<div dir="ltr"><div><div><div>Stephanie,<br><br></div>Your response clearly shows that you don't understand how the Internet functions at a technical level. To put it in simple terms, ICANN only has a monopoly over who is a registry or registrar for gTLDs that people choose to point to. Anyone can set up alternate roots and if people believe that is a better mouse trap and choose to point to those roots then that is what will work from both a technical and practical perspective. <br><br>When people talk about the "dark web", that is an alternative system that does not rely on ICANN, the root servers and gTLDs which ICANN controls or the ccTLDs which ICANN does not control. <br><br></div>When you speak of "controlling things" you misunderstand the nature of the Internet. Perhaps you were not around for this - <a href="https://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States#/media/File:Munitions_T-shirt_(front).jpg">https://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States#/media/File:Munitions_T-shirt_(front).jpg</a><br><br></div>Michael Hammer<br><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Jun 8, 2017 at 5:32 AM, Stephanie Perrin <span dir="ltr"><<a href="mailto:stephanie.perrin@mail.utoronto.ca" target="_blank">stephanie.perrin@mail.utoronto.ca</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">"ICANN has no power independent of the agreement of everyone<br>
to use the ICANN policies for the IANA DNS root. Ask MySpace or the<br>
authors of Gopher whether there are any permanent favourites on the<br>
Internet."<br>
<br>
Actually, ICANN has a monopoly over who is an accredited registrar for the gTLDs. With respect to the contracts between registries and registrars, I would argue that the community has historically had very little opportunity to influence those contracts, with the exception of the IPC who got their requirements in to the DOC prior to the establishment of ICANN. At the moment we are expending a great deal of our valuable time designing the public interface that contains the data we deem acceptable to share. Inherent in the concept of tiered access, which some ccTLDS already employ, and which the DPAs have already said (in documents in our repository which clearly some of us need to reread) is the concept of discrimination....you need to identify who you are and why you want the data to get more access, possibly untraced access (to enable investigations etc) and bulk data. I do understand that there is no "centre" there, but I certainly think that ICANN has influence over who gets access to the next tier of data. Let me repeat for greater clarity: I am not talking about thin data.<br>
<br>
I have taken the time to plough through the Interpol data protection handbook. Some may recall that Caroline Goemans, the Data Protection Officer for Interpol came to Copenhagen. I hesitate to even mention their handbook because folks will choose to believe that I want the Interpol rules for data sharing to apply to those tireless fighters who report abuse, across the globe...so let me immediately say relax, I am not suggesting this. However, a mini version of how trusted parties share data needs, in my view, to be developed. I was just accused of suggesting something that is "impractical in the developed world, and deeply chauvinistic, patronizing and exclusionary to our colleagues in emerging nations where capacity building is exactly what’s needed to deal with next-gen abuse." Frankly, it should be admissible to suggest that we need a system that is slightly more organized and less open to anti-competitive behaviour than the club-of-folks-who-know-each-ot<wbr>her under which we are operating now. It is precisely because we are global and a lot of the criminal behaviour emanates from countries where nobody has any mlats or has signed and implemented the Budapest Convention that I would suggest we should think about some kind of accreditation for access to data. Otherwise, registrars who surrender personal data of their registrants are likely in violation of more law than mere data protection law. [for non-english speakers, the use of the word "mere" was intended to be ironic"].<br>
<br>
Cheers Stephanie<br>
<br>
<br>
______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/l<wbr>istinfo/gnso-rds-pdp-wg</a></blockquote></div><br></div>