<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Thanks for pointing this out Rod. There are a few rather difficult
authorization issues we described but did not necessarily solve (who
vouches for you, and how)....the secure credentials was for
particular, desperate cases. It does not solve situations where all
of a sudden what was legitimate political dissent becomes treason (I
don't need to point to any recent examples, I am sure) and the
unsuspecting group is outed because they did not think they needed
to go the extra mile and apply for a secure credential. I think the
broad category of banned religions, speech, and political dissent
needs a variety of solutions. But if we could make anonymous
registration easy (as you point out, much necessary work has
progressed in the past two years) it would be wonderful.<br>
Stephanie Perrin<br>
<br>
<div class="moz-cite-prefix">On 16-07-26 1:17 PM, Rod Rasmussen
wrote:<br>
</div>
<blockquote
cite="mid:4280F1A4-B853-4A35-B82E-D2D915430568@infoblox.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
So let point out that the EWG spent a huge amount of time on
exactly this use case area to address these very difficult issues
and concerns to life and liberty. One reason that this took a lot
of time is that the option that Ayden is advocating for here that
you cannot store ANY personally identifiable data in any place
anywhere (paraphrasing, please correct if I’m misinterpreting you
here) due to risk of its exposure due to some compromise in the
chain (RDS, registry, registrar, P/P service) runs counter to one
of the *primary* use case building blocks for domain registrants.
That primary concept is for a registrant to be able to
definitively prove their ownership (or “right to control/use" if
you don’t like the concept of “owning” domains) of a domain name.
Someone has to have that information - the registrar is the base
case - in order for the vast, vast majority of domain holders to
do things like transfer their domain between registrars, sell the
rights to their domain to some other party, obtain domain-related
services, ensure their domain is not hijacked or can be recovered
if it is, etc. So imposing requirements for a minuscule fraction
of the domain registrant population in order to handle an uncommon
(yet vitally important!) use case is simply disproportional. This
is a great example of why you develop use cases - to tease out
where they conflict, and instead of proscribing solutions up front
(in this case not collecting information at all) you explore what
the goals are (in this case, making sure that an oppressive regime
cannot get ahold of the personal information of a dissident that
could put that at risk of harm) to see how to solve those while
imposing such restrictions on the system that you can’t accomplish
other, equal or in this case, far more important goals of the
system.
<div class=""><br class="">
</div>
<div class="">So, what did we do on the EWG? We proposed an
entire system for dealing with such circumstances and that is
explained in section VII b. Secure Protected Credentials
Principals on pages 101-108 of the EWG report (<a
moz-do-not-send="true"
href="https://www.icann.org/en/system/files/files/final-report-06jun14-en.pdf"
class=""><a class="moz-txt-link-freetext" href="https://www.icann.org/en/system/files/files/final-report-06jun14-en.pdf">https://www.icann.org/en/system/files/files/final-report-06jun14-en.pdf</a></a>).
I would refer people with an interest in this topic to that
rather detailed section of our report to see a potential way
forward on these issues. Since the writing of the EWG report,
much more work has occurred within the space of providing
anonymous, yet verifiable credentialing, particularly with the
use of blockchain technologies which are open source, and
largely available at very low cost for usage in software
products and online services. Domain registration is not the
only area where people have this sort of interest, and the
market, along with the technical community, are responding
accordingly. So while this is just one way of solving this use
case, and may not be fully fleshed out to the implementation
level in the current level of documentation, I will posit that
when you run into a use case like this that runs counter to many
others, there will often be a way to solve it without hampering
or invalidating other use cases, particularly fundamental ones.</div>
<div class=""><br class="">
</div>
<div class="">Cheers,</div>
<div class=""><br class="">
</div>
<div class="">Rod
<div class=""><br class="">
</div>
<div class="">
<div class="">
<div class="">
<div style="color: rgb(0, 0, 0); font-style: normal;
font-variant: normal; font-weight: normal;
letter-spacing: normal; line-height: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
font-family: Calibri, sans-serif; font-size: 11pt;
margin: 0in 0in 0.0001pt;" class="">Rod Rasmussen</div>
<div style="color: rgb(0, 0, 0); font-style: normal;
font-variant: normal; font-weight: normal;
letter-spacing: normal; line-height: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
font-family: Calibri, sans-serif; font-size: 11pt;
