[RDS-WHOIS2-REC4-Compliance] ICANN compliance input on your questions

Erika Mann erika at erikamann.com
Wed May 2 16:02:07 UTC 2018 

Thank you Alice - reviewed and no recommendation for further additions.
Thanks, Erika

On Tue, May 1, 2018 at 10:08 AM, Alice Jansen <alice.jansen at icann.org>
wrote:

> Dear Compliance Subgroup,
>
> Attached to this email you will ICANN Compliance’s answers to your list of
> questions below.
>
> Thanks so much,
>
> Kind regards
>
> Alice
>
>
>
> *From: *Susan Kawaguchi <susankpolicy at gmail.com>
> *Date: *Thursday 19 April 2018 at 13:36
> *To: *Alice Jansen <alice.jansen at icann.org>, "rds-whois2-rec4-compliance@
> icann.org" <rds-whois2-rec4-compliance at icann.org>, RDS WHOIS2-RT List <
> rds-whois2-rt at icann.org>
> *Cc: *SUN Lili <L.SUN at interpol.int>, Jean-Baptiste Deroulez <
> jean-baptiste.deroulez at icann.org>, Lisa Phifer <lisa at corecom.com>
> *Subject: *Re: [Ext] RE: CONFIRMATION NEEDED - Questions for ICANN
> Compliance
>
>
>
> Hello All,
>
>
>
> Thank you Lili for the list of additional questions.  These all relate to
> our discussions at the F2F.
>
>
>
> Please submit to the compliance team on our behalf.
>
>
>
> Best regards,
>
>
>
> Susan
>
>
>
> On Thu, Apr 19, 2018 at 11:52 AM, Alice Jansen <alice.jansen at icann.org>
> wrote:
>
> Many thanks, Lili and Susan.
>
> We will send these over to ICANN compliance and will get back to you on
> the estimated delivery date.
>
> Could I ask you to send a note out to your subroups to inform them of the
> list of questions? That way, the request will also be official.
>
> Thanks so much and safe travels! It was great to have you in Brussels!
>
> Kind regards
>
> Alice
>
>
>
> *From: *SUN Lili <L.SUN at interpol.int>
> *Date: *Thursday 19 April 2018 at 07:05
> *To: *Susan Kawaguchi <susankpolicy at gmail.com>, Alice Jansen <
> alice.jansen at icann.org>
> *Cc: *Jean-Baptiste Deroulez <jean-baptiste.deroulez at icann.org>, Lisa
> Phifer <lisa at corecom.com>
> *Subject: *[Ext] RE: CONFIRMATION NEEDED - Questions for ICANN Compliance
>
>
>
> Hi Alice, hi Susan,
>
>
>
> Please check below the updated questions for ICANN Compliance, 2 questions
> from Data-Accuracy Subgroup have been solved, I added 3 more questions
> relating to compliance for Susan’s consideration.
>
>
>
> Thanks and best regards,
>
> Lili
>
>
>
>    - *Data-Accuracy Subgroup Follow-up Questions for ICANN Compliance: *
>
> 1.      Does the Compliance Team attempt to identify patterns within
> ARS-detected inaccuracies to enable proactive remediation of underlying
> causes?
>
> 2.      If a domain registration is suspended due to a reported or
> detected WHOIS inaccuracy, can the domain name be un-suspended without the
> inaccuracy being remediated?
>
> 3.      Does the WHOIS Quality Review (or any other program) audit how
> often un-suspension without accuracy remediation occurs? If so, for how
> long after suspension are those follow-up accuracy checks performed?
>
> 4.      Considering ARS compliance metrics: Why are the percentage of
> ticketed domains that end up being suspended or cancelled is increasing?
>
> [image: cid:image002.jpg at 01D3D7DE.F0100690]
>
> 5.      ( Solved, delete) What percentage of ARS-initiated WHOIS
> Inaccuracy compliance tickets result in updates to correct WHOIS data prior
> to 3rd failure & breach notices?
>
> This is already provided by WHOIS ARS Contractual Compliance
> Metrics[whois.icann.org]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__whois.icann.org_en_whoisars-2Dcontractual-2Dcompliance-2Dmetrics&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=hgoi2V8bykqXjZC9kZZRTDSEJ4lQIyKh6k8Q-TUv6Ks&m=T2HTMIxEb2sZU9kozqx00kMdJ7aVPmD--pO_3TU2yZo&s=OqbMONZYFKn2TSSCiipZNSZIeSAUg7tm78tFf40-tWo&e=>
> .
>
> 6.      ( Solved, delete) Is WDRP compliance being audited and reported?
> If so where?
>
> WDRP compliance has been audited since 2012 as one of the many 2009 & 2013
> RAA provisions, see more detail at Contractual Compliance Audit
> Program[icann.org]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_resources_pages_audits-2D2012-2D02-2D25-2Den&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=hgoi2V8bykqXjZC9kZZRTDSEJ4lQIyKh6k8Q-TUv6Ks&m=T2HTMIxEb2sZU9kozqx00kMdJ7aVPmD--pO_3TU2yZo&s=m4-i2KfnUNyItzGg6L6v2QUxC5J-vw6z9cTeB4sVJjQ&e=>.
> However, only selected (or sampled) registrars were audited during each
