<div dir="auto">Hi All</div><div dir="auto"><br></div><div dir="auto">This is for the thematic ncsg but we want hria in the title at the moment it says NCSG thematic session. I probably crammed too many things. We see what the crowd wants to discuss more. But we have 90 mins and I think we can fit both topics. </div><div dir="auto"><br></div><div dir="auto"><div style="font-size:inherit">
<div style="font-size:inherit">
<p><br></p>
<p dir="auto"><div style="font-size:inherit" dir="auto">NCSG Human Rights Impact Assessment: Safeguards and Remedies Within ICANN: DNS Abuse Mitigation and Law Enforcement Authentication</div><br></p>
<p>As ICANN’s contractual frameworks and policy development processes evolve, the human rights implications of technical and procedural decisions demand equal urgency. This interactive session examines what happens to registrants and end users when we don’t have adequate safeguards and remedies. </p>
<p><br></p>
<p dir="auto">We open with DNS abuse mitigation as our grounding example. The Associated Domain Check mechanism illustrates the problem: a single abusive domain might trigger an investigative sweep across an entire registrant portfolio, exposing domains held on behalf of activists, independent media, or vulnerable communities to suspension or collateral harm, without those registrants ever having done anything wrong. Association is not confirmation. We will examine what must limit the scope of ADC investigations, what should never trigger one, and what remedy looks like when the mechanism is weaponized through bad-faith reporting designed to suppress legitimate speech. </p>
<p>If we get the time, Hijacked domains anchor this section as the hardest case: what recovery looks like when there are no safeguards, when hijacked domains are not recognized as a form of DNS abuse and there is no functioning remedy pipeline.</p>
<p><br></p>
<p dir="auto">We then turn to the deeper structural question those examples expose: law enforcement authentication. Registries and registrars are being asked to respond to requests from law enforcement agencies for nonpublic registration data, including under urgent request procedures, without standardized, rights-respecting authentication mechanisms in place. The SSAD Supplemental Recommendations Team is now discussing this. But the core questions remain unanswered: which jurisdictions’ law enforcement qualifies, who decides, what transparency and accountability obligations attach, and what safeguards and remedies protect registrants from authentication mechanisms being used against them by state actors. </p>
<p><br></p>
<p dir="auto"><br></p>
<p><br></p>
<p>0:00 – 0:10 — Framing</p>
<p dir="auto">What does a rights-respecting ICANN policy look like? </p>
<p><br></p>
<p>0:10 – 0:40 — Safeguards and Remedy at ICANN</p>
<p><br></p>
<p> • ADC scope</p>
<p dir="auto"> • Safeguards in investigations </p><p dir="auto">Remedy </p>
<p dir="auto"> • Discussion: 20 minutes</p>
<p><br></p>
<p>0:40 – 1:10 — Law Enforcement Authentication: Safeguards and Accountability</p>
<p><br></p>
<p dir="auto"> • The SSAD Supplemental Recommendations Team</p>
<p> • Which agencies qualify, who decides, on what terms</p>
<p> • Transparency and accountability obligations</p>
<p> • Protecting registrants from authentication mechanisms used against them</p><p dir="auto">Safeguards and remedies </p>
<p> • Discussion: 10 minutes</p>
<p><br></p>
<p>1:10 – 1:30 — Synthesis and Takeaways</p>
</div>
</div><br clear="all"><br clear="all"><div dir="auto"><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><font face="verdana, sans-serif" style="font-family:verdana,sans-serif;color:rgb(0,0,0)">Farzaneh </font></div></div></div></div></div>