margin: 0in 0in 0.0001pt;" class=""><span style="color:
rgb(89, 89, 89);" class="">VP, Cybersecurity</span></div>
<div style="color: rgb(0, 0, 0); font-style: normal;
font-variant: normal; font-weight: normal;
letter-spacing: normal; line-height: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
font-family: Calibri, sans-serif; font-size: 11pt;
margin: 0in 0in 0.0001pt;" class=""><br class="">
</div>
<div style="color: rgb(0, 0, 0); font-style: normal;
font-variant: normal; font-weight: normal;
letter-spacing: normal; line-height: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
font-family: Calibri, sans-serif; font-size: 14px;"
class=""><a moz-do-not-send="true"
href="http://www.infoblox.com/" style="font-size:
11pt; color: purple;" class=""><span style="color:
windowtext; text-decoration: none;" class=""><span><img
apple-inline="yes"
id="82F2D380-68DD-45CD-B4D3-81DD436A8CED"
apple-width="yes" apple-height="yes"
src="cid:part2.04060802.07080201@mail.utoronto.ca"
class="" height="59" width="180"></span><span
style="color: rgb(0, 0, 0); font-family: Calibri,
sans-serif; font-size: 14px; font-style: normal;
font-variant: normal; font-weight: normal;
letter-spacing: normal; line-height: normal;
orphans: auto; text-align: start; text-indent:
0px; text-transform: none; white-space: normal;
widows: auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px; display: inline
!important; float: none;" class="">- </span>
</span></a></div>
<a moz-do-not-send="true" href="http://www.infoblox.com/"
style="font-size: 11pt; color: purple;" class="">
</a></div>
</div>
<br class="">
<div>
<blockquote type="cite" class="">
<div class="">On Jul 26, 2016, at 8:57 AM, Ayden Férdeline
<<a moz-do-not-send="true"
href="mailto:icann@ferdeline.com" class="">icann@ferdeline.com</a>>
wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<table class="container" valign="top"
style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant-caps: normal;
font-weight: normal; letter-spacing: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width:
0px; width: 1463px; margin-top: 6px;" lang="container"
border="0" cellpadding="0" cellspacing="0">
<tbody class="">
<tr class="">
<td class="message-wrapper" style="padding-top:
6px; line-height: 1.31; color: rgb(34, 34, 34);
font-family: arial, sans-serif;" valign="top">
<div class="">Thanks for the questions, Alex. I
am happy to clarify.</div>
<div class=""><br class="">
</div>
<blockquote style="margin: 0px 0px 0px 0.8ex;
border-left-width: 1px; border-left-color:
rgb(204, 204, 204); border-left-style: solid;
padding-left: 1ex; padding-top: 0px;
padding-bottom: 0px;" class="">
<div class="">Based on the details you
outline, particularly the limitations you
place on the RDS data elements, can you
comment on how technical issues with the
dissidents domain name operation are
handled? </div>
</blockquote>
<div class=""><br class="">
</div>
<div class="">I consider this to be
registrar-registrant contract information. As
such, it is up to the registrar to determine
which additional data elements they wish to
collect (if any), how they wish to store this
data (if applicable), and to whom they wish to
release it, in accordance with local laws and
the informed consent of their customers.</div>
<div class=""><br class="">
</div>
<blockquote style="margin: 0px 0px 0px 0.8ex;
border-left-width: 1px; border-left-color:
rgb(204, 204, 204); border-left-style: solid;
padding-left: 1ex; padding-top: 0px;
padding-bottom: 0px;" class="">
<div class="">As for the cost of P/P services
I appreciate the view it is an added cost
(and even FWIW that one should not have to
pay for privacy) but so is the purchase of
the domain name, hosting provider, web-site,
tis cert (the non-free ones) to enable
transport encryption, etc. If there are
funds available to purchase (and maintain) a
domain name (and the site behind it) I’m not
sure the extra cost for the P/P add-on is
truly prohibitive. </div>
</blockquote>
<div class=""><br class="">
</div>
<div class="">It is possible that the web
hosting or these other required
products/services have been donated.</div>
<div class=""><br class="">
</div>
<div class="">But the principle is less about
the cost and more about the data being
collected in the first place. If there exists
a database which contains personally
identifiable information, even if this
information is stored behind a locked door, it
is not unimaginable to anticipate it will be
breached at some stage. And once data is
leaked, the damage is permanent. </div>
<div class=""><br class="">
</div>
<blockquote style="margin: 0px 0px 0px 0.8ex;
border-left-width: 1px; border-left-color:
rgb(204, 204, 204); border-left-style: solid;
padding-left: 1ex; padding-top: 0px;
padding-bottom: 0px;" class="">
<div class="">Lastly, can you clarify the term
“foreign nation” in the scenario
description? Is it the same or different
from the nation of the dissident? This is a
small detail perhaps but one that got me
thinking about how (or even if) this use
case would play out in a real world
scenario.</div>
</blockquote>
<div class=""><br class="">
</div>
<div class="">The dissident lives in country X.
