<div dir="ltr">Dear Janis, <div><br></div><div>We would like to echo the sentiments of Volker, and our registrar colleagues. We understand that we are being pressed upon by numerous outside forces to move matters along; however, not only are such matters best served by time to consider the question or statement posed, more practically speaking, and as has been noted previously, we are merely representatives of much larger groups and cannot provide meaningful approval to many substantive matters in the span of seconds. In matters of substance, we may find ourselves unable to provide comment, one way or the other, without time to canvass our broader groups, for discussions and instructions. This may appear as silence, but we assure that it is neither indicative of assent nor dissent, merely an indicator that we are not in a position to yet comment without further reflection.</div><div><br></div><div>We understand the need to move matters along, and indeed, in non contentious matters, I can accept that silence will be acceptable, but, we do expect that in matters of a more substantive nature, including and for example, where comments to a document are to serve as the basis for draft policy recommendations, we would expect that such matters are to be decided on a more affirmative basis and we cannot support silence as being a valid indicator of approval in such instances. </div><div><br></div><div>Thank you for your continuing patience,</div><div><br></div><div>Alan </div><div><br></div><div><br></div><div><br></div><div><br clear="all"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><table style="padding:0px;margin:10px 0;border:none"><tbody><tr><td style="vertical-align:middle;padding:0px 7px 0px 0px"><a href="http://donuts.domains" rel="nofollow" target="_blank"><img alt="Donuts Inc." height="75" src="https://storage.googleapis.com/signaturesatori/customer-C02zzlf7k/images/-54f9d8ac97e7f575bf497d10ac1f1aafafddf8afceab5f269d49034f01b3217b.png" width="75"></a></td><td style="vertical-align:middle;padding:0px 7px 0px 0px;text-align:left">
<div style="font-family:'tahoma',sans-serif;font-size:14px;line-height:17px;font-weight:bold;color:black"><span style="font-size:12px"><span style="font-family:'arial','helvetica',sans-serif"><span style="color:rgb(51,51,51)">Alan Woods</span></span></span></div>
<div><span style="font-size:12px"><span style="font-family:'arial','helvetica',sans-serif"><span style="color:#333333">Senior Compliance & Policy Manager, Donuts Inc.</span></span></span>
<hr><span style="font-size:11px"><span style="font-family:'arial','helvetica',sans-serif"><span style="color:#333333">The Victorians, </span></span></span></div><div><font color="#333333" face="arial, helvetica, sans-serif"><span style="font-size:11px">15-18 Earlsfort Terrace<br style="background-color:rgb(34,34,34)">
Dublin 2, County Dublin</span></font><br style="color:rgb(214,214,214);font-family:'open sans';font-size:12px;background-color:rgb(34,34,34)"><font color="#333333" face="arial, helvetica, sans-serif"><span style="font-size:11px">
Ireland</span></font><br>
<span style="font-size:11px"><span style="font-family:'arial','helvetica',sans-serif"></span></span><br>
<span style="line-height:36px"><a href="https://www.facebook.com/donutstlds" rel="nofollow" target="_blank"><img src="http://storage.googleapis.com/signaturesatori/icons/facebook.png"></a> <a href="https://twitter.com/DonutsInc" rel="nofollow" target="_blank"><img src="http://storage.googleapis.com/signaturesatori/icons/twitter.png"></a> </span><a href="https://www.linkedin.com/company/donuts-inc" rel="nofollow" target="_blank"><span style="font-size:14px"><img src="http://storage.googleapis.com/signaturesatori/icons/linkedin.png"></span></a></div>
</td></tr></tbody></table><br>
</div><div><span style="font-size:12pt;font-family:Cambria,serif">Please NOTE: This electronic message, including any attachments, may include privileged, confidential and/or inside information owned by Donuts Inc. . </span><span style="font-size:12pt;font-family:Cambria,serif">Any distribution or use of this communication by anyone other than the intended recipient(s) is strictly prohibited and may be unlawful. If you are not the intended recipient, please notify the sender by replying to this message and then delete it from your system. Thank you.</span><br></div></div></div></div></div></div></div></div></div></div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Jul 26, 2019 at 5:38 PM Volker Greimann <<a href="mailto:vgreimann@key-systems.net">vgreimann@key-systems.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF">
<p>Just to add to my previous mail, we will be adding in some
comments into the document today, but this is not to say there
will not be further comments down the road. Also note that not
commenting does not mean agreement.</p>
<p>We also did not register the action on the call, which is
probably why we did not object then.<br>
</p>
<p>Best,</p>
<p>Volker<br>
</p>
<div class="gmail-m_-599757340101471059moz-cite-prefix">Am 26.07.2019 um 18:28 schrieb jk:<br>
</div>
<blockquote type="cite">
<div class="gmail-m_-599757340101471059WordSection1">
<p class="MsoNormal"><span style="font-size:11pt;color:rgb(31,73,125)">Volker,<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;color:rgb(31,73,125)"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;color:rgb(31,73,125)">Your concern is
