<div dir="auto">Dear members,<div dir="auto"><br></div><div dir="auto">First, I want to thank the EPDP members and everyone who is contributing to this debate. Much appreciated.</div><div dir="auto"><br></div><div dir="auto">While following the debate and reading the arguments assiduously, the question that kept coming to mind as policy chair is if there is a due date for us to have decided what the NCSG position is.</div><div dir="auto"><br></div><div dir="auto">I note that in the EPDP WG communication and as indicated by Stephanie in a separate email<span> yesterday, the </span><span style="font-family:sans-serif">EPDP Team is to review updated version of the legal v. natural write up and indicate which aspects they can't live with</span> by Friday 7 May. I suppose this means we need to provide an agreed guidance on an NCSG position to our EPDP team reps by this date, which leaves us with only one day to conclude on this.</div><div dir="auto"><br></div><div dir="auto">From the discussion so far, <b><i>Option 1- the Status Quo</i></b> seem to have the most support from membership. Can anyone else who is against this option being the NCSG position please state their objection by 13:00 UTC 6 May? This should give us some time before Friday to agree. Absent a significant number of objections, <b><i>Option 1 - the Status Quo</i></b> will be the NCSG position on this matter.</div><div dir="auto"><div dir="auto"><div dir="auto"><br><div data-smartmail="gmail_signature" dir="auto">Cheers,<br>Tomslin</div><div data-smartmail="gmail_signature" dir="auto">Policy Chair<br> </div></div></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu., 6 May 2021, 08:31 Stephanie E Perrin, <<a href="mailto:stephanie@digitaldiscretion.ca" rel="noreferrer noreferrer noreferrer" target="_blank">stephanie@digitaldiscretion.ca</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>
<p>I agree that the RrSg work on this is useful and to be
encouraged, but I think the only way to keep it from becoming
mandatory, either through policy or through inclusion in their
contracts or through the upcoming accuracy pdp is to make it
voluntary RrSg advice, not EPDP policy or guidance. It is well
within their mandate to publish it themselves and you can see from
the comments on the google document, the pressure to make options
MUST instead of May Wish to......</p>
<p>cheers Stephanie</p>
<p>PS there is also a big question of co-controller liability on the
part of ICANN, for the accuracy and reliability of this guidance<br>
</p>
<div>On 2021-05-05 2:42 a.m., 陳曼茹 Manju Chen
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">
<div class="gmail_default" style="font-family:arial,sans-serif;font-size:small">Hi all, </div>
<div class="gmail_default" style="font-family:arial,sans-serif;font-size:small"><br>
</div>
<div class="gmail_default" style="font-family:arial,sans-serif;font-size:small">I agree
with Stephanie and Kathy that we have to 'hold the line', but
my idea of 'the line' is a bit different than the simple
'status quo'. </div>
<div class="gmail_default" style="font-family:arial,sans-serif;font-size:small"><br>
</div>
<div class="gmail_default" style="font-family:arial,sans-serif;font-size:small">In
my opinion, the line we should definitely hold is 'to keep the
guidance from becoming a requirement'. So we maintain that
'registrars should be able to choose to differentiate or not'
but develop guidance for if they wish to do so. Basically
Milton's scenario 3. </div>
<div class="gmail_default" style="font-family:arial,sans-serif;font-size:small"><br>
</div>
<div class="gmail_default" style="font-family:arial,sans-serif;font-size:small">I'd also
like to point out that according to Volker's statement on
behalf of RrSG, they are not against developing guidance
either. In fact, the RrSG has provided a table as their
proposed guidance on this matter. I would encourage us to work
with CPs on refining the table and make sure the final
guidance resembles RrSG's table instead of the
detailed instructions currently proposed by the surveillance
caucus. </div>
<div class="gmail_default" style="font-family:arial,sans-serif;font-size:small"><br>
</div>
<div class="gmail_default" style="font-family:arial,sans-serif;font-size:small">Best,</div>
<div class="gmail_default" style="font-family:arial,sans-serif;font-size:small">Manju</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Wed, May 5, 2021 at 11:39
AM Mueller, Milton L <<a href="mailto:milton@gatech.edu" rel="noreferrer noreferrer noreferrer noreferrer" target="_blank">milton@gatech.edu</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div lang="EN-US">
<div>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Kathy,
Stephanie, and NCSG members:</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Personally,
I would have no problem falling in line with your
position. But there are two fatal flaws that you need
to address. First, you are describing only what _<i>we</i>_
want and not thinking at all about how you get
consensus. Second, your description of what we want
does NOT correspond to what will actually happen if we
“hold the line.” As much as I would like to promote
harmony and unity among NCSG EPDP representatives, I
don’t think you have thought things through.</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">I
know perfectly well that we don’t want any
differentiation and that the registrars don’t either.