The foreign nation is any other sovereign
state except X.</div>
<div class=""><br class="">
</div>
<div class="">Best wishes,</div>
<div class=""><br class="">
</div>
<div class="mixmax_signature">
<div class="">Ayden </div>
</div>
<img moz-do-not-send="true"
src="https://app.mixmax.com/api/track/v2/Vi9akIFOHTSpc0YXz/i02bj5SZulGblRmclZGQu5WYjlmI/icmcv5ibuF2YpB0Z31CckBXLzRmct82cudmI/icmcv5ibuF2YpB0Z31CckBXLzRmct82cudmI?sc=false"
alt="" style="border: 0px; width: 0px; height:
0px;" class="" height="0" align="left"
width="0"></td>
</tr>
</tbody>
</table>
<div style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant-caps: normal;
font-weight: normal; letter-spacing: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width:
0px;" class="">
<div class="">
<p data-m-apply-default-font="true" class=""><br
class="">
</p>
<div class="gmail_extra">
<p data-m-apply-default-font="true" class=""><br
class="">
</p>
<div class="gmail_quote">On Tue, Jul 26, 2016 4:46
PM, Deacon, Alex<span
class="Apple-converted-space"> </span><span
dir="ltr" class=""><a moz-do-not-send="true"
href="mailto:Alex_Deacon@mpaa.org"
target="_blank" style="word-wrap: normal;
word-break: break-word;" class="">Alex_Deacon@mpaa.org</a></span><span
class="Apple-converted-space"> </span>wrote:<br
class="">
<blockquote class="gmail_quote" style="margin:
0px 0px 0px 0.8ex; border-left-width: 1px;
border-left-color: rgb(204, 204, 204);
border-left-style: solid; padding-left: 1ex;">Thanks
for the use case Ayden. A few
questions/comments.
<div class=""><br class="">
</div>
<div class="">Based on the details you
outline, particularly the limitations you
place on the RDS data elements, can you
comment on how technical issues with the
dissidents domain name operation are
handled? </div>
<div class=""><br class="">
</div>
<div class="">As for the cost of P/P services
I appreciate the view it is an added cost
(and even FWIW that one should not have to
pay for privacy) but so is the purchase of
the domain name, hosting provider, web-site,
tis cert (the non-free ones) to enable
transport encryption, etc. If there are
funds available to purchase (and maintain) a
domain name (and the site behind it) I’m not
sure the extra cost for the P/P add-on is
truly prohibitive. </div>
<div class=""><br class="">
</div>
<div class="">Lastly, can you clarify the term
“foreign nation” in the scenario
description? Is it the same or different
from the nation of the dissident? This is
a small detail perhaps but one that got me
thinking about how (or even if) this use
case would play out in a real world
scenario. </div>
<div class=""><br class="">
</div>
<div class="">Thanks!!</div>
<div class=""><br class="">
</div>
<div class="">Alex</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
<div class="">
<div class="">
<blockquote type="cite" class="">
<div class="">On Jul 26, 2016, at 6:38
AM, Ayden Férdeline <<a
moz-do-not-send="true"
href="mailto:icann@ferdeline.com"
style="word-wrap: normal;
word-break: break-word;" class=""><a class="moz-txt-link-abbreviated" href="mailto:icann@ferdeline.com">icann@ferdeline.com</a></a>>
wrote:</div>
<br class="">
<div class="">
<table valign="top"
style="font-family: Helvetica;
font-size: 12px; font-style:
normal; font-variant-caps: normal;
font-weight: normal;
letter-spacing: normal; orphans:
auto; text-align: start;
text-indent: 0px; text-transform:
none; white-space: normal; widows:
auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px;
width: 1441px; margin-top: 6px;"
class="" lang="container"
border="0" cellpadding="0"
cellspacing="0">
<tbody class="">
<tr class="">
<td style="padding-top: 6px;
line-height: 1.31; color:
rgb(34, 34, 34);
font-family: arial,
sans-serif;" class=""
valign="top">
<div class="">Thanks for
your comments, Greg.
Without wanting to dive
too deep into our
deliberations, I would
just like to briefly
comment on this:<br
class="">
</div>
<div class=""><br class="">
</div>
<blockquote style="margin:
0px 0px 0px 0.8ex;
border-left-width: 1px;
border-left-color:
rgb(204, 204, 204);
border-left-style: solid;
padding-left: 1ex;
padding-top: 0px;
padding-bottom: 0px;"
class="">
<div class="">The actual
market price of such
services is inexpensive
(for example GoDaddy’s
is US$7.00 per year). It
may be reasonable to
assume that at-risk
dissidents are aware
that privacy services
exist, and can afford
the minimal cost.</div>
</blockquote>
<div class=""><br class="">
</div>
<div class="">I do not think
it is reasonable to make
such an assumption.
