Versions Compared

Old Version 52

changes.mady.by.user Jean-Baptiste Deroulez

Saved on

compared with

New Version Current

changes.mady.by.user Jean-Baptiste Deroulez

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
(green star)Objective

Consistent with ICANN’s mission and Bylaws, Section 4.6(e)(ii), the review team will assess the extent to which the implementation of today’s WHOIS (the current gTLD RDS) meets legitimate needs of law enforcement for swiftly accessible, accurate and complete data by (a) establishing a working definition of “law enforcement” used in this review, (b) identifying an approach used to determine the extent to which these law enforcement needs are met by today’s WHOIS policies and procedures, (c) identifying high-priority gaps (if any) in meeting those needs, and (d) recommending specific measureable steps (if any) the team believes are important to fill gaps. Note that determining which law enforcement requests are in fact valid will not be addressed by this review. 

Background Documents

Further background documents may be found on the Review Team's overall Background Materials page.


(green star)Leader/Rapporteur: Thomas Walden

(green star)Members: Cathrin Bauer-Bulst, Chris Disspain, Thomas Walden, Lili Sun, Stephanie Perrin

(green star)Mailing-list archives: http://mm.icann.org/pipermail/rds-whois2-lawenforcement/

(green star)Conference calls

(green star)Review Team Templates: see here


Subgroup Documents

Date

Document (Versions in Red are latest)

File

Subgroup Report

v3DOCX

 

v2DOCX

 

v1DOCX
Law Enforcement Survey Results

 

v1PPTX
Law Enforcement Survey Questions

 

FinalPDF

 

v6PDF

 

v5PDF

 

v4DOCX

 

v3DOCX

 

v2DOCX

 

v1DOCX
Face-to-Face Mtg #2 Slides - Findings

 

v2PPTX

 

v1PPTX
Planning Questions

 

v1PPT
First Pass Document

 

v3DOCX

 

v2DOCX

 

v1DOCX

Open Actions/Requests

*To be provided once reasonable date is determined by appropriate subject-matter expert

Item #Source of RequestDate of RequestAction Item RequestAction Owner

Anticipated Completion Date*

Progress Notes
13
22
#27

#37

 

ICANN org to provide an example of survey output to the subgroup to inform methodology related discussions.

ICANN org

 

  • In LE1, update "effectiveness of WHOIS" to with "effectiveness of WHOIS in meeting the needs of law enforcement".]
  • Remove the phrase "and others with a legitimate purpose" and use "cybersecurity and related professionals" instead
  • Split second bullet into separate recommendation LE.2 which refers specifically to cybersecurity and related professionals (and explains how this is related to meeting law enforcement needs)
Cathrin

 


Completed Actions/Requests

*To be provided once reasonable date is determined by appropriate subject-matter expert

Item #Source of RequestDate of RequestAction Item RequestAction Owner

Anticipated Completion Date*

Progress NotesCompleted ResponseCompletion Date
21FtoF #3

Investigate geographic distribution of responses to date and provide any available information to the subgroup, enabling additional targeted outreach by subgroup members to under-represented areasICANN org



20FtoF #3

 

Draft methodology and findings for RT review before 6 August plenary call, keeping findings confidential until the survey closesCathrin



19FtoF #3

 

Consider the following items when drafting its subgroup report, proposing any associated recommendations it may develop for RT review: 

  1. Geographic distribution of responses to date. Note that Compliance subgroup also found under-representation of global south in WHOIS inaccuracy reports - possible systemic issue?
  2. Formulating a recommendation on continuous data gathering to inform future assessment of the effectiveness of WHOIS, as well as future policy development (e.g., ePDP)
  3. Possibility of opening the survey to cybersecurity professionals - if not at this point, then in the future. Potentially related to accreditation and criteria that may be applied there. Bylaws mandate is explicitly law enforcement, so results would need to be analyzed separately and not conflated.
  4. Possibility of repeating survey between public comment close and final report to allow additional participation and comparison of results; public comment could include a way for interested parties to express interest in participating in next survey (indicating their email address, duty station, geographic region)
Subgroup



