<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:#0563C1;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:#954F72;
        text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
        {mso-style-name:msonormal;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman",serif;}
span.EmailStyle18
        {mso-style-type:personal;
        font-family:"Calibri",sans-serif;
        color:#1F497D;}
span.EmailStyle19
        {mso-style-type:personal-compose;
        font-family:"Calibri",sans-serif;
        color:windowtext;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-family:"Calibri",sans-serif;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
--></style>
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Janis,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">This is a surprising message, to put it mildly. This expression of concern about the consistency of ICANN’s mission with its proposed role in the SSAD is a sudden
 and rather suspicious departure from nearly two years of ICANN Org statements and activities.
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Here is a quote from an Oct 2019 report issued by ICANN (not us), about a proposed UAM (</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><a href="https://www.icann.org/en/system/files/files/unified-access-model-gtld-registration-data-25oct19-en.pdf">https://www.icann.org/en/system/files/files/unified-access-model-gtld-registration-data-25oct19-en.pdf</a>)</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">:
<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:.5in"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-textfill-fill-alpha:100.0%">“The purpose of this document is to describe a possible model
 for access to non-public domain name registration data in gTLDs... In this proposed Unified Access Model (UAM),
<b>ICANN org would take on the responsibilities associated with the operation of a central gateway through which requests for access to non-public registration data would be accepted and processed.
</b>(emphasis added)</span><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:#1F4E79;mso-style-textfill-fill-color:#1F4E79;mso-style-textfill-fill-alpha:100.0%"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">There are other statements in that report which explicitly mention a role for ICANN in accrediting requestors.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Continuing, how many times have we been told by ICANN Org that WP29 and other European authorities expected “ICANN to develop and implement a model that will
 enable legitimate uses by relevant stakeholders, such as law enforcement, of personal data concerning registrants in compliance with the GDPR, without leading to an unlimited publication of those data.” The quote there is from a June 2019 letter from Goran
 Marby to Richard Green, head of the G7 High Tech Crime subgroup. I do not recall any questions about straying from mission being raised at that time.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Here is an Aug 2018 blog post from Mr Marby with much the same message:
</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"><a href="https://www.icann.org/news/blog/possible-unified-access-model-published-for-community-input">https://www.icann.org/news/blog/possible-unified-access-model-published-for-community-input</a></span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Are we now expected to believe that after two years of actively pushing for a centralized UAM/SSAD, that ICANN org has suddenly become deeply concerned about
 the possibility that the functions required to implement it are not within its mission? Are we really supposed to take these concerns seriously and spend time on them?
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Perhaps there is something I am missing. I would be happy to be enlightened as to what it is.
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Until I hear evidence to the contrary, my conclusion is that we do not need to reevaluate our assumptions, and we certainly do not need to give ICANN org the
 unearned authority to challenge or validate them. ICANN itself is the source of those assumptions. I think we need to ask ICANN for an honest explanation of why it is raising these concerns now, and what it hopes to accomplish by doing so.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Dr. Milton L Mueller<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Georgia Institute of Technology<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">School of Public Policy<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><img border="0" width="213" height="85" style="width:2.2152in;height:.8888in" id="Picture_x0020_1" src="cid:image001.png@01D62F90.026CD010" alt="IGP_logo_gold block"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> Gnso-epdp-team <gnso-epdp-team-bounces@icann.org>
<b>On Behalf Of </b>Janis Karklins<br>
<b>Sent:</b> Thursday, May 21, 2020 2:22 PM<br>
<b>To:</b> Goran Marby <goran.marby@icann.org>; EPDP <gnso-epdp-team@icann.org><br>
<b>Cc:</b> gnso-epdp-lead@icann.org<br>
<b>Subject:</b> [Gnso-epdp-team] Questions for clarification<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif">Dear Goran,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif">During recent meetings the EPDP Team has been examining public comments received on its Initial Report. Recommendations in the Initial Report are based on certain assumptions. For instance,
 the EPDP Team has been working under the assumption that ICANN Org (or its designee) would be the Accreditation Authority, and, accordingly, would be responsible for enforcing accredited SSAD users’ compliance with the Accreditation Policy, Acceptable Use
 Policy, etc. In addition, it is assumed that ICANN Org would perform the Central Gateway function.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif">Today’s discussion revealed that the Team’s assumptions may not be entirely correct. It was suggested that ICANN Org may have concerns regarding, for example, how this enforcement responsibility
 fits within its Mission and Bylaws as it is not yet clear how the contractual relationships would be structured between the Central Gateway Manager and accredited users, noting ICANN Org enforcement currently only occurs between ICANN Org and Contracted Parties
 where a direct contractual relationship exists.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif">It was also suggested that communication with ICANN Org would be useful to confirm all assumptions the Final report will be based on. In light of this, could ICANN Org please provide clarifications
 on the following questions: <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif">If SSAD becomes an adopted consensus policy, would ICANN Org will perform the Accreditation Authority function?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif">If SSAD becomes an adopted consensus policy, would ICANN Org will perform the central Gateway function?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif">If SSAD becomes an adopted consensus policy, would ICANN Org enforces compliance of SSAD users and involved parties with its consensus policy?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif"> <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif">Additionally, could ICANN Org please confirm the EPDP Team’s assumption that ICANN Org and
<span style="color:black">Contracted Parties are joint controllers regarding disclosure of registration data through the SSAD?</span><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black"> </span><span style="font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black">As the EPDP Team needs further information to prepare its final recommendations, we would appreciate answers, if possible, by
<b>Friday, May 29</b>. Thank you in advance.</span><span style="font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black"> </span><span style="font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black">Best regards</span><span style="font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Calibri",sans-serif;color:black">JK</span><span style="font-family:"Calibri",sans-serif"><o:p></o:p></span></p>
</div>
</div>
</body>
</html>