Privacy proxy services
have not reached critical
mass, as most domain names
are not protected through
such cloaks. </div>
<div class=""><br class="">
</div>
<div class="">In addition,
the subscription cost of
such services must be seen
as relative to local
incomes and the ability to
make a purchase in a
foreign currency. It is
not easy for everyone in
every country to purchase
goods online; not everyone
has access to a credit
card, and in many regions
payment processors do not
accept all currencies. And
while US$7.00 per year may
not be a lot to you or I,
it is a significant amount
of money to some. </div>
<div class=""><br class="">
</div>
<div class="">When I was
living in Argentina in
2014, the government
imposed restrictions on
online purchases as part
of efforts to prevent
foreign currency reserves
from dwindling. At one
stage, I believe that
Argentine credit cards
were limited to making no
more than US$25 per month
in foreign transactions.
In such a case a dissent
group would have to choose
carefully how to allocate
their resources. Do they
buy Skype credit to make
calls abroad? Do they buy
a privacy proxy cloak? Do
they purchase literature
from abroad that cannot be
purchased locally?</div>
<div class=""><br class="">
</div>
<blockquote style="margin:
0px 0px 0px 0.8ex;
border-left-width: 1px;
border-left-color:
rgb(204, 204, 204);
border-left-style: solid;
padding-left: 1ex;
padding-top: 0px;
padding-bottom: 0px;"
class="">
<div class=""><font
class="">Government
authorities in the
dissident’s country
request the underlying
registrant data from
the privacy service
provider. The privacy
service provider must
then decide whether it
will accept the
government’s
complaint.</font></div>
</blockquote>
<div class=""><br class="">
</div>
<div class="">This operates
on the assumption that due
process is followed. A
privacy service provider
is not a court and, as far
as I am aware, there is no
binding entitlement to
domain name registrants to
a fair and public hearing
within a reasonable time
by an independent,
competent, and impartial
tribunal as to whether the
registrant's data should
be released to that
government authority?</div>
<div class=""><br class="">
</div>
<div class="">This also
assumes that the data is
requested and not simply
taken. Given efforts are
underway globally to
restrict encryption, we
cannot presume that all
governments worldwide will
follow due process if the
data they desire exists in
some form where it can
somehow be extracted.</div>
<div class=""><br class="">
</div>
<div class="">Best wishes,</div>
<div class=""><br class="">
</div>
<div class="">Ayden</div>
<img moz-do-not-send="true"
src="https://compose.mixmax.com/img/blank.png" alt="" style="border:
0px; width: 0px; height:
0px;" class="" height="0"
align="left" width="0"></td>
</tr>
</tbody>
</table>
<div style="font-family: Helvetica;
font-size: 12px; font-style:
normal; font-variant-caps: normal;
font-weight: normal;
letter-spacing: normal; orphans:
auto; text-align: start;
text-indent: 0px; text-transform:
none; white-space: normal; widows:
auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px;"
class="">
<div class="">
<p
data-m-apply-default-font="true"
class=""><br class="">
</p>
<div class="">
<p
data-m-apply-default-font="true"
class=""><br class="">
</p>
<div class="">On Tue, Jul 26,
2016 2:10 PM, Greg Aaron<span
class=""> </span><span
dir="ltr" class=""><a
moz-do-not-send="true"
href="mailto:gca@icginc.com"
target="_blank"
style="word-wrap:
normal; word-break:
break-word;" class=""><a class="moz-txt-link-abbreviated" href="mailto:gca@icginc.com">gca@icginc.com</a></a></span><span
class=""> </span>wrote:<br
class="">
<blockquote style="margin:
0px 0px 0px 0.8ex;
border-left-width: 1px;
border-left-color:
rgb(204, 204, 204);
border-left-style: solid;
padding-left: 1ex;"
class="">
<div class="">
<p class=""><a
moz-do-not-send="true"
name="_MailEndCompose" style="word-wrap: normal; word-break:
break-word;"
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Here are
three cases that
are variations of
the scenario that
Ayden presented. <o:p
class=""></o:p></span></a></p>
<p class=""><span
class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></span></p>
<p style="text-indent:
-0.25in;" class=""><span
class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><span
class="">1.<span
style="font-style:
normal;
font-variant-caps:
normal;
font-weight:
normal;
font-size:
7pt;
line-height:
normal;
font-family:
'Times New
Roman';"
class=""> <span
class=""> </span></span></span></span><span
style="font-family:
Calibri,
sans-serif;"
class="">Member of
the dissident
group registers a
gTLD domain name
using a privacy
service, located
in a different
country from the
registrant. The
actual market
price of such
services is
inexpensive (for
example GoDaddy’s
is US$7.00 per
year). It may be
reasonable to
assume that
at-risk dissidents
are aware that
privacy services
exist, and can
afford the minimal
cost. Government
authorities in the
dissident’s
country request
the underlying
registrant data
from the privacy
service provider.