noted. <u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;color:rgb(31,73,125)"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;color:rgb(31,73,125)">We will discuss
submitted early inputs in one of the next plenary meetings.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;color:rgb(31,73,125)"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;color:rgb(31,73,125)">I would like to use
this opportunity to encourage team members raise their voice
during the meetings if you are not sure about the proposal
of the Chair. Without seeing body language, it is hard to
say if proposal is acceptable. I take silence as approval.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;color:rgb(31,73,125)"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;color:rgb(31,73,125)">Best regards<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11pt;color:rgb(31,73,125)">JK<u></u><u></u></span></p>
<p class="MsoNormal"><a name="m_-599757340101471059__MailEndCompose"><span style="font-size:11pt;color:rgb(31,73,125)"><u></u> <u></u></span></a></p>
<div>
<div style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0in 0in">
<p class="MsoNormal"><b><span style="font-size:11pt;color:windowtext">From:</span></b><span style="font-size:11pt;color:windowtext">
Gnso-epdp-team [<a class="gmail-m_-599757340101471059moz-txt-link-freetext" href="mailto:gnso-epdp-team-bounces@icann.org" target="_blank">mailto:gnso-epdp-team-bounces@icann.org</a>]
<b>On Behalf Of </b>Volker Greimann<br>
<b>Sent:</b> Friday, July 26, 2019 6:20 PM<br>
<b>To:</b> <a class="gmail-m_-599757340101471059moz-txt-link-abbreviated" href="mailto:gnso-epdp-team@icann.org" target="_blank">gnso-epdp-team@icann.org</a><br>
<b>Subject:</b> Re: [Gnso-epdp-team] Notes and action
items from EPDP Meeting #12 - 25 July 2019<u></u><u></u></span></p>
</div>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
<p>Hi Ariel,<u></u><u></u></p>
<p>we are concerned with your assumption under Action Item 1. <u></u><u></u></p>
<p>We were working under the understanding that this would be
subject to another plenary session and we did not have
sufficient time to deliberate the eqarly input document with
the entire group. Also, just because no clarifying questions
have been raised does not mean that the contents of the
document are a consensus position agreed by all. No questions
means just that, no questions. But not necessarily agreement.
<u></u><u></u></p>
<p>We may very well end up agreeing with the contents of the
document, but we are not there yet. <u></u><u></u></p>
<p>We therefore respectfully request that this not be taken as
basis for drefting the initial report quite just yet.<u></u><u></u></p>
<p>Best regards,<u></u><u></u></p>
<p>Volker Greimann<u></u><u></u></p>
<div>
<p class="MsoNormal">Am 26.07.2019 um 17:10 schrieb Ariel
Liang:<u></u><u></u></p>
</div>
<blockquote style="margin-top:5pt;margin-bottom:5pt">
<p class="MsoNormal"><span style="font-size:11pt">Dear EPDP
Team:</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt">Below,
please find the notes and action items from yesterday’s
EPDP Team Meeting.</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt">As a
reminder, the next EPDP Team Meeting will be Thursday, 1
August at 14:00 UTC.</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt"><br>
Best regards,</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt">Marika,
Caitlin, Berry (and Ariel – assisted with notetaking)</span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt"> </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt"> </span><u></u><u></u></p>
<p class="MsoNormal"><b><span style="font-size:11pt">EPDP
Phase 2 - Meeting #12</span></b><u></u><u></u></p>
<p class="MsoNormal"><b><span style="font-size:11pt">Thursday,
25 July 2019</span></b><span style="font-size:11pt"> at
14:00 UTC</span><u></u><u></u></p>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><b><u><span style="color:rgb(51,51,51)">Action Items: </span></u></b><u></u><u></u></p>
<ol style="margin-top:0in" start="1" type="1">
<li class="MsoNormal" style="color:rgb(51,51,51);margin-top:16pt;vertical-align:baseline"><span style="font-family:"Times New Roman",serif">If
no further clarifying questions are submitted in
response to the early input document by the deadline (25
July 2019), staff to consider the comments in the
development of the draft policy recommendations and
draft Initial Report. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Staff
to set up survey for the EPDP Team to rank and identify
the most representative case in each group of the use
case categorization. EPDP Team to complete the survey by
COB <b>Monday, 29 July</b>. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Staff
to compile the input submitted on
automation/accreditation to assist the EPDP Team in its
substantive discussions during next week’s call and
future calls. Leadership team to develop initial
thoughts paper on accreditation to kick start
discussions.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Chris
Lewis-Evans to incorporate input received from the EPDP
Team and continue fine tuning the use case (GAC
LEA1-13719-1), which is expected to be attached in the
annex to the Initial Report. Updated version to be
posted on the Wiki and the leadership to make a further
recommendation for how to finalize the use case. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">In
meeting on Thursday, 1 August, the EPDP Team to devote
part of the meeting to discuss initial reaction from
members on the SSAC Crime-Abuse Investigation Use Case.
