As per the decision reached on plenary call #14, the WHOIS1 Rec #4 Compliance subgroup and the Topic 7 Compliance subgroup have been merged into one subgroup, and this wiki page will be the page used by that combined subgroup moving forward. |
---|
Objectives
|
---|
Leader/Rapporteur: Susan Kawaguchi Members: Erika Mann, Carlton Samuels, Chris Disspain, Susan Kawaguchi, Thomas Walden Mailing-list archives: http://mm.icann.org/pipermail/rds-whois2-rec4-compliance/ Conference calls: see here Review Team Templates: see here |
---|
Subgroup Documents
Date | Document (Versions in Red are latest) | File |
---|---|---|
Subgroup Report | ||
| v15 | DOCX |
| v14 | DOCX |
| v13 | DOCX |
| v12 (incl. FtoF #3 Agreements) | DOCX |
| v11 | DOCX |
| v10 | DOCX |
| v9 | DOCX |
| v8 | DOCX |
| v7 | DOCX |
| v6 | DOCX |
| v5 | DOCX |
| v4 | DOCX |
| v3 | DOCX |
| v2 | DOCX |
| v1 | DOCX |
Face-to-Face Mtg #2 Slides - Findings | ||
v2 | PPTX | |
| v1 | PPTX |
Planning Questions | ||
| v1 | PPTX |
Next Steps | ||
| v1 | DOCX |
First Pass Document | ||
| Compliance v2 (merged doc) | DOCX |
| Compliance v1 (merged doc) | DOCX |
| Assembled topic 1 rec #4 v3 & topic 7 v1 (Draft for subgroup rapporteur and subgroup's approval) | DOCX |
| Topic 1 Rec #4 v3 | DOCX |
| Topic 1 Rec #4 v2 | DOCX |
| Topic 1 Rec #4 v1 | DOCX |
| Topic 7 v1 | DOCX |
Background Documents
- WHOIS Review Team (WHOIS1) Final Report (2012) and Action Plan
- WHOIS Review Team (WHOIS1) Implementation Reports, including
- WHOIS1 Implementation Briefings on Recommendations 4, 12, 13, 14: PPT, PDF
- Answers to RDS-WHOIS2 Questions on Implementation Briefings
- Documents cited in briefing on Recommendation 4 Compliance include
- Contractual Compliance Outreach information and Metrics Reporting
- Process and approach for enforcing the contract
- Contractual Compliance staff information
- Contractual Compliance annual reports and financials
- Chief Compliance Officer 2017 announcement and 2014 announcement
- Consumer Safeguards Director announcement
- Additional documents relevant to Topic 7 Compliance include
- WHOIS Review Team (WHOIS1) Final Report (2012), Section 1: The Effectiveness of ICANN’s WHOIS Compliance Effort
- Documents relevant to WHOIS1 Recommendations 5-9 - Accuracy
- ICANN Contractual Compliance web pages
- Competition, Consumer Trust and Consumer Choice Review Team Draft Report
- 2 February Meeting with Compliance Management - Q&A, citing additional documents
- FY18 Operating Plan and Budget
- Contractual Compliance 2017 Annual Report
- Contractual Compliance Audit Program
- Contractual Compliance Monthly Dashboards
- WHOIS ARS Contractual Compliance Metrics
- ICANN's Contractual Compliance Approach and Processes
- Notices of Breach, Suspension, Termination and Non-Renewal
- Registrar Formal Notices (Enforcement)
- Additional links specific to Compliance Objectives may be added here
Further background documents may be found on the Review Team's overall Background Materials page.