The privacy
service provider
must then decide
whether it will
accept the
government’s
complaint. The
decision may
depend mainly on
whether the
service provider
believes the
registrant has
breached the
service provider’s
terms of service,
as interpreted
under the laws of
the service
provider’s country
(not the country
of the registrant
and the
complaining
government).<o:p
class=""></o:p></span></span></p>
<p class=""><span
class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></span></p>
<p style="text-indent:
-0.25in;" class=""><span
class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><span
class="">2.<span
style="font-style:
normal;
font-variant-caps:
normal;
font-weight:
normal;
font-size:
7pt;
line-height:
normal;
font-family:
'Times New
Roman';"
class=""> <span
class=""> </span></span></span></span><span
style="font-family:
Calibri,
sans-serif;"
class=""> </span></span><span
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Instead
of a gTLD domain,
member of the
dissident group
chooses to
register a ccTLD
domain, in a ccTLD
that does not
provide registrant
contact data in
its WHOIS. The
ccTLD registry and
registrar are
outside the
dissident’s
country. If the
government
authorities in the
dissident’s
country wish to
obtain contact
data, the
government
authorities must
contact either the
registrar or
registry, which
will then consider
the complaint
according to their
terms of service,
as interpreted
under the laws of
the registrar’s or
registry’s
country.<o:p
class=""></o:p></span></span></p>
<p class=""><span
class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></span></p>
<p style="text-indent:
-0.25in;" class=""><span
class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><span
class="">3.<span
style="font-style:
normal;
font-variant-caps:
normal;
font-weight:
normal;
font-size:
7pt;
line-height:
normal;
font-family:
'Times New
Roman';"
class=""> <span
class=""> </span></span></span></span><span
style="font-family:
Calibri,
sans-serif;"
class="">Member of
the dissident
group registers a
gTLD domain name
using a proxy,
such as a law firm
located in another
country. If
government
authorities in the
dissident’s
country request
the identity of
the dissident, the
proxy must decide
whether to reveal
its client’s
name. The proxy
is not subject to
the jurisdiction
of the foreign
government. <o:p
class=""></o:p></span></span></p>
<p class=""><span
class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></span></p>
<p class=""><span
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">These use
cases assume that
dissidents wish to
take steps to keep
their identities
from their
government
regime. All three
cases allow the
registrant to work
within existing
ICANN registration
data policies,
including the
recommendations
that have come out
of the recent
privacy/proxy PDP.<o:p
class=""></o:p></span></span></p>
<p class=""><span
class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></span></p>
<p class=""><span
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">All best,<o:p
class=""></o:p></span></span></p>
<p class=""><span
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">--Greg<o:p
class=""></o:p></span></span></p>
<p class=""><span
class=""><span
style="font-size:
10pt; font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></span></p>
<p class=""><span
class=""><span
style="font-size:
11pt; font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></span></p>
<span class=""></span>
<div class="">
<div
style="border-style:
solid none none;
border-top-color:
rgb(225, 225, 225);
border-top-width:
1pt; padding: 3pt
0in 0in;" class="">
<p class=""><b
class=""><span
style="font-size:
11pt;
font-family:
Calibri,
sans-serif;"
class="">From:</span></b><span
style="font-size:
11pt;
font-family:
Calibri,
sans-serif;"
class=""><span
class=""> </span><a
moz-do-not-send="true" href="mailto:gnso-rds-pdp-wg-bounces@icann.org"
style="word-wrap:
normal;
word-break:
break-word;"
class=""><a class="moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg-bounces@icann.org">gnso-rds-pdp-wg-bounces@icann.org</a></a><span
class=""> </span>[<a
moz-do-not-send="true" href="mailto:gnso-rds-pdp-wg-bounces@icann.org"
style="word-wrap:
normal;
word-break:
break-word;"
class=""><a class="moz-txt-link-freetext" href="mailto:gnso-rds-pdp-wg-bounces@icann.org">mailto:gnso-rds-pdp-wg-bounces@icann.org</a></a>]<span
class=""> </span><b
class="">On
Behalf Of<span
class=""> </span></b>Ayden
Férdeline<br
class="">
<b class="">Sent:</b><span
class=""> </span>Monday,
July 25, 2016
6:41 PM<br