EPDP Team to provide input by writing no later than <b>14:00
UTC on Monday, 29 July</b>. More detailed discussion
about this use case will take place in the meeting on 8
August. <u></u><u></u></span></li>
</ol>
<p class="MsoNormal"><b><span style="font-size:11pt"> </span></b><u></u><u></u></p>
<p class="MsoNormal"><b><span style="font-size:11pt">Notes </span></b><u></u><u></u></p>
<p class="MsoNormal" style="font-variant-caps:normal;text-align:start;word-spacing:0px"><i><span style="font-size:11pt">These high-level notes are
designed to help the EPDP Team navigate through the
content of the call and are not meant as a substitute
for the transcript and/or recording. The MP3,
transcript, and chat are provided separately and are
posted on the wiki at:<span class="gmail-m_-599757340101471059apple-converted-space"> <a href="https://community.icann.org/x/l6ajBg" target="_blank">https://community.icann.org/x/l6ajBg</a>
</span></span></i><u></u><u></u></p>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">1. Roll Call & SOI Updates (5
minutes)</span><u></u><u></u></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);margin-top:16pt;vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Attendance
will be taken from Zoom<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Remember
to mute your microphones upon entry to Zoom, which is
typically the first icon on the left on the bottom
toolbar.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Please
state your name before speaking for transcription
purposes.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Please
remember to review your SOIs on a regular basis and
update as needed. Updates are required to be shared with
the EPDP Team<u></u><u></u></span></li>
</ul>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">2. Confirmation of agenda (Chair)</span><u></u><u></u></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);margin-top:16pt;vertical-align:baseline"><span style="font-family:"Times New Roman",serif">No
objections <u></u><u></u></span></li>
</ul>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">3. Welcome and housekeeping issues
(Chair) (10 minutes)</span><u></u><u></u></p>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">a) Update from Legal Committee</span><u></u><u></u></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);margin-top:16pt;vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Started
out by reviewing prior session’s action items and
questions <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Reviewed
the remaining questions, narrowed down the scope, and
those questions will be evaluated based on the needs of
Phase 2. Near term goal is to understand all the legal
requirements and try to develop sizing for requesting
additional resources from the Board. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Next
LC meeting is 6 August. <u></u><u></u></span></li>
</ul>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">b) Early input review status
(deadline 25 July)</span><u></u><u></u></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);margin-top:16pt;vertical-align:baseline"><span style="font-family:"Times New Roman",serif">A
number of groups responded to the EPDP Team’s request
for early input. This input was subsequently organized
by staff in the form of an early input review tool. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Following
EPDP Team discussion, input regarding SSAD has been
incorporated into SSAD worksheet for EPDP Team review.
In addition, the EPDP Team agreed to review the input
received and document any clarifying questions in the
google doc that was created.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Deadline
for clarifying questions on the early input was Thursday
25 July. No comments/questions were received at the time
of the call. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">ACTION
ITEM: If no further clarifying questions are submitted
in response to the early input document by the deadline
(25 July 2019), staff to consider the comments in the
development of the draft policy recommendations and
draft Initial Report. <u></u><u></u></span></li>
</ul>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">4. Use Cases Categorization (10
minutes)</span><u></u><u></u></p>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">a) Review proposed categorization
put forward by small team</span><u></u><u></u></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);margin-top:16pt;vertical-align:baseline"><span style="font-family:"Times New Roman",serif">A
small group of volunteers agreed to work with staff.
Based on the original staff categorization and
incorporating input from NCSG, BC and IPC,
staff/volunteers went through a number of iterations to
review the use cases. Important to note that no use case
has been eliminated as a result of this exercise.
Objective is to identify the most representative case
for each category as a starting point for the
deliberations. Following review of the most
representative use case in each category, the EPDP Team
can then decide whether additional cases need to be
reviewed. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">5
groups, as noted on the document. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Appreciation
to Milton, Margie, Chris, and Brian for their
contributions to this exercise. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Chair’s
proposal: Identify in each group, the most
representative use case that the EPDP Team should look
at first, starting from Group 1. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">We
have already made decisions where to start. First group
1. After that, group 2, move to group 4 and then group 3
or 5. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Staff
to put in survey format and ask EPDP Team members to
respond to the survey by COB Monday, 29 July. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Review
the representative use case first, and see whether any
issue associated other use cases that warrant being
reviewed. Not sure whether there is time to do an in
depth review of each of them. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">For
the rest of the cases, maybe only look at the
differences instead of an in depth review. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Would
it be useful to map the stages (e.g., a series of
questions) that a compliant organization must go through
as it determines whether it is a legitimate request for
information. Who? What scope? Under what authority? Etc.