> round, and besides a general percentage (20%-35%) of registrars with a
> deficiency on this, there was no further detail about the deficiency. See
> below the specific audit reports:
>
> 2016 May Contractual Compliance Registrar Audit Report[icann.org]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_en_system_files_files_compliance-2Dregistrar-2Daudit-2Dreport-2D2016-2D16nov16-2Den.pdf&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=hgoi2V8bykqXjZC9kZZRTDSEJ4lQIyKh6k8Q-TUv6Ks&m=T2HTMIxEb2sZU9kozqx00kMdJ7aVPmD--pO_3TU2yZo&s=Q8I5towqWuC4bgGrE_O1cgAs8TOMd_0UBhmVmUyQqiw&e=>
> [PDF, 372 KB]
>
> 2016 September Contractual Compliance Registrar Audit Report[icann.org]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_en_system_files_files_compliance-2Dregistrar-2Daudit-2Dreport-2D2016-2D20jun17-2Den.pdf&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=hgoi2V8bykqXjZC9kZZRTDSEJ4lQIyKh6k8Q-TUv6Ks&m=T2HTMIxEb2sZU9kozqx00kMdJ7aVPmD--pO_3TU2yZo&s=U8no0FzmRj41pgpDFVazioIUh7DcjmyQ7AV9NPZDqY4&e=>
> [PDF, 238 KB]
>
> 2015 September Contractual Compliance Registrar Audit Report[icann.org]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_en_system_files_files_compliance-2Dregistrar-2Daudit-2Dreport-2D2015-2D06jul16-2Den.pdf&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=hgoi2V8bykqXjZC9kZZRTDSEJ4lQIyKh6k8Q-TUv6Ks&m=T2HTMIxEb2sZU9kozqx00kMdJ7aVPmD--pO_3TU2yZo&s=9Fqe6z-kAiF_xC-JWIrWWgxVrfc37ZlxGK2QA8gFY5A&e=>
> [PDF, 258 KB]
>
> 2014 Contractual Compliance Year Three Audit Program Report[icann.org]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_en_resources_compliance_reports_contractual-2Dcompliance-2Daudit-2Dreport-2D2014-2D13jul15-2Den.pdf&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=hgoi2V8bykqXjZC9kZZRTDSEJ4lQIyKh6k8Q-TUv6Ks&m=T2HTMIxEb2sZU9kozqx00kMdJ7aVPmD--pO_3TU2yZo&s=usfkU4ZoxqMw7MR4nWFYvsrtQa5ljs9_H6WEgl17UiI&e=>
> [PDF, 851 KB]
>
> 2013 Contractual Compliance Year Two Audit Program Report[icann.org]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_en_system_files_files_registrar-2Dregistry-2Daudit-2D2013-2D07jul14-2Den.pdf&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=hgoi2V8bykqXjZC9kZZRTDSEJ4lQIyKh6k8Q-TUv6Ks&m=T2HTMIxEb2sZU9kozqx00kMdJ7aVPmD--pO_3TU2yZo&s=5nxYIiXNZgcMQdS5nkyGIuLxrhLXBXUyFlI1_WL_Uco&e=>
> [PDF, 900 KB]
>
> 2012 Contractual Compliance Year One Audit Program Report[icann.org]
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.icann.org_en_system_files_files_registrar-2Dregistry-2Daudit-2D2012-2D25jun13-2Den.pdf&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=hgoi2V8bykqXjZC9kZZRTDSEJ4lQIyKh6k8Q-TUv6Ks&m=T2HTMIxEb2sZU9kozqx00kMdJ7aVPmD--pO_3TU2yZo&s=mXg9py1vlxsJlR_iVJN4MrM9XlxLfQSwv2M71ccVJQY&e=>
> [PDF, 322 KB]
>
>
>
>    - *Compliance Subgroup Follow-up Questions for ICANN Compliance *
>
> 1.      Is it known (or can it be determined from ARS-sampled data) how
> often Registrant Contact data elements such as Registrant email address,
> Registrant postal address, and Registrant telephone number are absent from
> WHOIS records for grandfathered domain names?
>
> 2.      Why are a significant number of WHOIS Inacccuracy Complaints
> closed without any action being taken? What does Compliance treat as valid
> reasons for immediate ticket closure and are there any metrics for how
> often tickets are closed for each of those reasons?
>
> 3.      What additional evidence in WHOIS Inaccuracy Complaints would
> Compliance find useful?
>
> 4.      Does Compliance do any analysis of WHOIS Inaccuracy trends? If
> not, why not? For example, would a policy be necessary to enable trend
> analysis?
>
> 5.      ( Newly added) It shows that one of Compliance activities is
> ICANN-initiated monitoring to take proactive actions. What kind of
> monitoring programs have been conducted or planned?
>
> 6.      ( Newly added) Is there any monitoring program to check some
> common grounds or linkages among ARS, Audit Program, public complaints
> received, e.g. from specific registrar, gTLD, region?
>
> 7.      ( Newly added) Does compliance credit-rate registrars or just
> treat all of them equally?
>
>
>
> *From:* Susan Kawaguchi [mailto:susankpolicy at gmail.com]
> *Sent:* Wednesday, 18 April, 2018 7:34 PM
> *To:* Alice Jansen <alice.jansen at icann.org>
> *Cc:* SUN Lili <L.SUN at interpol.int>; Jean-Baptiste Deroulez <