class="">
<b class="">To:</b><span
class=""> </span><a
moz-do-not-send="true" href="mailto:gnso-rds-pdp-wg@icann.org"
style="word-wrap:
normal;
word-break:
break-word;"
class=""><a class="moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a></a><br
class="">
<b class="">Subject:</b><span
class=""> </span>[gnso-rds-pdp-wg]
Use Case -
Dissident Group
Using the
Internet to
Communicate
Information<o:p
class=""></o:p></span></p>
</div>
</div>
<p class=""><o:p
class=""> </o:p></p>
<table style="width:
1428px;" class=""
border="0"
cellpadding="0"
cellspacing="0"
width="100%">
<tbody class="">
<tr class="">
<td
style="padding:
0in;" class=""
valign="top">
<table class=""
border="0"
cellpadding="0"
cellspacing="0">
<tbody
class="">
<tr class="">
<td
style="padding:
0in;" class=""
valign="top">
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Hello
all,<o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">I
would like to
introduce an
additional use
case. This is
just a rough
draft for now,
and I welcome
your feedback
on how this
use case can
be
strengthened. <o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">The
scenario is: a
dissident
group launches
a website to
bring
important news
and
information to
the public.
They register
their domain
name in a
foreign nation
and do not
want law
enforcement,
or other
parties, to be
able to
identify the
website’s
administrators,
management,
and/or sources
of
information.
If this
information
was made
known, their
publishing
could be
silenced and
their sources
and
contributors
could suffer
harm. The
registrant is
not aware of
the existence
of privacy
proxy services
at the time
they register
their domain
name.<o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Misuse
Case:</span></b><span
style="font-family:
Calibri,
sans-serif;"
class=""><span
class=""> </span>The
RDS could be
used by State
actors or
other parties
to identify
members of or
contributors
to the
dissident
group, and
this could
result in
their voices
being silenced
through legal,
political, or
physical
means.<o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Main
Misuse Case:<span
class=""> </span></span></b><span
style="font-family:
Calibri,
sans-serif;"
class="">An
actor is
unhappy that a
website in a
country is
publishing
material that
speaks
unfavourably
about a given
topic. They
wish to launch
political and
legal attacks
to silence the
website’s
publishers and
to alter the
narrative of
the historical
record on this
topic. They
thus utilise
the RDS to
identify a
contact of
someone
involved in
the
administration
of this
website, with
the view of
torturing or
otherwise
extracting
from this
contact the
names and
contact
details of
contributors
to the
dissenting
website. As
the registrant
does not
subscribe to a
privacy proxy
service
(possibly
because of
limited
financial
resources, or
lack of
awareness that
such a service
exists), their
contact
details have
been
permanently
published into
the public
record and
their privacy
is thus
permanently
breached. As a
result the RDS
threatens the
ability of
dissenting
voices to
exercise their
inalienable
rights in an
online
environment. <o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Primary
Actor:<span
class=""> </span></span></b><span
style="font-family:
Calibri,
sans-serif;"
class="">Government
or other
entity wanting
to censor a
dissident
group.<o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Other
stakeholders:</span></b><span
style="font-family:
Calibri,
sans-serif;"
class=""><span
class=""> </span>Domain
name
registrant.<o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Scope:</span></b><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Level:</span></b><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Data
Elements:</span></b><span
style="font-family:
Calibri,
sans-serif;"
class=""> In
order to
prevent misuse
by another
actor, no
personally
identifiable
information
should be
stored in the
RDS
whatsoever.
The only data
elements that
the RDS
requires to
operate on a
technical
level are: the
domain name
itself, the
registrar, the
domain name’s
expiry date,
and its status
(registered /
not
registered).
For it to be
of functional
use, there are
two optional
fields: name
servers, and
the auth-code.<o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Story: </span></b><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""></o:p></span></p>
</div>
<ul class=""
type="disc">
<li class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">A
requestor
accesses the
RDS to obtain
information
about a
registered
domain name.