Left column of the use cases are geared toward answering
those questions and providing a framework for
discussions. In reality we are talking about rather
simple system. Supply is the Registry/Registrar, and
they have the building blocks. Going through the use
cases is to understand each of the building blocks. <u></u><u></u></span></li>
</ul>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">b) Confirm proposed categorization</span><u></u><u></u></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);margin-top:16pt;vertical-align:baseline"><span style="font-family:"Times New Roman",serif">No
objection <u></u><u></u></span></li>
</ul>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">c) Confirm new ranking survey &
deadline to determine most representative use case in each
category</span><u></u><u></u></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);margin-top:16pt;vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Staff
to set up survey for the EPDP Team to rank and identify
the most representative case in each group of the use
case categorization. EPDP Team to complete the survey by
COB Monday, 29 July. <u></u><u></u></span></li>
</ul>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt;background:rgb(252,252,252)"><span style="color:rgb(51,51,51)">5. Use case – first reading: </span><a href="https://community.icann.org/download/attachments/111386876/SSAC%20Crime-Abuse%20Investigation%20Use%20Case%20-%2011%20July%202019.docx?version=1&modificationDate=1562865007000&api=v2" target="_blank"><span style="color:rgb(0,82,204)">Investigation
of criminal activity where domain names are used.
Typical specific example: phishing attack</span></a><span style="color:rgb(51,51,51)"> (60 minutes)</span><u></u><u></u></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);margin-top:16pt;vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Chair’s
proposal: EPDP Team to identify the difficulty in the
first reading of the case (SSAC Crime-Abuse
Investigation Use Case), present them in writing and
share on the mailing list. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Defer
the discussion of the use case till 8 Aug due to Greg’s
absence during next week’s meeting? Provide initial
overview during today’s meeting with ability for EPDP
Team to share initial observations during today’s and
next week’s meeting, followed by in depth review during
8 August EPDP Team meeting.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Review
a set of tasks / purposes that occur in a number of
cyber crime cases. Some are done by investigators in
private realm. Some steps are done by law enforcement
due to the same goal. Purpose here is to explain how
things work practically and see what issues would
surface. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Start
with practical instances (i.e., recital 49) about the
processing of data. Then compromised/malicious
registrations. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
A, law enforcement may also rely on these parties and
techniques. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
B, Tasks 1-2: reasons why the data are requested and
used. Maliciously registered means somebody uses the
domain name to commit a crime. If a domain name is
maliciously registered, suspending the domain name is an
option. If a domain name is compromised, you don’t want
to suspend the domain. Reputational providers do not
generally block domains. Some just list domain names and
say don’t have anything to do with them. You need to
determine what additional domains may be related. The
issue is dealing with ongoing harm. You can determine
what other domain names are on the same IP address,
which may not be operated by the same bad actor. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
B, Task 3: If the contact data is bogus, it is a sign of
bad faith. Sometimes criminals do a poor job of faking
the data. Accessing accuracy is important. Comment from
EPDP Team members: Bogus data is not automatically a
sign of bad faith. And your accuracy check has to be
done by compliance. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
B, Task 4: Need to document the case and preserve the
reason why you made the decision of suspending the
domain name and substantiate why the domain name is
problematic. Be responsible and give decision makers
the information they need. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
B, Task 5: law enforcement and private parties do this.
Private parties may want to avoid associated assets. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
B, Task 6: many aspects involve automation. Some block
lists use algorism. The system that protects people
involve a high degree of automation. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">So
how does 49 relate to domain names? When domains are as
the mechanism for the cybercrime attack, the “ability of
a network to resist…” will largely be based on the
ability to continue to allow traffic from said domain,
or (as Greg is explaining) to block / reject any further
traffic from or access to said domain.</span><span lang="ZH-CN">
</span><span style="font-family:"Times New Roman",serif"><u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">How
can you describe things generally and then go to nitty
gritty issues like automation. you need to be very
specific in other fields as well. Don’t see a Use Case
here. Need clear explanation on how all those recitals
and all the clauses apply to these issues. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">It
is an issue with the law but not what ICANN/EPDP Team
can fix. We still have to apply the law as best as
possible, but EPDP Team cannot make any effort to change
the law. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">The
EPDP Team needs to work on how to deal with the balance
of the law. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">The
internet will die far faster if people are advocating
breaking it because people did not involve themselves in
the crafting of such law. For example the e-privacy
regulations were stalled because an affected party
advocated on how the law would have an unintended
consequence. Again ICANN cannot fix the way it is, we
can only figure out a way of making the "new" post GDPR
world better .... including shaping future legislative
endeavors - not by ICANN policy supporting a bending of
that law.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">They
should be reported to law enforcement. Not like Brian
Krebs just putting out info of the attackers wife on a
public blog. <a href="https://krebsonsecurity.com/2017/07/who-is-the-govrat-author-and-mirai-botmaster-bestbuy/" target="_blank"><span style="color:rgb(17,85,204)">https://krebsonsecurity.com/2017/07/who-is-the-govrat-author-and-mirai-botmaster-bestbuy/</span></a></span><span lang="ZH-CN">
</span><span style="font-family:"Times New Roman",serif">
security researchers need to do their research
diligently without harming those who are not involved.</span><span lang="ZH-CN">
</span><span style="font-family:"Times New Roman",serif"><u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Suggest
that people do their research on how investigations by
private actors are managed under DP law in the meantime,
and talk about the case the following week. While
cybercrime is a good example of rampant regulatory
avoidance, it is not the only one. However, it does not
work well under data protection law (competition law
also being relevant but not in our remit).</span><span lang="ZH-CN">
</span><span style="font-family:"Times New Roman",serif"><u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">The
need is to stop the harmful activity, it is not to
identify the guilty party. You don’t need redacted data
to substantiate the domain. There will be a lot of
information that won’t be redacted. Support efforts by
private actors to sweep through the information to stop
attacks, but we don’t need to open up the data. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">The
practical issue is that the vast majority of the cases
do not involve law enforcement or are being reported.