What you are overlooking is that the other half of the
EPDP does want it, and the board will see the EPDP as
deadlocked. So Option 1 will make you feel very
self-righteous in the short term, but what happens
next? You are, as I will show, leading us down a blind
alley.</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">I
can think of 3 scenarios we can discuss as a basis for
action.</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Scenario
1.
</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">We
“hold the line,” and we revert to Phase 1
recommendations unchanged. There is _<i>no guidance</i>_.
The other half of the EPDP just gives up and accepts
it. This result is not bad, I admit, if that last bit
happens. </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">But
what are the Phase 1 recommendations? You have
misrepresented the “status quo” as not differentiating
legal and natural. WRONG. What will happen under this
option is that any registrar or registry can choose to
differentiate in any way they like. And there will be
no guidance that you can appeal to if they do it
wrong. You say you don’t want registrars asking users
whether they are legal or natural. Well, sorry, that
can happen under your Option 1. A deadlock on EPDP
means that differentiation is neither prohibited or
required, it is up to the contracted parties. Many
registrars won’t do it, but some will. Registries
could do it, too. This is the “let the market decide”
option. Stephanie has become a libertarian, I guess.</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Scenario
2</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Scenario
1 assumes the other side accepts defeat. But what if
we “hold the line,” and the other half of the EPDP
doesn’t accept it? The European Commission, the US
justice department, the GAC, SSAC, and of course the
IPC/BC and ALAC join a strong chorus telling the board
“something must be done.” The Board is influenced, and
refuses to accept the recommendation, as it has done
with the SSAD (which the same group of stakeholders
opposed). We have seen the Board cave to GAC and
governmental demands again and again, the latest
example being “curative rights” for IGO acronyms,
which the GNSO never approved. Worse, the EC may
modify its NIS2 legislation to require ICANN to
differentiate. The US congress could intervene. The
issue festers for another three – five years. Several
powerful players start attacking the multistakeholder
process. Maybe ICANN corrupts its process once again.
</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Scenario
3</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Scenario
3 is that we don’t require differentiation of legal
persons, but we develop consensus guidance on how
contracted parties should do it if they choose to do
it. This is the most likely scenario, and it’s one
that your position paper completely ignores. If you do
want guidance, the approach to guidance that I have
suggested is best, because it is a very lightweight
process of self-identification by registrants. By
offering some differentiation it may defuse the
opposition of the other stakeholders. On the other
hand Stephanie’s complicated, expensive and
power-surrendering approach is not the kind of
guidance we want.</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">By
now it should be clear to anyone who’s read this far
that Scenario 1 is not as wonderful as you say and may
not be possible. The EPDP is already deeply invested
in developing guidance about how registrars should and
should not differentiate. We have been working on it
for weeks. Unless something changes radically in the
next week, we will actually produce some guidance
about differentiation. So, I suggest that we confine
our debate to Scenario 2: the developing of nonbinding
guidance. I suggest again that allowing registrants to
choose to identify their registration as one of a
legal person, with their data published or
automatically available via SSAD, creates a path to
consensus and to resolving the issue, whereas your
preferred path does not.</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">To
conclude, I call your attention to a pathology that is
paralyzing nearly all of ICANN’s working groups.
Defining your position and “holding the line” is a
strategy that all the SGs and ACs seem to adopt now.