ICANN Org Briefings/Answers
- Rec 4 Written Implementation Briefing
- Meeting #3 - with Compliance Management (1 February 2018)
- Meeting #5 - with ICANN Compliance (28 March 2018)
- Brussels mtg follow-up questions
- ICANN compliance input includes:
- Written answers to 1 February questions
- Written answers to 8 February questions
- Written answers to 20 April questions
- Written answers to 21 June questions
- GDD Answers to 19 July Questions
- Face-to-Face Meeting #3 follow-up questions
- https://mm.icann.org/pipermail/rds-whois2-rt/2018-July/000788.html
- https://mm.icann.org/pipermail/rds-whois2-rec4-compliance/2018-July/000075.html
- https://mm.icann.org/pipermail/rds-whois2-rec4-compliance/2018-August/000076.html
- https://mm.icann.org/pipermail/rds-whois2-rec4-compliance/2018-August/000077.html
Open Actions/Requests
*To be provided once reasonable date is determined by appropriate subject-matter expert
Item # | Source of Request | Date of Request | Action Item Request | Action Owner | Anticipated Completion Date* | Progress Notes |
---|---|---|---|---|---|---|
35 | #37 |
| Incorporate a note about percentage # being under review and community input is welcome. | ICANN org |
| |
34 | F2F#3 |
| Susan and Stephanie the action to draft supporting text for the recommendation, explaining what “a risk-based approach” is intended to mean | Susan/Stephanie |
|
Completed Actions/Requests
*To be provided once reasonable date is determined by appropriate subject-matter expert
Item # | Source of Request | Date of Request | Action Item Request | Action Owner | Anticipated Completion Date* | Progress Notes | Completed Response | Completion Date |
---|---|---|---|---|---|---|---|---|
36 | F2F#3 |
| On P/P, which is intended to cover the case where PPSAI implementation stalls or providers do not seek accreditation, it is unclear whether a recommendation is needed. If it is, it belongs in the P/P section: Volker to add to the P/P section and rephrase along the lines of: “The board should monitor PPSAI implementation. In that event, the board should direct ICANN Org to negotiate an amendment to the RAA to…” | Volker | ||||
35 | F2F#3 |
| Propose updated text to address items in [ ] for RT review and determination of consensus. | Susan | ||||
33 | F2F#3 |
| Does ARS have access to non-public data under the Temporary Specification? Is the WHOIS data that is sampled by ARS obtained from the Registrar or Registry (for thick TLDs, since under GDPR much contact data may be redacted?) | ICANN org |
|
| ||
32 | F2F#3 | For domains rechecked after suspension, what % are found to be unsuspended in total and the % that are still non-compliant? | ICANN org |
|
| |||
31 | F2F#3 |
| Request for clarification: What are the process and criteria used to determine the domain names to review with ARS? | ICANN org |
|
| ||
30 |
| Requests for clarification:
| ICANN org |
|
| |||
29 |
| ICANN org |
| Document | | |||
28 | #33 |
| Schedule a WHOIS1 rec #4 subgroup call after Susan produces new draft addressing ICANN62 comments. | ICANN org/Subgrou | ||||
27 | #33 |
| Rec 4.8: Clarify that the DAAR blacklist is but one source of input, not considered authoritative. | Susan | ||||
26 | #33 |
| Rec. 4.7:Clarify recommendation to indicate the audit would apply only in cases where there is a pattern of failure to validate as required by the RAA. | Susan, Lili | ||||
25 | #33 |
| Rec 4.3: Susan to clarify recommendation to indicate how data would be updated. | Susan | ||||
24 | #31 |
| Volker to review latest draft from Susan and share comments. | Volker |
| |||
23 | #7 |
| Susan to update draft to reflect decisions reached and respond to Volker's comments | Susan | Draft Report |
| ||
22 | #28 |
| ICANN org to schedule a follow-up call for compliance subgroup | ICANN org | Draft Report |
| ||
21 | #6 |
| Carlton to draft finding/recommendation on use of DAAR to improve accuracy of WHOIS. | Carlton | Draft Report |
| ||
20 | #6 |
| Question 1: Susan to formulate a follow-up question for Compliance (possibly also GDD) regarding counting of null fields and the subset of null fields that occur for grandfathered domains. | Susan | Draft Report |
| ||
17 | #26 |
| Susan to research 2013 RAA negotiation materials to determine any reasons for allowing grandfathering. | Susan | Draft Report |
| ||
16 | #26 |
| Susan to examine CCT recommendation on DAAR to build this subgroup’s recommendation | Susan | Draft Report |
| ||
15 | #26 |
| Susan to formulate recommendation to include compliance taking a risk-based approach that is not just reactive - addressing systemic complaints and taking a risk-based approach | Susan | Draft Report |
| ||
14 | #26 |
| Subgroup to try testing recommendation on WHOIS policies that are being examined by this review (e.g., PP, IDN) to see if metrics/monitoring/reporting and enforcement have been defined for those | Susan | Draft Report |
| ||
19 | #27 |
| Susan to liaise with ICANN org on a Doodle poll for a subgroup call | Susan | Email sent individually to Alice & Jean-Baptiste |
| ||
18 |
| Brussels follow-up list of questions to ICANN compliance | ICANN org |
|
| |||
13 | #26 - Email |
| Susan to confirm questions for ICANN compliance. | Susan | Email |
| ||
12 | #5 |
| Subgroup members to read ICANN compliance's answers and to advise of any follow-up questions. | Subgroup |
| |||
7 | #3 |
| Susan to reach out to Thomas to identify policies (from above list) that he will volunteer to review. | Susan | ||||
6 | #3 |