Law enforcement does not have the resources. A lot is
done by relying on contract. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Phone
number is relevant when its relevant. This use case
doesn't cover those instances where passive DNS (for
example) was sufficient. They do exist, but not relevant
to this use case</span><span lang="ZH-CN">
</span><span style="font-family:"Times New Roman",serif">. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">ACTION
ITEM: In the meeting on Thursday, 1 August, the EPDP
Team to devote part of the meeting to discuss initial
reaction from members on the SSAC Crime-Abuse
Investigation Use Case. EPDP Team to provide input by
writing no later than 14:00 UTC on Monday, 29 July. More
detailed discussion about this use case will take place
in the meeting on 8 August. <u></u><u></u></span></li>
</ul>
<p class="MsoNormal"><span style="font-size:11pt"> </span><u></u><u></u></p>
<p style="margin:0in 0in 0.0001pt;background:rgb(252,252,252)"><span style="color:rgb(51,51,51)">6. Use case – final reading: </span><a href="https://community.icann.org/download/attachments/111386876/Use%20Case%20-%20GAC%20LEA1-13719.docx?version=1&modificationDate=1563377116000&api=v2" target="_blank"><span style="color:rgb(0,82,204)">Investigation
of criminal activity against a victim in the
jurisdiction of the investigating EU LEA requesting data
from a non-local data controller</span></a><span style="color:rgb(51,51,51)"> (30 minutes)</span><u></u><u></u></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);margin-top:16pt;vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Chair’s
Proposal: deal with this item before the first reading
of item #5<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Starting
from g) Safeguards (requirements) applicable to the
Entity Disclosing the Nonpublic Registration Data <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">See
responses from Chris Lewis-Evans to comments submitted
by RrSG on this use case. Chris agrees with Registrar
group’s suggestion re Section C, as it gives an
increasing level of accuracy. Agree with the suggested
change in Section D by the registry group. Section F,
agree with the suggested change.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Chris
Lewis-Evans will also consider additional registrars’
comments/questions. Registrar reps indicated that they
will need a couple of days to review the responses Chris
provided and may respond further on the list once they
have had a chance to do that. Don’t take silence as
complete agreement.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Re
6(1)F, the legal authority needs to be identified. EPDP
Team is not expert to verify that. Ensure that LEA
establishes the legal authority itself. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
H: <u></u><u></u></span></li>
</ul>
<ul style="margin-top:0in" type="disc">
<ul style="margin-top:0in" type="circle">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Clarify
the comments from registrars, add safeguards under
automated system which may be different. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Need
to have a discussion about how the automated system
works. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Probably
useful to drop a footnote in the template to provide
the explanation Chris just gave so it’s clear on its
face and avoids later confusion and uncertainty. <u></u><u></u></span></li>
</ul>
</ul>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
I, no further comments/requests. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
J: <u></u><u></u></span></li>
</ul>
<ul style="margin-top:0in" type="disc">
<ul style="margin-top:0in" type="circle">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">First
time discussing accreditation. It is a chicken-egg
situation, as it depends on the standardized system.
Jurisdiction and legal basis would be necessary for an
accreditation body to look at. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">There
are differences between accreditation and validation.
Some suggested to first discuss validation first, as
it has different forms which can or cannot be
automated. Accreditation might then be fully
automated. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">“Validation”
probably means “authentication” that is covered in
Section K. We need to deal with accreditation first
before authentication. There may be one exceptional
case that one can be authenticated before
accreditation, but it does not justify changing the
default order.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">This
depends on the implementation of the standard system.
