Focus on:

- The executive summary.  If you read that, you've pretty much got the lot. The first part is mostly unchanged, until we start to get to the Findings and Recommendations. The format of the findings and recommendations has been reworked, so that each recommendation is introduced by the relevant findings.  The text of the findings is mostly new minted, but takes the same approach as the previous draft.  The recommendations are mostly the same idea, with bits of clarification when it was clear that we'd confused people (!).

- The substantively changed recommendations are:

1. strategic priority is fuller, and is now split out from compliance, which also has a fuller, standalone set of recommendations.  

2. Privacy/proxy are now handled together, and we're no longer suggesting voluntary best practices for proxies.  Instead we're asking for an accreditation process to be developed (it will need a PDP to be sure).  

3. The look-up - the old recommendation 17 which had two alternatives - has been changed. I hope, simplified.  We're now proposing operational amendments to Internic, which should be possible without policy development.  In a nutshell, it's "make this less horrible for users".

- Chapter 4 (Compliance) is completely rewritten

- Appendix B (which is completely new) is my correspondence with staff about compliance staff numbers, spend etc...