| Susan to include her findings about grandfathered domain names in draft subgroup report (see decisions reached, #3). | Susan | Draft Subgroup Report | |||
5 | #3 |
| Subgroup members to review and attempt to answer questions prior to F2F meeting as follows:
Questions to be addressed (at minimum):
| Subgroup, Carlton, ERika | Draft Subgroup Report | |||
11 | #23 |
| MSSI Secretariat to send out a new doodle. | MSSI-Secretariat |
|
| ||
10 | Interview/discussion questions - second set | ICANN org |
| |||||
9 |
| Interview/discussion questions - first set | ICANN org |
| ||||
8 | #3 |
| Suggest timeline for completing briefing questions and desired timeframe for that briefing with ICANN Org compliance. | Susan |
| |||
4 | #2 |
| Subgroup 2-day face-to-face meeting: Alan and Susan requested to hold a two days subgroup face-to-face meeting with Compliance Department at ICANN org office in Los Angeles, only a small conference room would be needed. This would happen before the next plenary face-to-face meeting. ICANN org to liaise with meetings team to confirm notification time needed with meetings teamto prepare such meeting to identify a possible date (also taking into consideration compliance department staff would be available). | ICANN org |
| |||
3 | #2 |
| Next Week’s Kick-Off Meeting with ICANN org Compliance Team (exact date to be confirmed): Initial 1hour kickoff meeting between subgroup members who are in LA next week and members of the compliance Department - Questions raised on today's call to be shared with the subgroup (see below), subgroup members not attending the call to share input/edits by Wednesday COB. - Subgroup members to review attached first pass planning document and raise any questions, edits, by tomorrow COB. - ICANN org to look into the possibility to add remote participation during the meeting with compliance for remote subgroup members. | Subgroup/ICANN org | ||||
2 | #1 |
| Susan to take a first look at filling in the work statement based on today's discussion, and share it with the subgroup for input. | Susan | ||||
1 | #1 |
| Susan to provide ICANN org with dates for future subgroup call. Doodle to be sent out to subgroup based on this. | Susan |
Decisions Reached
Source of Request | Date | Decision |
---|---|---|
FtoF #3 |
| R4.8 ICANN should direct ICANN Contractual Compliance to proactively monitor and enforce WHOIS data accuracy requirements to look for and address systemic issues. A risk based approach should be executed to assess and understand inaccuracy issues and then take the appropriate actions to mitigate them. |
FtoF #3 |
| R4.7 ICANN should direct ICANN Contractual Compliance to look for patterns of failure to validate and verify WHOIS data as required by the RAA. When such a pattern is detected, an audit should be initiated to check if the Registrar follows WHOIS contractual obligations and consensus policies. Sanctions should be applied if significant deficiencies in WHOIS data validation or verification are identified. |
FtoF #3 |
| R4.6 ICANN should review the WHOIS records of gTLD domain names sampled by ARS for each region to determine whether lack of knowledge of WHOIS inaccuracy reporting tools or other critical factors are responsible for low WHOIS inaccuracy report submission rates in some regions. |
FtoF #3 |
| R4.5 ICANN should publicize and encourage use of the Bulk WHOIS inaccuracy reporting tool (or any successor tool). |
FtoF #3 |
| R4.3 ICANN contracts or GNSO policy should require that gTLD domain names suspended due to WHOIS contact data which the registrar knows to be incorrect, and that remains incorrect until the registration is due for deletion, should be treated as follows. (1) The WHOIS record should include a notation that the domain name is suspended due to incorrect data; and (2) Domain names with this notation should not be unsuspended without correcting the data. |
FtoF #3 |
| R4.2 (with 2 objections) - The ICANN Board should direct ICANN Organization to assess grandfathered domain names to determine if information is missing from the WHOIS Registrant field. If [X%] of domain names are found to lack data in the Registrant field, then the ICANN Board should initiate action intended to ensure that all gTLD domain names adhere to the same registration data collection requirements [within Y months]. |
FtoF #3 |
| R4.1 ICANN should recommend the GNSO adopt a risk-based approach to incorporating requirements for measurement, auditing, tracking, reporting and enforcement in all new RDS policies. |
FtoF #3 |
| The latest % be cited in the report (30%) and note downward trend. |
FtoF #3 |
| No further recommendation is needed regarding the Compliance reporting structure. |
#8 |
| Rec. #1 - revise to read "enforced as required" to address Stephanie's comment on F2F#2 |
#7 |
| Rec 8: Dig further and consult with Lili Rec #7: Policy should integrate metrics, measurements, and reporting to ensure that the policy is effective in addressing the issue, and when metrics are defined, compliance would audit, track, report, and enforce as applicable for the policy. Rec #4: Agreed but possibly belongs under Outreach or Accuracy recommendations Rec #3 :
Rec #2 may be covered under Rec 3 Rec #1 to be redrafted to apply to registries not registrars |
#6 |
| Question 4: subgroup agreed to Susan's draft recommendation. |
#6 |
| Question 2: Recommendation that a policy or best practice be developed to flag in WHOIS when a domain name has been suspended for inaccurate data. subgroup may suggest a policy such as updating the inaccurate record. |
#3 |
| Include in briefing questions:
|