It turns all these deliberations into a bunch of
people re-stating their position again and again for
3-4 years, re-litigating issues endlessly, avoiding
any serious middle ground. No thought is given to
finding a solution that achieves a critical mass of
consensus. </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Anyone
who wants to be a serious participant in developing
the NCSG’s position in EPDP has to answer a very basic
question:
</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">How
does this end?
</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">What
is your scenario for achieving the level of agreement
needed to pass a policy?
</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Looking
forward to your response.
</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Dr.
Milton L Mueller</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">Georgia
Institute of Technology</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)">School
of Public Policy</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"><a href="https://internetgovernance.org/" rel="noreferrer noreferrer noreferrer noreferrer" target="_blank">Internet
Governance Project</a>
</span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt;font-family:Calibri,sans-serif;color:rgb(31,73,125)"> </span></p>
<div>
<div style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0in 0in">
<p class="MsoNormal"><b><span style="font-size:11pt;font-family:Calibri,sans-serif">From:</span></b><span style="font-size:11pt;font-family:Calibri,sans-serif"> NCSG-Discuss <<a href="mailto:NCSG-DISCUSS@LISTSERV.SYR.EDU" rel="noreferrer noreferrer noreferrer noreferrer" target="_blank">NCSG-DISCUSS@LISTSERV.SYR.EDU</a>>
<b>On Behalf Of </b><a href="mailto:kathy@DNRC.TECH" rel="noreferrer noreferrer noreferrer noreferrer" target="_blank">kathy@DNRC.TECH</a><br>
<b>Sent:</b> Tuesday, May 4, 2021 5:35 PM<br>
<b>To:</b> <a href="mailto:NCSG-DISCUSS@LISTSERV.SYR.EDU" rel="noreferrer noreferrer noreferrer noreferrer" target="_blank">NCSG-DISCUSS@LISTSERV.SYR.EDU</a><br>
<b>Subject:</b> Option 1</span></p>
</div>
</div>
<p class="MsoNormal"> </p>
<p><span style="font-size:10.5pt;font-family:Arial,sans-serif">Tx
to Milton, Stephanie, Manju, Tapani, Farzi, Mark
Leiser, Kim von Arx and everyone else who commented on
our dicussion of options for the EPDP.<br>
<br>
As it's time to wrap up this issue so our EPDP members
can present our view to the EPDP Group, I co-wrote the
email Stephanie posted earlier today (attached below
too). Best regards, Kathy<br>
------------------------------------------------------------------------<br>
<br>
Fellow NCSG members,<br>
<br>
<span style="color:rgb(31,73,125)">></span>We would
like to work together to share our rationale for
Option 1 –
<span style="color:rgb(31,73,125)"></span></span></p>
<p><span style="font-size:10.5pt;font-family:Arial,sans-serif">maintaining
the status quo and not asking further follow-up
questions, mandatory or otherwise, about legal and
natural persons. While the EPDP phase 2a discussions
have been an educational and interesting exercise, we
are not under any obligation to change the existing
policy, or further complicate it.<br>
<br>
As we have all discussed, legal/natural person
questions are very complicated for many of our members
who are often noncommercial and non-profit
organizations whose structure and ways of obtaining
domain names do not resemble those of the large
corporations other stakeholder groups represent. Our
members may have many layers of privacy protection in
less-well-known sections of the GDPR, other local law,
Constitutions and international conventions.<br>
<br>
We learned that recent studies show that 50% of gTLD
domain name registrations are for natural persons –
and at least 25% more have overlapping entity and
personal data (e.g., the organization name has
personal data in it and is thus protected as personal
data).<br>
<br>
Stephanie and Kathy shared their concerns for
legal/natural person questions during our long work on
the Proxy and Privacy Accreditation Working Group.
We worked closely with the Registrars Stakeholder
Group to protect registrant privacy – including
Battered Women’s Shelters, family planning clinics,
and girls educational institutions – all of which may
be legal entities, but have protectable data due to
obvious danger from disclosure in certain countries.
<br>
<br>
<strong><i><span style="font-family:Arial,sans-serif">In
light of the complicated world around us, we
support Option 1- the Status Quo. </span></i></strong>
We ask the NCSG to adopt this as our stance.