> jean-baptiste.deroulez at icann.org>; Lisa Phifer <lisa at corecom.com>
> *Subject:* Re: CONFIRMATION NEEDED - Questions for ICANN Compliance
>
>
>
> Thanks Alice and Jean-Baptiste,
>
>
>
> All the questions seem fine to me.
>
>
>
> Susan
>
>
>
> On Tue, Apr 17, 2018 at 11:29 AM, Alice Jansen <alice.jansen at icann.org>
> wrote:
>
> Hi Lili, Hi Susan,
>
> Below you will find the list of questions we extracted from the data
> accuracy and compliance subgroups related discussions yesterday.
>
> Please review and let us know if you have any edits at your earliest
> convenience.
>
> We will send to ICANN compliance once we have received your confirmations.
>
> Thanks,
>
> Kind regards
>
> Alice
>
>
>
>    - *Data-Accuracy Subgroup Follow-up Questions for ICANN Compliance: *
>
> 1.     What percentage of ARS-initiated WHOIS Inaccuracy compliance
> tickets result in updates to correct WHOIS data prior to 3rd failure &
> breach notices?
>
> 2.     Does the Compliance Team attempt to detect patterns within
> ARS-detected inaccuracies to enable proactive remediation of underlying
> causes?
>
> 3.     Is WDRP compliance being audited and reported? If so where?
>
> 4.     If a domain registration is suspended due to a reported or
> detected WHOIS inaccuracy, can the domain name be un-suspended without the
> inaccuracy being remediated?
>
> 5.     Does the WHOIS Quality Review (or any other program) audit how
> often un-suspension without accuracy remediation occurs? If so, for how
> long after suspension are those follow-up accuracy checks performed?
>
> 6.     Considering ARS compliance metrics: Why are the percentage of
> ticketed domains that end up being suspended or cancelled is increasing?
>
>
>
>    - *Compliance Subgroup Follow-up Questions for ICANN Compliance *
>
> 1.     Is it known (or can it be determined from ARS-sampled data) how
> often Registrant Contact data elements such as Registrant email address,
> Registrant postal address, and Registrant telephone number are absent from
> WHOIS records for grandfathered domain names?
>
> 2.     Why are a significant number of WHOIS Inacccuracy Complaints
> closed without any action being taken? What does Compliance treat as valid
> reasons for immediate ticket closure and are there any metrics for how
> often tickets are closed for each of those reasons?
>
> 3.     What additional evidence in WHOIS Inaccuracy Complaints would
> Compliance find useful?
>
> 4.     Does Compliance do any analysis of WHOIS Inaccuracy trends? If
> not, why not? For example, would a policy be necessary to enable trend
> analysis?
>
>
>
>
>
>
>
> ************************************************************
> ***************************************
> This message, and any attachment contained, are confidential and subject
> of legal privilege. It may be used solely for the designated police/justice
> purpose and by the individual or entity to whom it is addressed. The
> information is not to be disseminated to another agency or third party
> without the author’s consent, and must not be retained longer than is
> necessary for the fulfilment of the purpose for which the information is to
> be used. All practicable steps shall be taken by the recipients to ensure
> that information is protected against unauthorised access or processing.
> INTERPOL reserves the right to enquire about the use of the information
> provided.
> If you are not the intended recipient, be advised that you have received
> this message in error. In such a case, you should not print it, copy it,
> make any use of it or disclose it, but please notify us immediately and
> delete the message from any computer.
> ************************************************************
> *************************************
>
>
>
> _______________________________________________
> RDS-WHOIS2-REC4-Compliance mailing list
> RDS-WHOIS2-REC4-Compliance at icann.org
> https://mm.icann.org/mailman/listinfo/rds-whois2-rec4-compliance
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/rds-whois2-rec4-compliance/attachments/20180502/53b8067b/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 24917 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/rds-whois2-rec4-compliance/attachments/20180502/53b8067b/image001-0001.jpg>

More information about the RDS-WHOIS2-REC4-Compliance mailing list