Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


CCT Implementation - Status of 17 Recommendations

Complete  (4 recs.)

Recommendations 16, 17, 18, 31

In progress  (11 recs.)

Recommendations 1, 7, 8, 11, 13, 20, 21, 23, 24, 26, 30

Not started  (2 recs.)

Recommendations 6, 22



N E W S  /  U P D A T E S

News


 
Status
colourGrey
titleDEC 2022

M

Progress by Quarter


Status
colourGrey
titleAPR 2022

Status
titleJun 2022

Status
titleSEPT 2022

Status
colourGrey
titleDEC 2022

Q4 2022

Complete3334
In progress44511
Not started101092



Rec #

Implementation Status

Priority level assigned by the community 

(where P1 corresponds to the highest priority and P4 to the lowest - see here for more information)

Description

Implementation Update 

*This updated table reflects current and reclassified implementation status categories of "Complete", "In Progress", and "Not started". Previously, it showed implementation design status. Because of this update, the status of some recommendations may have changed from prior reporting to now represent their implementation status.Notes

1

In progress

P1

Formalize and promote ongoing data collection.

Implementation will take place in phases, with existing resources used for the initial definition and planning stages. Ongoing and operational activities may have incremental costs related to staffing, procurement, software, and other tools.

6

Not started

P2

Partner with mechanisms and entities involved with the collection of TLD data. As feasible, collect TLD registration number data per TLD and registrar at a country-by-country level in order to perform analysis based on the same methods used in the Latin American and Caribbean DNS Marketplace (LAC) Study.

N/A

7

In progress

P4

Collect domain usage data to better understand the implications of parked domains.

Implementation activities will include investigating existing definitions of parking, including the CCT-RT's definition and its data collection methodologies, and initiating discussions with the ICANN community.

8

In progress

P1

Conduct periodic surveys of registrants that gathers both objective and subjective information with a goal of creating more concrete and actionable information.

Implementation will include the development of a consumer/end-user/public survey.

11

In progress

P1

Conduct periodic end-user consumer surveys. Future review teams should work with survey experts to conceive more behavioral measures of consumer trust that gather both objective and subjective data with a goal toward generating more concrete and actionable information.

Implementation will include the development of a consumer/end-user/public survey.

13

In progress

Items 1, 2, 4 (in part) prioritized as P1

Items 3, 4 (in part), 5 prioritized as P2

ICANN should collect data in conjunction with its related data collection activities on the impact of restrictions on who can buy domains within certain new gTLDs (registration restrictions) to help regularly determine and report:

1. Whether consumers and registrants are aware that certain new gTLDs have registration restrictions;

2. Compare consumer trust levels between new gTLDs with varying degrees of registration restrictions; [...]

Implementation of recommendation 13 items 1, 2, 4 (in part) will include the development of a consumer/end-user/public survey.

Item 3 would require an agreement with a vendor to conduct the study.

Implementation of recommendation 13 items 4 (in part) and 5 will include a voluntary pilot survey of Contracted Parties

16

Complete

N/A

Further study the relationship between specific registry operators, registrars, and DNS Security Abuse by commissioning ongoing data collection, including but not limited to, ICANN DAAR initiatives.

See implementation documentation.

17

Complete

N/A

ICANN should collect data about and publicize the chain of parties responsible for gTLD domain name registrations.

See implementation documentation.

18

Complete

N/A

In order for the upcoming WHOIS Review Team to determine whether additional steps are needed to improve WHOIS accuracy, and whether to proceed with the identity phase of the Accuracy Reporting System (ARS) project, ICANN should gather data to assess whether a [...]

See implementation documentation.

20

In progress

P2

Assess whether mechanisms to report and handle complaints have led to more focused efforts to combat abuse by determining:

(1) the volume of reports of illegal conduct in connection with the use of the TLD that registries receive from governmental and quasi-governmental agencies;

(2) the volume of inquires that registries receive from the public related to malicious conduct in the TLD;

(3) whether more efforts are needed to publicize contact points to report complaints [...]

Implementation will include a voluntary pilot survey of Contracted Parties

21

In progress

Item 2 prioritized as P2

Include more detailed information on the subject matter of complaints in ICANN publicly available compliance reports. Specifically, more precise data on the subject matter of complaints, particularly: (1) the class/type of abuse; (2) the gTLD that is target of the abuse; (3) the safeguard that is at risk; (4) an indication of whether complaints relate to the protection of sensitive health or financial information; (5) what type of contractual breach is being complained of; and (6) resolution status of the complaints, including action details. These details would assist future review teams in their assessment of these safeguards.

Contractual Compliance had already included four of these factors (class/type of abuse, safeguard at risk, documented risk to sensitive health or financial information, and type of contractual breach) in its reporting, as noted by the Board in its 1 March 2019 Board resolution on the CCT Final Report. A fifth data point offering "resolution status of the complaints, including action details" was added in August 2019.

With respect to the recommendation that the reporting should include the gTLD being abused, the Board directed ICANN org to "investigate the potential negative impacts of implementing this item on enforcement of compliance, track this effort and propose a mitigation plan in case of any negative effects."

Although ICANN Contractual Compliance has the data, discussion and alignment within the org and/or community is required on how to approach publishing such information. Completion of this step is contingent on ongoing community discussions pertaining to reaching a common understanding of what DNS abuse is, and related terms, as well as best practices that the DNS industry could adopt, expand or improve upon.

22

Not started

P2

Initiate engagement with relevant stakeholders to determine what best practices are being implemented to offer reasonable and appropriate security measures commensurate with the offering of services that involve the gathering of sensitive health and financial information. Such a discussion could include identifying what falls within the categories of "sensitive health and financial information" and what metrics could be used to measure compliance with this safeguard.

N/A

23

In progress

P2

ICANN should gather data on new gTLDs operating in highly-regulated sectors to include the following elements:

- A survey to determine:

1) the steps registry operators are taking to establish working relationships with relevant government or industry bodies; and

2) the volume of complaints received by registrants from government and regulatory bodies and their standard practices to respond to complaints. [...]

ICANN Contractual Compliance currently reports on volume and nature of complaints received regarding gTLDs operating in highly-regulated sectors.

Implementation of recommendation 23 items A, C (in part), D will include a voluntary pilot survey of Contracted Parties

With respect to audit on registration practices, ICANN org will continue to monitor complaint trends in this area, and to plan for an audit if any risk is identified.

24

In progress

Item B prioritized as P2

a. Determine whether ICANN Contractual Compliance should report on a quarterly basis whether it has received complaints for a registry operator's failure to comply with either the safeguard related to gTLDs with inherent governmental functions or the safeguard related to cyberbullying.

b. Survey registries to determine:

1) whether they receive complaints related to cyberbullying and misrepresenting [...]

ICANN org's Contractual Compliance reporting includes data that addresses Recommendation 24 item A.

Implementation of recommendation 24 item B will include a voluntary pilot survey of Contracted Parties

26

In progress

P2

A study to ascertain the impact of the New gTLD Program on the costs required to protect trademarks in the expanded DNS space should be repeated at regular intervals to see the evolution over time of those costs. The CCT Review Team recommends that the next study be completed within 18 months after issuance of the CCT Final Report, and that subsequent studies be repeated every 18 to 24 months. The CCT Review Team acknowledges [...]

N/A

30

In progress

Not eligible for prioritization

Expand and improve outreach into the Global South.

N/A

31

Complete

N/A

The ICANN organization to coordinate the pro bono assistance program.

See implementation documentation.