[Gdd-gnso-ppsai-impl] Notes, action items from today's PP IRT meeting--feedback requested by 27 April

Fri May 4 07:47:36 UTC 2018

Apologies for the late input on this topic. There is a lot to catch up on when efforts are focused elsewhere :)

I support and fully agree with Sara’s comments and proposed edits. 

I also agree with Theo and think that clause 4.2.2.5 should be kept in the document due to it providing protection in less democratic areas of the world. Being from a region and country where LEA does not always understand what it needs to do, what it is allowed to do, or how to do it (follow due process), clause 4.2.2.5 gives me some sense of security that I am encouraged to review the request without potentially jumping to action for a fraudulent or unlawful request.

Kind Regards,
Vlad Dinculescu
————————
DNS Africa Ltd

> On 30 Apr 2018, at 9:27 PM, theo geurts <gtheo at xs4all.nl> wrote:
> 
> Agreed with Eric and Sara, 4.2.6, we could move that one around some. 
> 
> 4.2.2.5, I rather keep it in, it does not hurt and I 100% agree, democracy is not a given. 
> Theo 
> 
> On 30-4-2018 21:05, Eric Rokobauer wrote:
>> Apologies for the late reply in providing some feedback. Comments following Sara's comments from 19 April:
>> Inclusion of "without limitations" in section 4.2.2 - I agree with Sara here. Ideally again it is to cover the Provider from potential instances that we here in this IRT may not be recognizing here.
>> 4.2.2.5 being potentially redundant - I believe this should be removed if IRT does find to be redundant. While I do appreciate Sara's comments, if we do all agree there is duplication here with the statement, best we remove to clear any potential confusion that could come later (thinking when we may not necessarily remember why we had this added in the first place).
>> 4.2.6 - I agree that this is not redundant and should still be kept, but open to having it included elsewhere within section 4.2 if majority feels it would be better represented. 
>> As for the timeframe, agree that one business day should be our default.
>> Thanks
>> Eric 
>> Eric Rokobauer
>> Sr. Registrar Compliance Manager | Endurance International Group
>> 10 Corporate Drive, Suite 300, Burlington MA 01803
>> T - 781.852.3445
>> E - eric.rokobauer at endurance.com <mailto:eric.rokobauer at endurance.com>
>> 
>> 
>> 
>> 
>> On Mon, Apr 30, 2018 at 5:12 AM, Volker Greimann <vgreimann at key-systems.net <mailto:vgreimann at key-systems.net>> wrote:
>> If you are not willing to compromise, we may get nowhere. If the line has to be drawn between this is what is reasonably possible for us to deliver (meaning everything beyond that is either unreasonable or impossible) and this is what we (meaning the PSWG) want because it is an artificial number we want, it seems clear where the policy should end up. 
>> So you are not willing to compromise and continue to demand the impossible or unreasonable. Fine, but that is not how this works at ICANN. Our compromise line is one business day. If no one moves, we are at an impasse. 
>> But please remember: Usually, you are going to get answers quicker, it is just a minimum guaranteed response time we are talking about. And anything you get here - ANYTHING! - is better than what you have now. We are not proposing to take anything away from you. We are freely agreeing to give you something. Let's not lose focus on this very important point. 
>> Volker
>> 
>> Am 27.04.2018 um 23:24 schrieb Roman, Peter (CRM):
>>> All, <>
>>>  
>>> A quick additional response to the comments in the LEA specification: 
>>> 
>>>  
>>> Note 7 says that “Registrar members of the IRT contend that the 24-hour period recommended by the PSWG is unworkable; PSWG members contend that 24 hours should be the maximum allowable time for a request to be actioned in an emergency situation.”
>>> 
>>>  
>>> This is a complete misrepresentation of the PSWG position.  The PSWG has maintained from the beginning of the conversation on emergency requests that they needed to be “actioned” immediately.  The PSWG does NOT recommend the 24-hour period, the PSWG is willing to COMPROMISE to the 24 hour period. 
