[NCSG-PC] Fwd: [NCSG-Discuss] Comments on the Whois compliance models

Poncelet Ileleji pileleji at ymca.gm
Mon Jan 29 22:52:04 EET 2018


Supported +1

On 29 January 2018 at 17:52, Dr. Tatiana Tropina <t.tropina at mpicc.de> wrote:

> All,
>
> I support Rafik's approach.
>
> 1) we can submit the comment supporting the model 3.
>
> 2) we can tweak 2b and look more thoroughly at eco meanwhile and clarify
> some things that are not clear there for me yet - like LEA access and some
> other.
>
> 3) as we have to be rational, we can bargain further with a mix of 3 and
> 2b, if needed.
>
> Cheers,
>
> Tanya
>
> On 28/01/18 08:55, Rafik Dammak wrote:
>
> Hi,
>
> while I checked the 3 models, I am not familiar with the eco model or
> comment and so making any judgment hard. is it similar to one of the models
> or something totally different proposal?
> maybe as context, we should recall that those models are supposed to be
> interim solutions. One risk with model 2b or a similar (eco?) is what
> French calls "le temporaire qui dure", a lasting temporary. It means having
> a workaround that will become de facto the solution with all its drawbacks
> and we won't have a real say in the process such accreditation or
> certification (we can learn from the current discussion on implementing of
> PPSAI and how staff views differ from the policy).
>
> let's think in practical fashion here:
> - we got a deadline and need to submit a comment
> - the discussion is still continuing e.g. webinar this week and beyond
> - there are calls for extension by BC and IPC because they want to propose
> more models beyond the 3 tabled.
>
> I guess one approach is to have the comment saying that the model 3 to
> meet the current deadline because its restrictions is a more safe solution
> till we move for a restrictive layered option (2b or eco model) after a
> real community involvement and discussion. Having a model 3 used is a real
> ncentive for everyone to work on a long time solution acknowledging all
> concerns from the different parties instead of tricking us to accept an
> ill-designed option. the document made by Stephanie is a starting point for
> us to work on the details in coming months.
>
> Best,
>
> Rafik
>
> 2018-01-29 1:14 GMT+09:00 Stephanie Perrin <stephanie.perrin at mail.
> utoronto.ca>:
>
>> I am sorry I let you down.  To be frank, the discussion on the main list
>> was all over the map, my desire to throw my comment out there to be trashed
>> by folks not following these matters was pretty minimal.  However, I have
>> had a complete meltdown with my computer and my ISP, which slowed me down
>> enormously, and there was no room for error.
>>
>> Here are a few compromise positions:
>>
>> 1.  I can summarize at the end of the analysis of the different
>> positions, the various views (I acknowledged EFF's position but did not go
>> into it.
>>
>> 2.  I can add a more thorough discussion of the law enforcement ask, the
>> IP lawyer ask, etc. and why option 3 deals with those issues successfully.
>>
>> 3.  I can discuss the data commissioner's expressed views on these
>> matters.  There will be no support from them for a wholesale cutting off of
>> access for cyber investigators.  IF you have any ideas on how to square
>> that circle, I am all ears.  It is a big problem....while I can be accused
>> of caving in to a moderate position because I have been both a govt
>> policy/legislative wonk and an exec in a privacy commissioner's office, I
>> think you have to acknowledge I have decades of experience fighting off law
>> enforcement in back rooms.  If we want to be taken seriously, we have to
>> acknowledge there is a problem. (it is of course their fault there is a
>> problem, but that is another narrative....)
>>
>> I am also very happy saying there is a wide range of views in NCSG.  But
>> if you want a narrow answer to the question of whether it is 2b or 3,
>> please pay attention to what Goran said in the IPC webinar the other
>> day...do not feel tied to 1,2, or 3, we simply pulled them into models.
>> COmments on all aspects raised, suggestions of other models etc are welcome.
>>
>> SO I think we can say of your models we like 2b for this, 3 for that, and
>> our favorite proposal so far is the ECO one.  Strategically, and bearing in
>> mind we still have years of pdps ahead of us and this is an interim
>> measure, supporting the registrars seems to me a good idea, particularly
>> when they have gone to the work and expense they have to produce an
>> excellent proposal.
>>
>> Have to go drop  the dog at camp, perhaps we can talk this evening in LA
>> or tomorrow morning at breakfast?
>>
>> cheers Steph
>> On 2018-01-28 10:36, farzaneh badii wrote:
>>
>> I tell you what is sticking in my throat Stephanie: You are way too late