The RDS
immediately
returns the
registration
data
associated
with the
domain name,
which may
include a name
and physical
address of the
registrant.<o:p
class=""></o:p></span></li>
<li class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">The
requestor
passes the
extracted
information on
to a third
party who
visits the
physical
address of the
contact. The
registrant
suffers
physical harm
as a result of
the RDS and no
longer feels
comfortable
using the
Internet to
convey to the
public
important
information.<o:p
class=""></o:p></span></li>
</ul>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Privacy
implications:<span
class=""> </span></span></b><span
style="font-family:
Calibri,
sans-serif;"
class="">Article
19 of the
Universal
Declaration of
Human Rights
states that
everyone has
the right to
freedom of
opinion and
expression;
this right
includes the
freedom to
hold opinions
without
interference
and to seek,
receive, and
impart
information
and ideas
through any
media and
regardless of
frontiers.
These
principles
must be upheld
in the RDS. An
RDS that
contains any
personally-identifiable
information
would threaten
these very
freedoms.
Accordingly,
the RDS must
only collect
and store data
for limited,
lawful, and
appropriate
purposes.<o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Who
has control of
and access to
the data:</span></b><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""> </span></b><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Conditions
under which
the data are
accessible:</span></b><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""> <o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">How
data can be
accessed:<span
class=""> </span></span></b><span
style="font-family:
Calibri,
sans-serif;"
class="">At
this time,
personally
identifiable
information
can be
accessed by
any party in
the world, for
any reason.
This is not
consistent
with best
practices in
privacy
protection.<o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""> <o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><b
class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Other?</span></b><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""> <o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">As
you can see, I
have left a
few of the
fields in
Lisa's
template for
use cases
blank. I do
not have all
the answers,
so I would
very much
welcome your
suggestions on
how this use
case could be
strengthened. I'm
still a little
uncertain as
to whether we
are designing
use cases for
what the WHOIS
protocol is
like today
(this is an
assumption I
have gone by
in this first
draft) or if
this is meant
to be more
like a use
case in a
dream system
instead. I'll
revise this
use case once
I understand
this exercise
a bit better.<o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Thank
you for your
time,
consideration,
and feedback.<o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Best
wishes,<o:p
class=""></o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""> </o:p></span></p>
</div>
<div class="">
<p class=""><span
style="font-family:
Calibri,
sans-serif;"
class="">Ayden
Férdeline<o:p
class=""></o:p></span></p>
</div>
<p class=""><img
moz-do-not-send="true" src="https://compose.mixmax.com/img/blank.png"
class=""
align="left"><span
style="font-family:
Calibri,
sans-serif;"
class=""><o:p
class=""></o:p></span></p>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<p class=""><o:p
class=""> </o:p></p>
</div>
</blockquote>
</div>
</div>
</div>
</div>
<br style="font-family: Helvetica;
font-size: 12px; font-style:
normal; font-variant-caps: normal;
font-weight: normal;
letter-spacing: normal; orphans:
auto; text-align: start;
text-indent: 0px; text-transform:
none; white-space: normal; widows:
auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px;"
class="">
<br style="font-family: Helvetica;
font-size: 12px; font-style:
normal; font-variant-caps: normal;
font-weight: normal;
letter-spacing: normal; orphans:
auto; text-align: start;
text-indent: 0px; text-transform:
none; white-space: normal; widows:
auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px;"
class="">
<div style="font-family: Helvetica;
font-size: 12px; font-style:
normal; font-variant-caps: normal;
font-weight: normal;
letter-spacing: normal; orphans:
auto; text-align: start;
text-indent: 0px; text-transform:
none; white-space: normal; widows:
auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px;"
class="">Ayden Férdeline</div>
<div style="font-family: Helvetica;
font-size: 12px; font-style:
normal; font-variant-caps: normal;
font-weight: normal;
letter-spacing: normal; orphans:
auto; text-align: start;
text-indent: 0px; text-transform:
none; white-space: normal; widows:
auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px;"
class=""><a moz-do-not-send="true"
href="https://community.icann.org/display/gnsosoi/Ayden+F%C3%A9rdeline+SOI"
style="word-wrap: normal;
word-break: break-word;
background-color: white;"
class="">Statement of Interest</a></div>
<span style="font-family: Helvetica;
font-size: 12px; font-style:
normal; font-variant-caps: normal;
font-weight: normal;
letter-spacing: normal; orphans:
auto; text-align: start;
text-indent: 0px; text-transform:
none; white-space: normal; widows:
auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px;
float: none; display: inline
!important;" class="">_______________________________________________</span><br
style="font-family: Helvetica;
font-size: 12px; font-style:
normal; font-variant-caps: normal;
font-weight: normal;
letter-spacing: normal; orphans:
auto; text-align: start;
text-indent: 0px; text-transform:
