[NCSG-PC] law enforcement authentication and RDRS

[farzaneh badii]

Hi all,

I am one of your reps on RDRS, the triage system for disclosure of domain
name private, sensitive data requests. Law enforcement is asking if they
can submit domain names to ICANN so that if registrars receive requests
from RDRS that information can be accompanied by it as well. I think this
is a better approach than what we have now that anybody can say I am law
enforcement. But we have to be careful and have accountability
mechanisms in place later on. Here is what Gabe from FBI requested:

During the RDRS meeting, Gabe noted that he’s working with the Public
Safety Working Group on both short-term and long-term approaches to support
ICANN community efforts around law enforcement authentication. As part of
the short-term solution, they are exploring a mechanism that involves
compiling a list of domain names tied to known law enforcement agencies.
The idea is that these domain names could be shared with ICANN technical
staff to integrate into the RDRS.

If someone submits a disclosure request via RDRS and the request comes from
an email address associated with a verified law enforcement domain, that
information could serve as an additional data point. This data point could
then be shared with registrars to help inform their disclosure decisions,
particularly in the context of rights balancing.

Gabe emphasized that this would involve minimal technical work and is still
exploratory. He’s asking the committee if there are any objections to him
passing these verified law enforcement domains to the RDRS staff, with the
goal of continuing this short-term work. He acknowledged this might not
need to be formally documented in the RDRS report, but raised it in case
there were concerns or feedback from the group.

Farzaneh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ncsg.is/pipermail/ncsg-pc/attachments/20250501/13a400e8/attachment.htm>