Even we don’t end up with having a centralized system,
we can still do it. A decentralized system can still
have value. The same standards can be centralized and
also applied in decentralized way.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">The
“code of conduct” may not be part of the
accreditation. Disclosure / nondisclosure related
issues belong more in the safeguard section. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">EPDP
Team can create a special accreditation entity that
consists of one group or many groups. There are a
number of options. But first need to see whether there
is a broad agreement that accreditation as a principle
should be introduced in the standard. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">EPDP
Team needs a set of definitions because people are
using the terms in different ways, and for
accreditation, there are two aspects. Accredditing of
a group to be eligible to use a system (or make a
manual request) and accrediting an individual
requester to be part of that group.</span><span lang="ZH-CN">
</span><span style="font-family:"Times New Roman",serif">
This is what we currently have in the chair’s working
definitions document: “Accreditation – refers to the
process or action of recognizing a person as having a
particular identity, possibly with an associated
affiliation or status.”<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">See
Chair’s working definitions here: <a href="https://community.icann.org/x/-5WjBg%5C" target="_blank"><span style="color:rgb(17,85,204)">https://community.icann.org/x/-5WjBg</span></a>.
Strongly suggest to flesh out the details when people
are using different meanings for the same terms. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">There
is no accreditation body that the EPDP Team needs to
define or create. The EPDP Team does not need to
determine what the accreditation elements/criteria
are. Specifically about the LEA, it is up to the law
enforcement and the coalition of law enforcement
bodies to do it. Part of this comment will represent
part of the policy statement. As a policy matter,
there should be accreditation, the accreditation
should ensure certain aspects/points, etc. We can
develop general policies on accreditation and it is in
our work plan. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">There
would be some “approved” list of accredited based on
some the set of criteria.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Another
consideration, albeit not an immediate problem, is
about authoritarian government, human rights
protection, cloud act, etc. We can accredit a law
enforcement agency as a legitimate one, but if there
is a national law that allows the agency to
investigate or harass people that criticize the
government, how do we want to handle that? Do we want
to have additional human rights protection attached to
the accreditation criteria? <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">A
lot of those human rights concerns can be addressed by
the terms of use, ensuring there is strong enforcement
of the terms of use. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">General
policies to keep authoritarian countries away from
disclosure and accreditation? Don’t think this group
can do that. Also some of these countries are
allegedly undertaking cyber attacks. Whatever this LEA
accreditation body would be, civil society would
definitely have to be involved in the definitions, but
this is outside of our remit. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Somebody
accredited does not mean he/she has a valid request.
You have to review each request to ensure it is valid.
There is a responsibility for the entity that releases
the data to validate the request. We all agree at
this point that accreditation doesn't assume
guaranteed access. A valid form of accreditation is
merely a factor in the 6(1)f balance - or in the case
of jurisdiction - a confirmation that there is a legal
obligation on that controller in that jurisdiction.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Does
every single contracted party need to act as its
accreditation body? This may not be implementable. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">The
correct safeguards for both the accreditation and the
authentication levels need to be developed. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">If
we are talking about a fully automated accreditation
process, law enforcement organizations can be done
easily, but not so easy to accredit other kinds of
organizations. Need some human intervention. Also need
a decision making process, which can be automated
possibly. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Staff
have grouped the input on accreditation together,
aligning with the relevant charter questions (but no
definition): <u></u><u></u></span></li>
</ul>
</ul>
<ul style="margin-top:0in" type="disc">
<ul style="margin-top:0in" type="circle">
<ul style="margin-top:0in" type="square">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span>b) What are the unanswered policy
questions that will guide implementation? </span><span lang="ZH-CN">
</span><span><u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span>b1) How will credentials be
granted and managed? </span><span lang="ZH-CN">
</span><span><u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span>b2) Who is responsible for
providing credentials? </span><span lang="ZH-CN">
</span><span><u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span>b3) How will these credentials be
integrated into registrars’/registries’ technical
systems?</span><span lang="ZH-CN">
</span><span><u></u><u></u></span></li>
</ul>
</ul>
</ul>
<ul style="margin-top:0in" type="disc">
<ul style="margin-top:0in" type="circle">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Chair’s
proposal: When accreditation is discussed next time,
Staff to pull out their compilation of everything that
has been submitted on accreditation and identification
related processes to help inform EPDP Team’s further
deliberation on this fundamental building block. <u></u><u></u></span></li>
</ul>
</ul>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
L: <u></u><u></u></span></li>
</ul>
<ul style="margin-top:0in" type="disc">
<ul style="margin-top:0in" type="circle">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Come
back to “credentialing” in a more structured way when
reviewing the next case. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">We
add a footnote to note it.</span><span lang="ZH-CN">
</span><span style="font-family:"Times New Roman",serif"><u></u><u></u></span></li>
</ul>
</ul>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
M: <u></u><u></u></span></li>
</ul>
<ul style="margin-top:0in" type="disc">
<ul style="margin-top:0in" type="circle">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">it
is up to the LEA whether there is any urgency. In
certain cases, a specific quick turn around may be
necessary, but 2 days across the board may be too
restrictive. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">There
is concept of acknowledging the requests, whether the
data will be delivered. Some requests have higher
priority and some requests demand different levels of
confidentiality. Need to accommodate these concepts. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">If
you have a lot of requests, you have to staff up too.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Maybe
Section M and Section O should be different. The level
of requests is just for the LEA’s consideration, and
that level is generally lower than other kinds of
requests. Maybe 4 business days would be more than
reasonable? Some exceptions can be made and listened
to. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">We
cannot apply go daddy standards to all Registrars. It
is a long tail data set, and many registrars may have
one request/day, aligning with their size of business.
