Page History
...
b. Criminal Investigation/DNS Abuse Mitigation (DT#7)
- Link to Draft: https://community.icann.org/download/attachments/69280637/DraftingTeam7-CrimInvAbuseMit-1%20November%202017.pdf
- Slides: https://community.icann.org/download/attachments/69280637/RDS3-DT7%20Overview%20for%20ICANN%2060.pdf
- Category covers all use of an RDS to support criminal and other investigations
- Users include law enforcement, cybersec professionals, IT admins protecting their own networks, automated protection systems, others pursing abuse issues
- Definition of “Abuse” is included in the definition slide 2
- Who you need to contact depends upon the particular abuse case
- Expand investigation to understand scope of abuse may involve identifying additional domain names
- Investigation may lead to request to suspend domain names
- Users either making a lot of ad hoc requests to support investigation or automated processes that query data for a large number of domains – probably more than one purpose
- Categories of Actions – should include hosting providers getting involved in mitigation, as opposed to just the registrars for the underlying DNs
- Re: hosting companies may not be willing to talk to investigator but may be willing to talk to the DN’s Tech/Admin contact
- Relationship to compliance and reg enforcement purpose as well? Where do these purposes overlap or do they just relate to each other in a way that can be defined?
- No such thing as world-recognized law enforcement – jurisdiction may play role in determining users and chains of users (3d matrix?, even GDPR does not address needs of law enforcement)
- Note that who gets access to what data still needs to be addressed, even after defining the purpose and data involved
- Noted that these cases are about access and not putting data into the system in the first place
...
d. Academic/Public Interest DNS Research (DT#1)
- Link to Draft: https://community.icann.org/download/attachments/69280637/techissues1.pdf
- For example, DN registration history was used in a study of the introduction of new TLDs
- Another example: APWG researching trends and patterns – for example history data (WhoWas)
- WHOIS accuracy studies (starting from 2000 USG study, continuing through ICANN ARS)
- May also be used to assess P/P use, examining geographic distribution of registrations, etc.
- Could potentially be used for examining the impacts of GDPR in the future
- Many of these are examples of public policy research (including ICANN policies)
- Examples of organizations conducting such studies include ISOC, EFF
- Data elements list is not inclusive – often use whatever data is available, may need data across many domains for statistical analysis, etc.
- Distinction between this and market research? Sometimes academic study data ends up being applied for other reasons, including commercial
- Question: Since virtually all the examples given require the aggregation of RDS data and the ability to search across multiple domains, do we need to treat this aggregation itself as a use case/purpose?
- Would it be a method or use or purpose? Or would the search of aggregated data produces a new data set, that may then be used several purposes?
- See ref to ICANN contractual enforcement – is this covered by DT5? Use of data by Contractual Enforcement Dept for research vs. use of data by Contractual Enforcement Dept for enforcement purpose?
...
- Slides: ICANN60 RDS PDP F2F v6.PDF (updated 1 November for Wednesday F2F)
- List of Drafting Teams (includes team member lists & links to team email archives)
- Drafting Team outputs - may be updated in advance of meeting:
- DT1: Tech Issue Resolution and DNS Research [doc, PDF]
- DT2: Domain Name Control and Individual Internet Use [doc, PDF]
- DT3: Domain Name Certification [doc, PDF]
- DT4: Domain Name Purchase/Sale [doc, PDF]
- DT5: Regulatory or Contractual Enforcement [doc, PDF]
- DT6: Legal Actions [doc, PDF]
- DT7: Criminal Investigation/DNS Abuse Mitigation [doc, PDF] and slides