>> and we relied on you and you delivered late. I don't want Law Enforcement
>> be viewed as legitimate force globally and you know where I am from. Does
>> Eco model address my worry?
>>
>> Farzaneh
>>
>> On Sun, Jan 28, 2018 at 10:29 AM, Stephanie Perrin <
>> stephanie.perrin at mail.utoronto.ca> wrote:
>>
>>> Well I am sorry that I did not get the comment in as well.  There is a
>>> lot to read and I have read it (unlike many).  WE need to know where the
>>> opposition is coming from.
>>>
>>> The ECO comments have been out there a while, and they deal with the
>>> models.  There is absolutely nothing wrong with endorsing another group's
>>> position.  Their legal analysis is excellent, in my view.
>>>
>>> Ignoring the reality that there is a cybercrime problem out there is, in
>>> my view, not a thoughtful position to take.  I can attempt to reword it if
>>> you point me to precisely what is sticking in your throats.  We want
>>> layered access....a failure to support layered access at this point in time
>>> will set us back years, we finally have ICANN agreeing to it.
>>>
>>> I am happy to send my comments in myself if you don't support them.  I
>>> think they are well informed and realistic.  I think Option 3 was thrown
>>> out there as a poison pill and I am not taking it.
>>>
>>> let me know.....
>>>
>>> cheers Steph
>>> On 2018-01-28 09:50, farzaneh badii wrote:
>>>
>>> Hello Stephanie
>>>
>>> Is eco model in the models that offered by Icann? Is it model 2b which
>>> you supported in the doc you sent us? If not then we cannot support it now.
>>> I suggest going for the highest protection now until we work out something
>>> better. You can always go down from highest protection to layered access
>>> etc but for now and since we don't have much time to reach consensus I
>>> think we can stick to model 3.  I wish you had sent us your document sooner
>>> so that we could work on it. Also your argument for not supporting model 3
>>> in the document is not really based on substance it's based on the fact
>>> that it won't get support in the community. There is a May deadline.
>>> Community can come up with consensus after the deadline on another leas
>>> protective model.  but ICANN org can't wait!
>>>
>>> I suggest pc members weigh in on this deadline is tomorrow and we would
>>> like to know our positoon before the intersessional.
>>>
>>> On Sun, Jan 28, 2018 at 9:17 AM Stephanie Perrin <
>>> stephanie.perrin at mail.utoronto.ca> wrote:
>>>
>>>> I will try to get the revised comments on the models that have been
>>>> submitted in before I run for  the plane at 2 EDT...but that may not
>>>> happen.  The legal analysis will come next week, it is a lot harder and
>>>> more complex....but I want to get my questions on the table.  It will be a
>>>> long time before this is over....
>>>>
>>>> We need to endorse the ECO model very strongly, in my view.  While
>>>> option 3 looks good, it is rather unworkable.
>>>>
>>>> cheers SP
>>>> On 2018-01-27 14:09, Ayden Férdeline wrote:
>>>>
>>>> Thanks Rafik
>>>>
>>>> I’m going to hold off on endorsing this for 24 hours until I read the
>>>> comments currently being drafted by Stephanie.
>>>>
>>>> To be clear, this is not to say that I do not endorse this statement.
>>>> It sounds logical to me and consistent with our principles. But if
>>>> Stephanie has a 15-page document coming I’d like to make sure we’re being
>>>> consistent in our messaging.
>>>>
>>>> Of course, being so close to the final day for submissions, I’ll write
>>>> again on-list tomorrow in the absence of any other statements being on the
>>>> table, as we cannot miss this submission deadline.
>>>>
>>>> Sincere thanks to Milton for drafting this.
>>>>
>>>> Best wishes, Ayden
>>>>
>>>> Sent from ProtonMail Mobile
>>>>
>>>>
>>>> On Sat, Jan 27, 2018 at 10:50, Rafik Dammak <rafik.dammak at gmail.com>
>>>> wrote:
>>>>
>>>> Hi all,
>>>>
>>>> We got a comment for the GDPR compliance model. The deadline for
>>>> submission ins the 29th Jan, which is the coming monday. We need act
>>>> quickly within this weekend .
>>>>
>>>> Best,
>>>>
>>>> Rafik
>>>>
>>>> ---------- Forwarded message ----------
>>>> From: "Mueller, Milton L" <milton at gatech.edu>
>>>> Date: Jan 26, 2018 6:05 PM
>>>> Subject: [NCSG-Discuss] Comments on the Whois compliance models
>>>> To: <NCSG-DISCUSS at listserv.syr.edu>
>>>> Cc:
>>>>
>>>> I offer the following as a first draft of the NCSG position on the 12
>>>> January 2018 call for comments released by ICANN org.
>>>>
>>>>
>>>>
>>>> Principles
>>>>
>>>> Our evaluation of the models offered by ICANN are based on three
>>>> fundamental principles. No model that fails to conform to all three is
>>>> acceptable to the NCSG.
>>>>
>>>>
>>>>