There is a natural balancing. Also need to factor in
that not all registrars will receive the same volume
of requests - this may be aligned with the # of domain
names under management. <u></u><u></u></span></li>
</ul>
</ul>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
N: <u></u><u></u></span></li>
</ul>
<ul style="margin-top:0in" type="disc">
<ul style="margin-top:0in" type="circle">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Is
it possible to have an automated decision? How
determinations are made when there is disagreement? We
can automate processes, but not all processes can be
automated. Need to evaluate all the information
received before moving forward. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">If
an LEA makes a request for 10,000 records all based on
the same legal basis and investigation, could the
request be manually reviewed but once approved the
delivery of the data automatic? <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">There
may be instances that some data fields can be released
safely for bona fide parties. Automated does not mean
all the way to finish, it can be 80% of the process.
This is important to know by the practitioner. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">All
the details regarding use cases are relevant to what
can be automated or not. Focus on the use cases first
and then circle back to this question. Automation is
one of the charter questions and building blocks. <u></u><u></u></span></li>
</ul>
</ul>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
N: <u></u><u></u></span></li>
</ul>
<ul style="margin-top:0in" type="disc">
<ul style="margin-top:0in" type="circle">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Suggest
removing the word “possible” and leaving “desirable”.
A “possible" question should remain in the template,
though we may want to separate it from "desirable"</span><span lang="ZH-CN">
</span><span style="font-family:"Times New Roman",serif">
Data retention would be subject to legal requirements
in the jurisdiction of the LEA would it not? Might be
better to ask whether automation is consistent with
legal requirements/legal basis</span><span lang="ZH-CN">
</span><span style="font-family:"Times New Roman",serif">.<u></u><u></u></span></li>
</ul>
</ul>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">Section
P: not so clear, suggest the same language used in the
previous section for retention. There is no blanket
answer. <u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">ACTION
ITEM: Staff to compile the input submitted on
automation/accreditation to assist the EPDP Team in its
substantive discussions during next week’s call and
future calls. Leadership team to develop initial
thoughts paper on accreditation to kick start
discussions.<u></u><u></u></span></li>
<li class="MsoNormal" style="color:rgb(51,51,51);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">ACTION
ITEM: Chris Lewis-Evans to incorporate input received
from the EPDP Team and continue fine tuning the use case
(GAC LEA1-13719-1), which is expected to be attached in
the annex to the Initial Report. Updated version to be
posted on the Wiki and the leadership to make a further
recommendation for how to finalize the use case.<u></u><u></u></span></li>
</ul>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt;background:rgb(252,252,252)"> <u></u><u></u></p>
<p style="margin:0in 0in 0.0001pt;background:rgb(252,252,252)"><span style="color:rgb(51,51,51)">7. Any other business (5 minutes)</span><u></u><u></u></p>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">a) Priority 2 small team meetings
update</span><u></u><u></u></p>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">(1) Accuracy and WHOIS ARS (see </span><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__docs.google.com_document_d_1pS9Pibanj-2DHp6LztZpeERtxdoLsnp4y-5F-2Ddo0vU5VJuw_edit&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=QiF-05YzARosRvTYd84AB_UYInlydmFcjNmBM5XgySw&m=5YD7bD56hEe4pQH_dqUWfn942ryJsY558QEJfweSvL4&s=F6hmCB4N05tXAmHo8nuMH6_4YK5hSWXaa5p8T0SNwXw&e=" target="_blank"><span style="color:rgb(0,82,204)">https://docs.google.com/document/d/1pS9Pibanj-Hp6LztZpeERtxdoLsnp4y_-do0vU5VJuw/edit[docs.google.com]</span></a><span style="color:rgb(51,51,51)">)</span><u></u><u></u></p>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">(2) Input received on other priority
2 items from RrSG (see</span><a href="https://mm.icann.org/pipermail/gnso-epdp-team/2019-June/002174.html" target="_blank"><span style="color:rgb(0,82,204)">https://mm.icann.org/pipermail/gnso-epdp-team/2019-June/002174.html</span></a><span style="color:rgb(51,51,51)">)</span><u></u><u></u></p>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">(3) Leadership to recommend next