18#3

 

Verify that invitees using personal not agency addresses is not a problemICANN org



17#3

 

React to updated survey text by Friday COB, sending any comments to the subgroup mailing listSubgroup



16#3

 

Update survey text and share with the subgroup by 12 July, reflecting the following edits:

  • Fix typo in all questions involving a range so that the first option refers to less than instead of greater than (for example Q4, <10 should be first option)
  • In survey invitation, ask invitees to participate if you now or have ever used WHOIS in performance of your duties... 
  • Insert explanation prior to question 3 stating that the next several questions ask about your usage of WHOIS prior to May 2018
  • Add to the end of the survey: Ask if their usage of WHOIS has changed since May 2018 - if so, repeat questions 4,5,6,10,11,12 for WHOIS usage since May 2018, plus a general question allowing comment on recent changes to WHOIS
  • In questions 10-12, refer to WHOIS prior to May 2018, and then when those questions are repeated refer to current WHOIS (after May 2018)
ICANN org



15#33

 

Schedule a subgroup call as soon as possible to finalize and launch survey.ICANN org



13#27

 

Provide an example of survey output to the subgroup to inform methodology related discussions.ICANN org



12#27

 

Investigate to investigate on transparency requirements pertaining to surveys, as subgroups would like the survey link not to appear on review team public lists.

ICANN org

Email

 

11#27

 

Cathrin to update Update the draft survey based on input received and to share with subgroup.

Cathrin

Email

 

14#28

 

ICANN org to reach Reach out to Thomas to clarify law enforcement survey logistics and request status updateICANN org

Email

 

10#2

 

Staff to provide Provide support for staging draft questions, as the subgroup may request

ICANN org

Email

 

9#2

 

Cathrin to revise and circulate to the subgroup a draft list of questions

Cathrin

Email

 

8#26

 

Cathrin to draft Draft survey questions for subgroup to review the questions

Cathrin

Email

 

6#25

 

Cathrin volunteered to substitute for Thomas for Face-to-Face Meeting #2 and provide assistance with subgroup draft report. ICANN org to provide a draft subgroup report to Cathrin.



 

4#18

 

Flesh out potential questions for a law enforcement survey

Law Enforcement Subgroup

Email

 

7

#26

Stephanie and Lili to be added to Subgroup 3 - Law EnforcementICANN org

 

 



1#1

 

Reach out to Lili to see if she would like to join subgroupThomas
Cathrin completed action itemEmail

 

5#22

 

Finalize briefing questions for OCTO and questions to be covered during informal outreach to LE.Subgroup
CLOSED - subgroup has deferred discussion with OCTOEmail

 

2#1

 

ICANN Org to consider whether a briefing from OCTO on interaction with LEA and perhaps DAR would be helpful as inputConsider whether a briefing from OCTO on interaction with LEA and perhaps DAR would be helpful as input.ICANN org
CLOSED - subgroup has deferred discussion with OCTOEmail

 

3#1

 

Provide Thomas will first cut answer at next step question, for Thomas to refine and share with subgroup by mid-weekICANN Org

 



 

Decisions Reached

SourceDateDecision
FtoF #3

New deadline for survey - August 6 - 23:59 UTC. 

FtoF #3

Reopen survey to collect additional responses; defer discussion of results (and issues/recommendations) until final survey close to avoid influencing respondents

#2

 

On Law Enforcement Survey:

1) refine the WHOIS1 questionnaire to better address law enforcement respondents,

2) develop a refined list of questions to obtain feedback from the RT,

3) stage draft questions in a survey tool such as SurveyMonkey to test the survey,

4) run the same survey before and after GDPR changes to WHOIS

#1

 

Has your subgroup identified any needed briefings/resources? How will the subgroup conduct its investigation?

  • Outreach to LEA contacts to solicit input on needs 
  • Possible examples - GAC PSWG, APWG, SSAC members (John Levine)
  • Need to structure outreach in a transparent and accessible way
  • Start with informal outreach and then consider broader more formalized outreach
  • How will subgroup review identified documentation? N/A