[Ssr2-review] ICANN SSR answers FAO Russ, Kerry-Ann

Mon Feb 25 09:40:19 UTC 2019

Dear Russ and Kerry-Ann,

Please see below for answers to questions from the ICANN SSR workstream. The complete list of questions and answers can be viewed here: https://docs.google.com/document/d/14eJwDGP-LvS9ltTmZoh1i19Fi0_pB2nJ4JYMsS7lsco/edit?usp=sharing.

Review Team volunteers: Russ, Kerry-Ann
Workstream: ICANN SSR
Topic: Perform an assessment of internal security, stability and resiliency of ICANN's operation processes and services.
Subtopic: Compliance

Q: Previous answer provided by ICANN org “Contractual Compliance has a standard Approach and Process (https://www.icann.org/resources/pages/approach-processes-2012-02-25-en) that applies across the registrar, registry and audit program. Contractual Compliance monitors complaints to identify patterns and systemic issues of noncompliance within and across the complaint types and the contracted parties. This effort is useful in identifying trends of issues and most importantly in identifying opportunities to conduct outreach or additional proactive monitoring.
For example, based on trends identified by Contractual Compliance (including review of WHOIS inaccuracy complaints submitted by the public and generated as a result of the WHOIS ARS), Contractual Compliance launched a WHOIS Inquiry effort in 2016 that focused on registrars in China and Korea. These inquiries focused on issues with the 2013 RAA WHOIS Accuracy Specification Program (WAPS) requirements. These efforts continued for registrars in China, United States and other regions. Please refer to the annual update published at this link:  https://www.icann.org/en/system/files/files/annual-2016-31jan17-en.pdf . Outreach efforts are ongoing; please refer to Outreach page (https://www.icann.org/resources/compliance-reporting-performance) for more information.”  What are the other regions referred to in the answer?

A: Please refer to the published compliance reports (https://www.icann.org/resources/pages/compliance-reports-2018) and the Outreach page (https://www.icann.org/resources/compliance/outreach)  for a complete list of the different activities across different years. To list a few in 2018, compliance conducted outreach in APAC region (China, Korea), EMEA (Germany and Turkey), NA and Africa.

Q: Can you report on your methodology for the ICANN Contractual Compliance Performance Reports? Is there documentation with version control, is there a permanent link?

A: To learn more about the Contractual Compliance reports description and definition, please refer to this link https://features.icann.org/compliance/dashboard/archives#definition). Once the performance reports are published for a particular time period (i.e., monthly, quarterly or annually), they are not changed and have permanent links on the webpage at https://features.icann.org/compliance/dashboard/report-list. There are a limited number of reports that are published on a rolling basis and for which past data is removed from the website. These include the reports listed under the rolling 13-month header at https://features.icann.org/compliance.

Q: How are indicators chosen, and how do you account for regional differences (e.g. number of registries in different regions)? Is there documentation with version control, is there a permanent link?

A: Contractual Compliance reporting of metrics and participation in outreach activities with contracted parties are determined based on the community concerns, systemic issues and volume of complaints, and at times, based on contract and/or policy changes and implementations. The regional metrics generated by ICANN Contractual Compliance refers to the ICANN regions. See prior response regarding version control and links.

Q: Is there a compliance function in GDD?

A: No, there is no compliance function in ICANN’s Global Domains Division.

Q: For example, is there contractual enforcement if access to data is denied?

A: ICANN’s Global Domains Division, as well as other ICANN departments, may refer matters implicating contractual obligations to the ICANN Contractual Compliance team for review and follow up with the ICANN contracted parties, as needed.

--
Jennifer Bryce
Senior Reviews Coordinator
Internet Corporation for Assigned Names and Numbers (ICANN)

Email: jennifer.bryce at icann.org
Skype: jennifer.bryce.icann
www.icann.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ssr2-review/attachments/20190225/18341530/attachment.html>