steps via mailing list</span><u></u><u></u></p>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">b) Council request for input on org
letter requesting clarification on Data Accuracy and
Phase-2 (see </span><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__gnso.icann.org_sites_default_files_file_field-2Dfile-2Dattach_marby-2Dto-2Ddrazek-2D21jun19-2Den.pdf&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=QiF-05YzARosRvTYd84AB_UYInlydmFcjNmBM5XgySw&m=5YD7bD56hEe4pQH_dqUWfn942ryJsY558QEJfweSvL4&s=YeVJr1ZFqKyDvbIDvXURXaal3PB4fqg3oghAsQwtfSA&e=" target="_blank"><span style="color:rgb(0,82,204)">https://gnso.icann.org/sites/default/files/file/field-file-attach/marby-to-drazek-21jun19-en.pdf[gnso.icann.org]</span></a><span style="color:rgb(51,51,51)">). EPDP Team to provide input on the
mailing list. Confirm deadline for input. </span><u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt"> </span><u></u><u></u></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:rgb(51,51,51);margin-top:8pt;background:rgb(252,252,252);vertical-align:baseline"><span style="font-family:"Times New Roman",serif">The
EPDP Team did not address these agenda items <u></u><u></u></span></li>
</ul>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt;background:rgb(252,252,252)"> <u></u><u></u></p>
<p style="margin:0in 0in 0.0001pt;background:rgb(252,252,252)"><span style="color:rgb(51,51,51)">8. Wrap and confirm next EPDP Team
meeting on Thursday 1 August 2019 at 14.00 UTC (5 minutes)</span><u></u><u></u></p>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">a) Confirm action items</span><u></u><u></u></p>
<p style="margin-right:0in;margin-left:0in;margin-bottom:0.0001pt"><span style="color:rgb(51,51,51)">b) Confirm questions for ICANN Org,
if any</span><u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal"><span style="font-size:11pt"> </span><u></u><u></u></p>
<p class="MsoNormal"><span><br>
<br>
<u></u><u></u></span></p>
<pre>_______________________________________________<u></u><u></u></pre>
<pre>Gnso-epdp-team mailing list<u></u><u></u></pre>
<pre><a href="mailto:Gnso-epdp-team@icann.org" target="_blank">Gnso-epdp-team@icann.org</a><u></u><u></u></pre>
<pre><a href="https://mm.icann.org/mailman/listinfo/gnso-epdp-team" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-epdp-team</a><u></u><u></u></pre>
<pre>_______________________________________________<u></u><u></u></pre>
<pre>By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (<a href="https://www.icann.org/privacy/policy" target="_blank">https://www.icann.org/privacy/policy</a>) and the website Terms of Service (<a href="https://www.icann.org/privacy/tos" target="_blank">https://www.icann.org/privacy/tos</a>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.<u></u><u></u></pre>
</blockquote>
<div>
<p class="MsoNormal"><span>-- <br>
Volker A. Greimann<br>
General Counsel and Policy Manager<br>
<strong>KEY-SYSTEMS GMBH</strong><br>
<br>
T: +49 6894 9396901<br>
M: +49 6894 9396851<br>
F: +49 6894 9396851<br>
W: <a href="http://www.key-systems.net" target="_blank">www.key-systems.net</a><br>
<br>
Key-Systems GmbH is a company registered at the local
court of Saarbruecken, Germany with the registration no.
HR B 18835<br>
CEO: Alexander Siffrin<br>
<br>
Part of the CentralNic Group PLC (LON: CNIC) a company
registered in England and Wales with company number
8576358.<u></u><u></u></span></p>
</div>
</div>
</blockquote>
<div class="gmail-m_-599757340101471059moz-signature">-- <br>
Volker A. Greimann<br>
General Counsel and Policy Manager<br>
<strong style="border-bottom:3px solid rgb(92,70,181)">KEY-SYSTEMS GMBH</strong><br>
<br>
T: +49 6894 9396901<br>
M: +49 6894 9396851<br>
F: +49 6894 9396851<br>
W: <a class="gmail-m_-599757340101471059moz-txt-link-abbreviated" href="http://www.key-systems.net" target="_blank">www.key-systems.net</a><br>
<br>
Key-Systems GmbH is a company registered at the local court of
Saarbruecken, Germany with the registration no. HR B 18835<br>
CEO: Alexander Siffrin<br>
<br>
Part of the CentralNic Group PLC (LON: CNIC) a company registered
in England and Wales with company number 8576358.</div>
</div>
_______________________________________________<br>
Gnso-epdp-team mailing list<br>
<a href="mailto:Gnso-epdp-team@icann.org" target="_blank">Gnso-epdp-team@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-epdp-team" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/listinfo/gnso-epdp-team</a><br>
_______________________________________________<br>
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (<a href="https://www.icann.org/privacy/policy" rel="noreferrer" target="_blank">https://www.icann.org/privacy/policy</a>) and the website Terms of Service (<a href="https://www.icann.org/privacy/tos" rel="noreferrer" target="_blank">https://www.icann.org/privacy/tos</a>). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.</blockquote></div>