[CCWG-ACCT] Bringing AoC Reviews into ICANN Bylaws, v5.4 reflecting Paris and new Non-Disclosure rule

[James Gannon]

The place to reflect that would be in the Confidential Disclosure Framework rather than in the bylaws in my opinion.

-James

From: accountability-cross-community-bounces at icann.org [mailto:accountability-cross-community-bounces at icann.org] On Behalf Of Chartier, Mike S
Sent: Thursday, July 23, 2015 3:16 PM
To: Steve DelBianco; wp1 at icann.org; Accountability Cross Community
Cc: ACCT-Staff
Subject: Re: [CCWG-ACCT] Bringing AoC Reviews into ICANN Bylaws, v5.4 reflecting Paris and new Non-Disclosure rule

Since this is going into the bylaws, and because some personal data is covered by regulations, do we need to cite ICANN’s Privacy Policy as controlling in these instances?

From: accountability-cross-community-bounces at icann.org<mailto:accountability-cross-community-bounces at icann.org> [mailto:accountability-cross-community-bounces at icann.org] On Behalf Of Steve DelBianco
Sent: Thursday, July 23, 2015 9:34 AM
To: wp1 at icann.org<mailto:wp1 at icann.org>; Accountability Cross Community
Cc: ACCT-Staff
Subject: Re: [CCWG-ACCT] Bringing AoC Reviews into ICANN Bylaws, v5.4 reflecting Paris and new Non-Disclosure rule

Update to reflect discussions in WP1 yesterday, regarding the non-disclosure provision.

CCWG is proposing giving AoC Review Teams access to ICANN internal documents, which includes some information that is proprietary or sensitive. This creates two disclosure concerns:

First, what to do if ICANN redacts or withholds any information sought by a review team?

Second, of information that is shared with the review team, how to determine which information the Review Team must not disclose — in its report or otherwise?

A subset of WP1 members (Alan Greenberg, Greg Shatan, James Gannon, Jordan Carter, and me) drafted new text, shown below and on page 3 of the attached doc.

Confidential Disclosure to Review Teams:
To facilitate transparency and openness regarding ICANN's deliberations and operations, the review teams, or a subset thereof, shall have access to ICANN internal information and documents.  If ICANN refuses to reveal documents or information requested by the review team, ICANN must provide a justification to the review team.   If the review team is not satisfied with ICANN’s justification, it can appeal to the Ombudsman and/or the ICANN Board for a ruling on the disclosure request.

For documents and information that ICANN does disclose to the review team, ICANN may designate certain documents and information as not for disclosure by the review team, either in its report or otherwise.   If the review team is not satisfied with ICANN’s designation of non-disclosable documents or information, it can appeal to the Ombudsman and/or the ICANN Board for a ruling on the non-disclosure designation.

A confidential disclosure framework shall be published by ICANN. The confidential disclosure framework shall describe the process by which documents and information is classified, including a description of the levels of classification that documents or information may be subject to, and the classes of persons who may access such documents and information

The confidential disclosure framework shall describe the process by which a review team may request access to documents and information that are designated as classified or restricted access.
The confidential disclosure framework must provide a mechanism to escalate and/or appeal the refusal to release documents and information to duly recognized review teams.





From: Steve DelBianco
Date: Monday, July 20, 2015 at 2:01 PM
To: "wp1 at icann.org<mailto:wp1 at icann.org>"
Cc: Jordan Carter, Avri Doria
Subject: Bringing AoC Reviews into ICANN Bylaws, v5 reflecting Paris Saturday discussion

Updated to reflect Saturday in Paris, where we said that commitments stated within the new gTLD and WHOIS reviews would stay in that section of the Bylaws, instead of moving them to the Core Values.

I have noted 1 area with yellow highlighting for follow-up:

In the chapeau on page 3 we note the need to define confidentiality and non-disclosure rules when the review team accesses documents that ICANN management says are confidential, sensitive, or proprietary.

—Steve


From: Steve DelBianco
Date: Friday, July 17, 2015 at 7:40 AM
To: "accountability-cross-community at icann.org<mailto:accountability-cross-community at icann.org>"
Cc: Jordan Carter, Avri Doria, "wp1 at icann.org<mailto:wp1 at icann.org>"
Subject: Bringing AoC Reviews into ICANN Bylaws, v4 reflecting Paris discussion

Today (17-Jul) we reviewed and revised the proposal to bring AoC Reviews into the ICANN Bylaws.

By my notes, here are the changes we agreed today:

Preference for option 2 on team composition, so removed 3-May proposal and Option 1.

Allow ATRT to amend these reviews, too.

Add 1 ICANN board member to each review team under option 2.  Note that our 3-May draft had a board member on each team.

Bruce Tonkin suggested requiring review teams to Prioritize their recommendations.   We heard several objections to making that a requirement, so I added it as a suggestion: "The review team should attempt to assign priorities to its recommendations."

Remaining challenges:

How to give review team access to ICANN Internal documents, while preventing disclosure/publication of information that is sensitive, confidential, or proprietary?  Do we impose sanctions for unauthorized disclosure?  HELP NEEDED HERE.

Steve Crocker recommended changing the AoC commitments for WHOIS/Directory Services.  We heard some agreement with that idea, but strong cautions about attempting to drop WHOIS commitments as part of the transition.  Instead, amendments to the WHOIS/Directory Services review could be recommended by the first post-transition ATRT.


—
Steve DelBianco
Executive Director
NetChoice
http://www.NetChoice.org<http://www.netchoice.org/> and http://blog.netchoice.org<http://blog.netchoice.org/>
+1.703.615.6206


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/accountability-cross-community/attachments/20150723/519d681e/attachment.html>