[Ssr2-review] for SSR2 team member review and edit

Denise Michel denisemichel at fb.com
Tue Oct 1 21:59:53 UTC 2019 

Per the SSR2 team’s conversation, below is a first draft of comments on the proposed implementation of the CCT Review (https://www.icann.org/public-comments/cct-rt-implementation-plan-2019-09-11-en).

Red-line comments are welcome by Oct. 8  and Mr. Matogoro and I will work on an updated draft.

Regards,
Denise

Denise Michel
denisemichel at fb.com<mailto:denisemichel at fb.com>

**DRAFT ** SSR2 Team comments on the ICANN draft implementation plan for CCT review recommendations.

Thank you for the opportunity to provide comments on the Board’s draft implementation plan for the Competition, Consumer Trust and Consumer Choice Review, 2019.

The SSR2 applauds and thanks the members of the CCT Review who worked tirelessly over a three year period to produce their final report. The report clearly documents issues relating to competition, consumer trust and consumer choice, and presents focused recommendations aimed at driving ICANN to make key improvements. Several recommendations made by the CCT team are relevant to the work of the SSR2 review. We will, however, take this opportunity to comment on the role of community reviews and how the ICANN Board and staff approach reveiws.

The SSR2 takes this opportunity, again, to express its concern and disappointment that the Board chose to accept only six out of the 35 recommendations contained in the CCT report.  Prior to the IANA transition, the Board accepted all recommendations of community review teams (ATRT, WHOIS/RDS, SSR) and these reviews were intended to be the key tool for transparency and accountability in the post-transition ICANN.  With the first community review post-transition, the CCT Review, however, the Board took a surprisingly different approach to community reviews and has not accepted a majority of the CCT Review’s recommendations.  Aside from the substantive implications, the SSR2 Review team is concerned about the implications this has for the Board’s treatment of the RDS and SSR2 Review reports, as well as for the integrity of the community review process overall.

Only these six accepted CCT recommendations are mentioned in the draft implementation plan. The Board resolution (2019.03.01.03) directs staff to plan for the implementation of ‘accepted recommendations’. It remains unclear what is planned for the 17 recommendations marked as ‘pending’  The only hint comes at resolution 2019.03.01.04, where the Board ‘directs the ICANN President and CEO, or his designee(s) to provide the Board relevant information, as requested in the Scorecard, and advise if additional time is needed within six months from this Board action.’ (emphasis added).

The implementation plan was published on 23 August 2019, and in relation to the pending recommendation notes (p22) that ICANN Org is to advise if additional time is needed by 1 September (a week after publication of the implementation plan). The draft gives no indication as to whether such requests are anticipated. It gives no timeframe for implementation, nor does it provide an update on the status of the ICANN org investigations or activity of ‘pending’ resolutions.  These are important and should be immediately, publicly provided.

Following the SSR2 team’s meetings with Board members and CCT Review team members in Kobe, and subsequent written updates, the SSR2 team was told that the Board’s response to the CCT Review recommendations and its rationale for failing to adopt the majority of the recommendations was:

  *   Impact on the ICANN budget
  *   A need for community developed definitions of key terms (such as ‘DNS Abuse’)
  *   A need for further research by ICANN org to understand issues, such as the value of publicly available data
  *   Certain recommendations were properly directed to stakeholders other than the ICANN Board, including the community or staff.

In the SSR2 Team’s opinion, the above reasons are should not be used to delay Board acceptance or staff action. The CCT Review team kept the community and the Board updated throughout the period of its review. However, the Board provided no feedback to the CCT on possible issues (budgetary or otherwise) at the time when the CCT was developing the recommendations.

The correct response to budgetary concerns (based on past Board action) would have been for the Board to approve the recommendations and note that implementation would begin in the new fiscal year.

The CCT Report references community-developed definitions to ‘DNS Abuse’ and ‘DNS Security Abuse’[1], which have been in place for a decade.  There is no excuse to delay implementation of CCT recommendations pending further definitional work on DNS Abuse.  If further analysis were really required, the correct response would have been for the Board to use the six month period between receipt of the report (March 2019) and publication of its response (June 2019), to conduct due diligence and investigate ways to implement the recommendations, or raise questions and concerns with the relevant parties.

Where recommendations are directed at other groups, the proper response (based on past Board action) would have been for the Board to adopt the recommendations, note that a PDP (or other appropriate action) is required, and send the recommendation to the responsible entity with a request for expedited consideration/action.

None of the above steps were taken. The Board’s response to the CCT Review came as a shock to the CCT Review team and to the community, and it was especially demoralizing for members of other community reviews, such as the SSR2.  We are now deeply concerned that our years of volunteer effort on behalf of the ICANN community will be similarly wasted and disrespected.

Whether by intent or by poor communication, the Board response to the CCT Review raises concerns among the SSR2 membership that the ‘pending’ status was adopted as a means for ICANN to avoid implementing the majority of CCT recommendations. Aside from the demoralizing effect on SSR2 members, the Board’s attitude to specific review recommendations should raise red flags among the ICANN community.

The specific reviews are the most tangible mechanism to provide accountability for the ICANN Board and Staff to the ICANN multistakeholder community. The reviews evolved from the Affirmation of Commitments between the United States and ICANN and were inserted into the ICANN Bylaws as part of the IANA transition. In the opinion of the SSR2 Review Team, the expectation would be that, absent compelling justification, the Board would accept all the recommendations in specific reviews.

Of greater concern is the message the Board’s actions send to external audiences, including those who are sceptical of the value of multistakeholder processes following the IANA transition. The specific reviews are failing as an accountability mechanism, leaving the Board and ICANN Org free from external or internal constraints.





________________________________
[1] The CCT final report adopts the following, community-developed definitions for DNS Abuse and DNS Security Abuse:
“DNS Abuse” is a term used by the Review Team that refers to “intentionally deceptive, conniving, or unsolicited activities that actively make use of the DNS and/or the procedures used to register domain names” (see p. 3 of the “New gTLD Program Safeguards Against DNS Abuse: Revised Report”).
“DNS Security Abuse” in the context of this report refers to specific, technical forms of abusive behavior: malware distribution, phishing, pharming, botnet command-and-control, and spam in the DNS. For more on how abuse has been characterized by the ICANN Community, see the Registration Abuse Policies Working Group’s Final Report (29 May 2010).
The glossary to the CCT report also reflects those definitions.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ssr2-review/attachments/20191001/cc4bb5f3/attachment.html>

More information about the Ssr2-review mailing list