2022-10-05 EPDP Phase 2 Small Team - Meeting #17

PROPOSED AGENDA

1. Remaining topics from the Google doc:

a. ICANN as the agent of the requestor – “Along with the certification that the submission is accurate and complete, the requester should formally appoint ICANN  (or whoever is running this system) as their agent. That way there is no question that this is a request that falls under the requirement to respond to legitimate requests for non-public data.” (ALAC)

b. Ability for requestor to challenge registrar completion flag – “Since marking the request complete (by the registrar) is independent from actually completing the request (either rejecting or with data), there should be a flag the requester can set to indicate that they do not agree with the “complete” flag. This new flag need not be acted upon, but is there for analysis.” (ALAC)

c. Billing – “Billing - we are concerned with the lack of a billing mechanism.  If one of the primary drivers is to better understand the volume of requests/requestors for a potential SSAD system (that does have billing) then a proof of concept that doesn’t have billing might not provide an accurate view into the volume of requests likely for the SSAD. The recommendations were clear that the SSAD should operate on a cost recovery basis so that fees paid by registrants would not be used to disclose their data.  Having a fee is also an effective measure to minimize abuse disclosure requests via the system. We don’t necessarily see this as a gating issue to proceed with a proof of concept, however we would like to see it considered for a potential phase 2 and note it should be considered when evaluating volume of requests received.” (RySG)

   2. Remaining review template topics for discussion:

a. Data expected to be collected through the Whois Disclosure System

b. If support for proceeding:

• What are the small team’s expectations with regards to the timing of implementation?
• What role, if any, is the Council / small team expected to play during implementation? 
• How and by whom should review of the data obtained be conducted? Should this be done jointly with the ICANN Board? 
• Does the original timing of check-points still apply?
• How can the GNSO Council/small team contribute to the success of the Whois Disclosure System?

c. If no support for proceeding:

• What is the rationale for not proceeding?
• What should the Council recommend to the Board in relation to the next step on the consideration of the SSAD recommendations?

   3. Feedback from ICANN org in relation to logging of requests to non-participating registrars

“the WHOIS Disclosure System could log requests that are made for data pertaining to domain name registrations that are under the management of non-participating registrars. A report could be created on the number of requests for domains from non-participating registrars and which registrars are receiving these requests, as part of the overall reports issued on the use of the WHOIS Disclosure System”. Note, ICANN org is still working on a response to the question from the small team whether it would also be possible to allow the requestor to continue filling out the data request form, if the requestor chooses to do so after having been informed that the data request will NOT be forwarded to the non-participating registrar and that any information provided will be used for data collection purposes that are intended to help inform future decisions about how to proceed with the Whois Disclosure System / SSAD.

BACKGROUND DOCUMENTS

Audio Recording

Zoom Recording

Chat Transcript - located on zoom recording->select the chat tab