[gnso-rds-pdp-wg] Notes and action items from today's meeting

[Marika Konings]

Dear All,

Please find below the notes and action items from today’s meeting.

Best regards,

Marika

RDS PDP WG Meeting – 13 December 2016

These high-level notes are designed to help PDP WG members navigate through the content of the call and are not meant as a substitute for the transcript and/or recording. The MP3, transcript, and chat are provided separately and are posted on the wiki at: https://community.icann.org/x/C4xlAw.

1. Roll call / SOI

·         Roll call will be taken from Adobe Connect

·         Please remember to keep your SOIs up to date

2. Recap approach for key concepts deliberation

·         First deliberate on key concepts as outlined during last week's meeting

·         Key concepts are taken from sub-questions from charter, taking three areas earlier identified (users/purposes, data elements & privacy)

·         Iterative look at these three areas - bounce back and forth as needed to make sure that dependencies and interrelationships are addressed.

·         Other questions will be addressed following the work on these three questions.

·         Once sufficient agreement has been reached on a question (rough consensus) then the WG will move onto the next question.

·         After reaching rough consensus on key concepts, then go through possible requirements identified by WG.

3. Commence deliberations with question 2.1: 'Should gTLD registration data be accessible for any purpose or only for specific purposes?'


·         Note starting point taken from EWG Report (see section 2.1.1.)

·         Should any gTLD registration data be made available without a purpose? EWG response: 'no' should only be made available with a specific purpose. Purposes need to be defined by policy and stated at the time of a query.

a) Address question for thin data as defined by Thick WHOIS report ("A thin registry only stores and manages the information associated with the domain name. This set includes data sufficient to identify the sponsoring registrar, status of the registration, creation and expiration dates for each registration, name server data, the last time the record was updated in its Whois data store, and the URL for the registrar’s Whois service.")

·         Start with a smaller, hopefully less controversial set of registration data, namely 'thin' registration data. At the end, all registration need to be covered, but this forms a starting point for deliberation.

·         A thin registry only stores and manages the information associated with the domain name. This set includes data sufficient to identify the sponsoring registrar, status of the registration, creation and expiration dates for each registration, name server data, the last time the record was updated in its Whois data store, and the URL for the registrar’s Whois service.

·         EWG report also classified data that can be considered 'thin' data. EWG report said some data should always be public, but does purpose still need to be stated when this data is queried? Yes, that is what the EWG recommended - no authentication or verification but still need to state which domain name is queried and purpose for query. How would this be enforceable? EWG first looked at permissable purposes, then at data sets used for these purposes to determine what minimal information would / should be available publicly.

·         What is the purpose of thin gTLD data? See page 46 of EWG report "To meet basic domain control needs, the following Registrant-supplied data, which is mandatory to collect and low-risk to disclose, must be included in the minimum public data set:a. Domain Nameb. DNS Serversc. Registrant Typed. Registrant Contact ID (further defined in Section V)e. Registrant Email Addressf. Tech Contact IDg. Admin Contact IDh. Legal Contact IDi. Abuse Contact IDj. Privacy/Proxy Provider Contact ID (mandatory only if Registrant Type = Privacy/Proxy Provider)k. Business Contact ID (mandatory only if Registrant Type = Legal Person)" (EWG report, page 46)

·         In EWG report, Domain Name Control includes tasks such as "Creating, managing and monitoring a Registrant’s own domain name (DN), including creating the DN, updating information about the DN, transferring the DN, renewing the DN, deleting the DN, maintaining a DN portfolio, and detecting fraudulent use of the Registrant’s own contact information."

·         Is there a purpose to having registrar information? Yes, only way to get to further information (in current environment). Necessary for domain name control. Legal significance of having access to registrar name as it can determine jurisdiction for example in UDRP. Also, in case of hijack, you need to find out the new registrar to get it back.

·         Is there any thin data that does not have a purpose? Yes, although one could debate whether this information needs to be publicly available. Not discussing yet who should have access or whether it should be publicly available.

·         No registration data should be accessible without having a purpose? All data should have a purpose. Are we recommending that public access is to be terminated? Not close yet to making that decision. Requiring a purpose does not necessarily mean making data non-public. Think for example about web-sites by liquor companies asking to click a box that you meet the legal age to access the web-site (which is not verified in any other way). Every field currently in WHOIS has a purpose.

·         Should gTLD thin data be accessible for any purpose, regardless of what it is? Binary nature of the question makes it difficult to answer.

·         Next question is 2.2           For what specific purposes should gTLD registration data be collected, maintained, and made accessible? Who should be permitted to use gTLD registration data for those purposes?

·         Do you build a negative list (not allowed for these purposes) or not accessbile unless purpose is on a positive list, or allow for any purpose? Difficult to build a list that includes all permissible purposes as new ones may be added over time.

·         Is there one element of these thin elements that does not have one legitimate purpose?

·         Does WG needs to cover question 2.2 before going to data elements question? Input welcome.

Action item: Staff to develop a question(s) that can be used to poll the WG to assess view points following this discussion.

Action item: WG members to respond to poll when available.

b) Address question for other data (time permitting)

4. Confirm next meeting - Wednesday 21 December at 6.00 UTC

·         (Note, no WG calls on 27 December 2016 or 3 January 2017)

Marika Konings
Senior Policy Director & Team Leader for the GNSO, Internet Corporation for Assigned Names and Numbers (ICANN)
Email: marika.konings at icann.org<mailto:marika.konings at icann.org>

Follow the GNSO via Twitter @ICANN_GNSO
Find out more about the GNSO by taking our interactive courses<http://learn.icann.org/courses/gnso> and visiting the GNSO Newcomer pages<http://gnso.icann.org/sites/gnso.icann.org/files/gnso/presentations/policy-efforts.htm#newcomers>.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20161213/bd7266fc/attachment.html>