<div dir="ltr"><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">I am not sure if calling a position you are advocating for naive is the same as calling you naive, but it isn't helpful for sure. We need to all listen to each other when considering policy, and acknowledge the importance of all stakeholders and seek to understand their points of view. </div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small"><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small"><b>We also need to try and build consensus</b>. We all have an obligation to ensure that <span style="font-family:arial,sans-serif">policy development and decision-making processes will reflect <b>the public interest</b>, </span><span style="font-family:arial,sans-serif">irrespective of personal interests and the interests of the entity to which we as individuals might owe our appointment.</span></div><br>We all owe each other to behave in a professional manner and demonstrate <b>appropriate behavior</b>.<div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline"> This includes acting in <b>good faith</b> with other participants. I want to say that </div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline">while I am certain it was not intended, that</div> people <div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline">will</div> react emotionally when you single out APWG without<div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline"> necessarily</div> having any <div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline">real need to</div> do so<div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline"> for purposes of discussion</div>.<div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline"> I know it upset me.</div> <div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline">I think h</div>ow data is "shared" within APWG, an international coalition unifying the global response to cybercrime across industry, government and law-enforcement sectors and NGO communities <div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline">is </div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline">a</div> different issue than sharing Whois data.<div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline"> I would encourage everyone to consider whether singling out a company like has been done with DomainTools or APWG, is </div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline">appropriate or like I believe, </div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline"><b>foreseeably derails the consensus building efforts in violation of ICANN Expected Standards of Behavior</b>.</div><div><span style="font-family:tahoma,sans-serif"><br></span></div><div><span style="font-family:tahoma,sans-serif"><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small;display:inline">On a side note, a</div> threat researcher or analyst is not the equivalent of an investigator. So focusing on certifying investigators is irrelevant to any issue within the working group. </span><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small"><span style="font-family:arial,sans-serif"><br></span></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small"><span style="font-family:arial,sans-serif">Regards,</span></div><div class="gmail_extra"><div><div class="gmail_signature"><div dir="ltr"><div>Jonathan Matkowsky</div><div><br></div><div><br></div></div></div></div>
<br><div class="gmail_quote">On Thu, Jun 8, 2017 at 11:55 AM, Stephanie Perrin <span dir="ltr"><<a href="mailto:stephanie.perrin@mail.utoronto.ca" target="_blank">stephanie.perrin@mail.utoronto.ca</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF">
<p><font size="+1"><font face="Lucida Grande">Calling me naive, ill
informed etc. does not actually answer the question folks.
It is, I am afraid, a valid question. What criteria does an
organization like APWG apply, when it admits members and
shares data with them? How do you ensure you are not sharing
data with organizations who are going to misuse it? that data
of course is much more that what we are talking about with
thin data, but I did actually work on this issue on successive
versions of the anti-spam legislation. Oddly enough,
government lawyers examining the issue (mostly from the
competition bureau who deal with criminal matters) never
labelled me "naive".</font></font></p>
<p><font size="+1"><font face="Lucida Grande">Folks, can we please
try to be polite to one another on this list? When I have questions
like this, I often check with experts before I ask. They
don't call me naive, they answer my questions.</font></font></p>
<p><font size="+1"><font face="Lucida Grande">Thanks again.</font></font></p>
<p><font size="+1"><font face="Lucida Grande">Stephanie</font></font><br>
</p>
<br>
<div class="gmail-m_-5684818291612026718moz-cite-prefix">On 2017-06-08 01:54, Neil Schwartzman
wrote:<br>
</div>
<blockquote type="cite">
My experience differs slightly. They aren’t ignored. The presence
of these .TLDs is a strong indicator of abuse which bears further
investigation.
<div><br>
</div>
<div>
<div>To the point at hand: I believe the notion of
certifying private cybercrime investigators to be painfully
naive (do I ignore reports from someone without a Internet
Investigator License? Do we disallow them access to data?),
impractical in the developed world, and deeply chauvinistic,
patronizing and exclusionary to our colleagues in emerging
nations where capacity building is exactly what’s needed to
deal with next-gen abuse.</div>
<div><br>
</div>
<div><br>
</div>
<div>
<div>
<blockquote type="cite">
<div>On Jun 8, 2017, at 2:36 AM, allison nixon
<<a href="mailto:elsakoo@gmail.com" target="_blank">elsakoo@gmail.com</a>>
wrote:</div>
<br class="gmail-m_-5684818291612026718Apple-interchange-newline">
<div><span style="font-family:Helvetica;font-size:12.8px;font-style:normal;font-variant-caps:normal;font-weight:normal;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;float:none;display:inline">We're getting there. Entire top level domains
are already ignored on many networks like .science,
.xyz, .pw, .top, .club, et cetera</span></div>
</blockquote>
</div>
<br>
</div>
</div>
<br>
<fieldset class="gmail-m_-5684818291612026718mimeAttachmentHeader"></fieldset>
<br>
<pre>______________________________<wbr>_________________
gnso-rds-pdp-wg mailing list
<a class="gmail-m_-5684818291612026718moz-txt-link-abbreviated" href="mailto:gnso-rds-pdp-wg@icann.org" target="_blank">gnso-rds-pdp-wg@icann.org</a>
<a class="gmail-m_-5684818291612026718moz-txt-link-freetext" href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a></pre>
</blockquote>
<br>
</div>
<br>______________________________<wbr>_________________<br>
gnso-rds-pdp-wg mailing list<br>
<a href="mailto:gnso-rds-pdp-wg@icann.org">gnso-rds-pdp-wg@icann.org</a><br>
<a href="https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg" rel="noreferrer" target="_blank">https://mm.icann.org/mailman/<wbr>listinfo/gnso-rds-pdp-wg</a><br></blockquote></div><br></div></div></div>