none; white-space: normal; widows:
auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px;"
class="">
<span style="font-family: Helvetica;
font-size: 12px; font-style:
normal; font-variant-caps: normal;
font-weight: normal;
letter-spacing: normal; orphans:
auto; text-align: start;
text-indent: 0px; text-transform:
none; white-space: normal; widows:
auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px;
float: none; display: inline
!important;" class="">gnso-rds-pdp-wg
mailing list</span><br
style="font-family: Helvetica;
font-size: 12px; font-style:
normal; font-variant-caps: normal;
font-weight: normal;
letter-spacing: normal; orphans:
auto; text-align: start;
text-indent: 0px; text-transform:
none; white-space: normal; widows:
auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px;"
class="">
<a moz-do-not-send="true"
href="mailto:gnso-rds-pdp-wg@icann.org"
style="word-wrap: normal;
word-break: break-word;
font-family: Helvetica; font-size:
12px; font-style: normal;
font-variant-caps: normal;
font-weight: normal;
letter-spacing: normal; orphans:
auto; text-align: start;
text-indent: 0px; text-transform:
none; white-space: normal; widows:
auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px;"
class="">gnso-rds-pdp-wg@icann.org</a><br
style="font-family: Helvetica;
font-size: 12px; font-style:
normal; font-variant-caps: normal;
font-weight: normal;
letter-spacing: normal; orphans:
auto; text-align: start;
text-indent: 0px; text-transform:
none; white-space: normal; widows:
auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px;"
class="">
<a moz-do-not-send="true"
href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg"
style="word-wrap: normal;
word-break: break-word;
font-family: Helvetica; font-size:
12px; font-style: normal;
font-variant-caps: normal;
font-weight: normal;
letter-spacing: normal; orphans:
auto; text-align: start;
text-indent: 0px; text-transform:
none; white-space: normal; widows:
auto; word-spacing: 0px;
-webkit-text-stroke-width: 0px;"
class="">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a></div>
</blockquote>
</div>
<br class="">
</div>
</div>
</blockquote>
</div>
</div>
</div>
</div>
<br style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant-caps: normal;
font-weight: normal; letter-spacing: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width:
0px;" class="">
<br style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant-caps: normal;
font-weight: normal; letter-spacing: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width:
0px;" class="">
<div style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant-caps: normal;
font-weight: normal; letter-spacing: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width:
0px;" class="">Ayden Férdeline</div>
<div style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant-caps: normal;
font-weight: normal; letter-spacing: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width:
0px;" class=""><a moz-do-not-send="true"
href="https://community.icann.org/display/gnsosoi/Ayden+F%C3%A9rdeline+SOI"
style="word-wrap: normal; word-break: break-word;
background-color: white;" class="">Statement of
Interest</a></div>
<span style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant-caps: normal;
font-weight: normal; letter-spacing: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width:
0px; float: none; display: inline !important;"
class="">_______________________________________________</span><br
style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant-caps: normal;
font-weight: normal; letter-spacing: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width:
0px;" class="">
<span style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant-caps: normal;
font-weight: normal; letter-spacing: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width:
0px; float: none; display: inline !important;"
class="">gnso-rds-pdp-wg mailing list</span><br
style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant-caps: normal;
font-weight: normal; letter-spacing: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width:
0px;" class="">
<a moz-do-not-send="true"
href="mailto:gnso-rds-pdp-wg@icann.org"
style="word-wrap: normal; word-break: break-word;
font-family: Helvetica; font-size: 12px; font-style:
normal; font-variant-caps: normal; font-weight:
normal; letter-spacing: normal; orphans: auto;
text-align: start; text-indent: 0px; text-transform:
none; white-space: normal; widows: auto; word-spacing:
0px; -webkit-text-stroke-width: 0px;" class="">gnso-rds-pdp-wg@icann.org</a><br
style="font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant-caps: normal;
font-weight: normal; letter-spacing: normal; orphans:
auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows:
auto; word-spacing: 0px; -webkit-text-stroke-width:
0px;" class="">
<a moz-do-not-send="true"
href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg"
style="word-wrap: normal; word-break: break-word;
font-family: Helvetica; font-size: 12px; font-style:
normal; font-variant-caps: normal; font-weight:
normal; letter-spacing: normal; orphans: auto;
text-align: start; text-indent: 0px; text-transform:
none; white-space: normal; widows: auto; word-spacing:
0px; -webkit-text-stroke-width: 0px;" class="">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a></div>
</blockquote>
</div>
<br class="">
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
gnso-rds-pdp-wg mailing list
<a class="moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a>
<a class="moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg">https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg</a></pre>
</blockquote>
<br>
</body>
</html>