Hi all! Thanks for the valuable discussion at our last IRT meeting. I wanted to bring this group’s attention to Sarah’s suggestion below of having ICANN maintain two lists of authenticated LEA requesters and registrar contact points (#2 in her list). This seems like good path forward. As was discussed on the call, it will be hard to come to ground on an appropriate timeline (and the language articulating those requirements) without also considering the practical aspects of implementation – I think what Sarah highlighted below could help move our discussion along (especially considering our short timeline) and suggest the IRT explore it at our subsequent meetings. Thanks again and looking forward to connecting in Prague! David David Bedard Manager, Internet Governance, International Telecommunications and Internet Policy Strategic Policy Sector Innovation, Science and Economic Development Canada / Government of Canada david.bedard@ised-isde.gc.ca<mailto:david.bedard@ised-isde.gc.ca> | Mobile: 343-573-9434 From: Sarah Wyld via IRT.RegDataPolicy <irt.regdatapolicy@icann.org> Sent: May 21, 2025 3:30 PM To: irt.regdatapolicy@icann.org Subject: [IRT.RegDataPolicy] Suggestions from today's call Hello team, Thank you for a thoughtful and productive call today. I want to take a moment to recap my input and address some of what we discussed. 1. Urgent requests are already being handled. We should understand what problems or gaps exist in the current process to ensure that these are addressed by our implementation of this Policy recommendation. Can someone on the requestor side provide more information on that? 2. We must consider the practical aspects of the implementation. There is a requirement in the Registration Data Policy that the Registrar and Registry Operator must publish the mechanism and process for submitting Disclosure Requests. If Urgent requests are to be properly triaged they would need to go through a separate path, and that separate path must not be public or it will be misused. Perhaps we should consider having ICANN maintain two lists: one of authenticated LEA requestors (with jurisdiction), and one of registrar contact points (with jurisdiction); in Urgent cases the authenticated LEA person would be able to access the registrar's emergency disclosure point of contact. 3. Scope of the IRT Isabelle raised a reasonable question of scope; we've been asked to work on the timeline, and the method for submitting requests is a separate thing although (as we agreed on the call) they are related. We all share the goal of implementing the EPDP Phase 1 Rec 18 in a functional and useful manner, so to ignore the request submission process would not achieve this goal. As long as we do work on a timeline I don't think we are prevented from working on other related topics. Thank you, -- Sarah Wyld, CIPP/E Pronouns: she/they Head, Policy & Privacy Tucows #MakingTheInternetBetter swyld@tucows.com<mailto:swyld@tucows.com> Responses to this email are processed according to the Tucows Privacy Policy<https://www.tucows.com/privacy>