<strong><span style="font-family:Arial,sans-serif">Based
on the existing policy which makes differentiation
of legal/natural persons optional for each
registrar, we believe we already have the</span></strong><b><br>
<br>
<strong><span style="font-family:Arial,sans-serif">-
best way to fight DNS Abuse,</span></strong><br>
<br>
<strong><span style="font-family:Arial,sans-serif">-
best way to protect individuals and
noncommercial organizations, and</span></strong><br>
<br>
<strong><span style="font-family:Arial,sans-serif">-
best way to follow GDPR and other
applicable human rights and free speech laws</span></strong><br>
<br>
<em><span style="font-family:Arial,sans-serif">Therefore,
we recommend NCSG “hold the line” and stick with
Option 1.</span></em></b><br>
<br>
<em><span style="font-family:Arial,sans-serif">As the
Registrars wrote in their EPDP Statement on
Thursday April 29:
</span></em><strong><i><span style="font-family:Arial,sans-serif">We have
heard plenty of vocal support in this group to
[differentiate between legal and natural persons
in a mandatory fashion], but to date the RrSG
have not heard any compelling reason to create
policy that makes this dramatic shift to the
domain registration landscape.</span></i></strong><br>
<br>
<strong><span style="font-family:Arial,sans-serif">We
agree. </span></strong> Nothing will stop other
stakeholder groups from demanding further disclosure
of data, and lobbying other parties including
governments.
<strong><span style="font-family:Arial,sans-serif">What
we can do in ICANN is come up with the best
solution for us at this time.</span></strong><br>
<br>
Many thanks to the members of our NCSG EPDP Team for
your hard work. This has been a long road. With new
studies, new information and legal opinions, we think
we have a clear and strategic path forward. We
believe our position to be closely aligned with that
of the Registrar Stakeholder Group, which they
articulated on April 29 (see below).<br>
<br>
Best, Kathy Kleiman and Stephanie Perrin<br>
<br>
---------------------------------------------------------<br>
The Registrar Stakeholder Group issued their position
statement on Thursday (4/29):<br>
<br>
The members of the RrSG EPDP team have participated in
this process in good faith since day one and will
continue to do so; however, we need to be crystal
clear that members of our Stakeholder Group, whom we
are here to represent, have voiced and recently
reconfirmed their strong opposition to any policy
coming out of this group that makes differentiation
between natural and legal persons for domain
registrations mandatory.<br>
<br>
We have heard plenty of vocal support in this group to
do just that, but to date the RrSG have not heard any
compelling reason to create policy that makes this
dramatic shift to the domain registration landscape.
The Contracted Party can make the most accurate
assessment of their own legal, technical, and
commercial risks and obligations, and is the only
party that can determine what level of risk they
should assume. The scope of this EPDP Phase 2a is to
consider if changes are required for the relevant
Recommendation; it has become clear through this
process that no such changes are required<br>
<br>
To the extent this group can focus its energies on
guidance to contracted parties which choose on their
own to make this differentiation, we continue to
believe that is a worthwhile exercise. We believe that
guidance materials including educational information
provided by ICANN in multiple languages would help
contracted parties educate registrants and this would
be a valuable effort.<br>
<br>
That said, based on analysis done by our stakeholder
group's members, we reject the notion that the
majority of registered domain names are registered to
legal entities. We further remind this team that we
have not yet seen evidence that increased publication
of registration data will address any of the problems
which have been mentioned so far in this phase, and
that the registration data is reliably and promptly
available to those who do have a legitimate reason to
access it.<br>
<br>
Finally we note that this statement represents the
official position of the Registrar Stakeholder group,
and statements from members of other groups
participating in the EPDP do not represent our group’s
position.<br>
<br>
<em><span style="font-family:Arial,sans-serif">(Source:
Transcript of EPDP-Phase 2A Team Call, 29 April
2021, Statement of Volker Greimann on behalf of
the Registrars Stakeholder Group read into the
record)</span></em></span></p>
</div>
</div>
</blockquote>
</div>
</blockquote>
</div>
</blockquote></div>