[Ssr2-review] [Ext] Compliance call follow-up questions

Jennifer Bryce jennifer.bryce at icann.org
Thu May 30 09:58:06 UTC 2019

Hi Denise,

Thank you for sending the follow-up questions for compliance. We will begin working on these per our usual process and will keep the team apprised of progress.


From: Denise Michel <denisemichel at fb.com>
Date: Wednesday, May 29, 2019 at 8:23 PM
To: Jennifer Bryce <jennifer.bryce at icann.org>
Cc: Norm Ritchie <norm at webcatcher.ca>, "Weissinger, Laurin" <laurin.weissinger at yale.edu>, k claffy <kc at caida.org>, "Barrett, Kerry-Ann" <KABarrett at oas.org>
Subject: [Ext] Compliance call follow-up questions

Hi, Jennifer.

Here are the questions from the Compliance Subgroup that should be expedited for answers. Please let the following members know when the answers will be provided, and please direct any follow-up questions to:  Norm, Laurin, KC, Kerry-Ann, Denise

Thanks for your help.

  *   For many years, Compliance has been stating that they don’t have the tools, authority, contract language that they need to effectively address contractual compliance-related issues impacting DNS abuse, especially systemic abuse.  What stopped Compliance from doing a gap analysis and creating a list of improvements, and compiling a list of specific things they need in contracts, etc.?
  *   It is common for regulatory/compliance entities worldwide to specify the tools, authority, etc. they need to improve impact, and compliance representatives are often directly involved in negotiating and effecting these changes.  Jamie indicated that Compliance is not involved in discussions/negotiations to change the RAA & Registry agreements as it “wouldn’t be appropriate.”  What does he base this statement on? What, specifically are the barriers (Bylaw language? Contract language?) that prevents Compliance from having a seat at the negotiating table to get what they need?
  *   When will the Spec 11 Registry audit be done? Will it be publicly posted when done?
  *   Is Compliance doing an audit of Registrars’ compliance with the requirement that they must investigate and respond to abuse?
  *   Jamie said Compliance is using DAAR in the Registry audit. Are they using it in Registrar audits? If not, why not?
  *   Jamie indicated that, in the future, DAAR will provide the public with aggregated abuse stats at the Registrar level, but staff responsible for DAAR stated in Kobe that this would not be done. Please provide clarification.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ssr2-review/attachments/20190530/794534d6/attachment.html>

More information about the Ssr2-review mailing list