>>>> 1. The purpose of whois must be strictly tied to ICANN's mission. That
>>>> is, the data that is collected and the data that are published must
>>>> directly and demonstrably contribute to ICANN's mission as defined in
>>>> Article 1 of its new bylaws. We reject any definition of Whois purpose that
>>>> is based on the way people happen to make use of data that can be accessed
>>>> indiscriminately in a public directory. The fact that certain people
>>>> currently use Whois for any purpose does not mean that the purpose of Whois
>>>> is to provide thick data about the domain and its registrant to anyone who
>>>> wants it for any reason.
>>>>
>>>>
>>>>
>>>> 2. Whois service, like the DNS itself, should be globally uniform and
>>>> not vary by jurisdiction. ICANN was created to provide globalized
>>>> governance of the DNS so that it would continue to be globally compatible
>>>> and coordinated. Any solution that involves fragmenting the policies and
>>>> practices of Whois along jurisdictional lines is not desirable.
>>>>
>>>>
>>>>
>>>> 3. No tiered access solution that involves establishing new criteria
>>>> for access can feasibly be created in the next 3 months. We would strongly
>>>> resist throwing the community into a hopeless rush to come up with entirely
>>>> new policies, standards and practices involving tiered access to data, and
>>>> we do not want ICANN staff to invent a policy that is not subject to
>>>> community review and approval.
>>>>
>>>>
>>>>
>>>> Based on these three principles, we believe that Model 3 is the only
>>>> viable option available. Model 3 minimizes the data publicly displayed to
>>>> that which is required for maintaining the stability, security and
>>>> resiliency of the DNS. Model 3 could be applied across the board, and would
>>>> be presumptively legal regardless of which jurisdiction the registrar,
>>>> registry or registrant are in. And Model 3 relies on established legal due
>>>> process for gaining access to additional information.
>>>>
>>>>
>>>>
>>>> There is room for discussion about how much data could be publicly
>>>> displayed under Model 3 consistent with ICANN's mission. E.g., it may be
>>>> within ICANN's mission to include additional data in the public record,
>>>> such as an email address for the technical contact and even possibly the
>>>> name of the registrant.
>>>>
>>>>
>>>>
>>>> The process of gaining access to additional data in Model 1 is
>>>> completely unacceptable. Self-certification by any third party requestor
>>>> is, we believe, not compliant with GDPR nor does is such access justified
>>>> by the purpose of Whois or ICANN's mission.
>>>>
>>>>
>>>>
>>>> Model 2 might possibly be acceptable if an suitable set of criteria and
>>>> processes were devised, but it simply is not feasible for such a
>>>> certification program to be developed in 3 months. A certification program
>>>> thrown together in a rush poses huge risks for loopholes, poor procedures,
>>>> and a legal challenge to ICANN, either from DPAs or from individuals
>>>> affected.
>>>>
>>>>
>>>>
>>>> Dr. Milton L. Mueller
>>>>
>>>> Professor, School of Public Policy
>>>>
>>>> Georgia Institute of Technology
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> NCSG-PC mailing listNCSG-PC at lists.ncsg.ishttps://lists.ncsg.is/mailman/listinfo/ncsg-pc
>>>>
>>>> _______________________________________________
>>>> NCSG-PC mailing list
>>>> NCSG-PC at lists.ncsg.is
>>>> https://lists.ncsg.is/mailman/listinfo/ncsg-pc
>>>>
>>> --
>>> Farzaneh
>>>
>>>
>>
>> _______________________________________________
>> NCSG-PC mailing list
>> NCSG-PC at lists.ncsg.is
>> https://lists.ncsg.is/mailman/listinfo/ncsg-pc
>>
>>
>
>
> _______________________________________________
> NCSG-PC mailing listNCSG-PC at lists.ncsg.ishttps://lists.ncsg.is/mailman/listinfo/ncsg-pc
>
>
>
> _______________________________________________
> NCSG-PC mailing list
> NCSG-PC at lists.ncsg.is
> https://lists.ncsg.is/mailman/listinfo/ncsg-pc
>
>


-- 
Poncelet O. Ileleji MBCS
Coordinator
The Gambia YMCAs Computer Training Centre & Digital Studio
MDI Road Kanifing South
P. O. Box 421 Banjul
The Gambia, West Africa
Tel: (220) 4370240
Fax:(220) 4390793
Cell:(220) 9912508
Skype: pons_utd







*www.ymca.gm <http://www.ymca.gm>http://signaraglobalsolutions.com/
<http://signaraglobalsolutions.com/>http://jokkolabs.net/en/
<http://jokkolabs.net/en/>www.waigf.org
<http://www.waigf.org>www,insistglobal.com <http://www.itag.gm>www.npoc.org
<http://www.npoc.org>http://www.wsa-mobile.org/node/753
<http://www.wsa-mobile.org/node/753>*www.diplointernetgovernance.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncsg.is/pipermail/ncsg-pc/attachments/20180129/14e417af/attachment.htm>


More information about the NCSG-PC mailing list