>>> 
>>>  
>>> The PSWG is NOT willing to compromise to the one business day response time.  One business day, as the providers have explained it, means that an emergency request delivered to the provider on Friday afternoon does not need to be responded to until Monday afternoon.  So, one business day means 72 hours or more.  In an emergency, this is completely useless response time.  By that time, people are dead.  An imminent threat to life means that somebody is going to die any moment without this information. 
>>> 
>>>  
>>> I hope that you never have to respond to one of these requests but I also hope that if you do, you will not ignore it until you get to it the next business day.
>>> 
>>>  
>>> Peter Roman
>>> 
>>>  
>>> Senior Counsel
>>> 
>>> Computer Crime & Intellectual Property Section
>>> 
>>> Criminal Division
>>> 
>>> Department of Justice
>>> 
>>> 1301 New York Ave., NW
>>> Washington, DC 20530
>>> (202) 305-1323
>>> 
>>> peter.roman at usdoj.gov <mailto:peter.roman at usdoj.gov>
>>>  
>>> From: Gdd-gnso-ppsai-impl [mailto:gdd-gnso-ppsai-impl-bounces at icann.org <mailto:gdd-gnso-ppsai-impl-bounces at icann.org>] On Behalf Of Metalitz, Steven
>>> Sent: Friday, April 27, 2018 2:24 PM
>>> To: gdd-gnso-ppsai-impl at icann.org <mailto:gdd-gnso-ppsai-impl at icann.org>
>>> Subject: Re: [Gdd-gnso-ppsai-impl] Notes, action items from today's PP IRT meeting--feedback requested by 27 April
>>> 
>>>  
>>> Please see in-line feedback below regarding some of Sara’s points on the LEA specification.
>>> 
>>>  
>>> On behalf of Coalition for Online Accountability (COA) | www.onlineaccountability.net <http://www.onlineaccountability.net/>
>>>  
>>> 
>>> <image001.gif>
>>> 
>>> Steven J. Metalitz | Partner, through his professional corporation
>>> 
>>> T: +1.202.355.7902 | met at msk.com <mailto:met at msk.com>
>>> Mitchell Silberberg & Knupp LLP | www.msk.com <http://www.msk.com/>
>>> 1818 N Street NW, 8th Floor, Washington, DC 20036
>>> 
>>>  
>>> THE INFORMATION CONTAINED IN THIS E-MAIL MESSAGE IS INTENDED ONLY FOR THE PERSONAL AND CONFIDENTIAL USE OF THE DESIGNATED RECIPIENTS. THIS MESSAGE MAY BE AN ATTORNEY-CLIENT COMMUNICATION, AND AS SUCH IS PRIVILEGED AND CONFIDENTIAL. IF THE READER OF THIS MESSAGE IS NOT AN INTENDED RECIPIENT, YOU ARE HEREBY NOTIFIED THAT ANY REVIEW, USE, DISSEMINATION, FORWARDING OR COPYING OF THIS MESSAGE IS STRICTLY PROHIBITED. PLEASE NOTIFY US IMMEDIATELY BY REPLY E-MAIL OR TELEPHONE, AND DELETE THE ORIGINAL MESSAGE AND ALL ATTACHMENTS FROM YOUR SYSTEM. THANK YOU.
>>> 
>>>  
>>> From: Gdd-gnso-ppsai-impl [mailto:gdd-gnso-ppsai-impl-bounces at icann.org <mailto:gdd-gnso-ppsai-impl-bounces at icann.org>] On Behalf Of Amy Bivins
>>> Sent: Thursday, April 19, 2018 2:36 PM
>>> To: gdd-gnso-ppsai-impl at icann.org <mailto:gdd-gnso-ppsai-impl at icann.org>
>>> Subject: Re: [Gdd-gnso-ppsai-impl] Notes, action items from today's PP IRT meeting--feedback requested by 27 April
>>> 
>>>  
>>> Thanks, Sara and Steve, for your comments on this draft thus far. I’ve updated the draft to address your last point, Sara, and in line with Steve’s comment about separating out standard and high priority requests. I’ve left the comments in the draft from Tuesday’s call for now. Absent any strong opposition to the inclusion of the other edits proposed by Sara, as noted in the draft, these will be accepted in the next draft.
>>> 
>>>  
>>> 
>>> I encourage all IRT members to review the draft again when you are able and provide any further feedback no later than the end of next week.
>>> 
>>>  
>>> I don’t have any further information or materials for you today for next week’s meeting, but I hope to have something for you soon (I’ll send it as soon as I have it).
>>> 
>>>  
>>> Best,
>>> 
>>> Amy
>>> 
>>>  
>>> From: Gdd-gnso-ppsai-impl [mailto:gdd-gnso-ppsai-impl-bounces at icann.org <mailto:gdd-gnso-ppsai-impl-bounces at icann.org>] On Behalf Of Sara Bockey
>>> Sent: Thursday, April 19, 2018 1:20 PM
>>> To: gdd-gnso-ppsai-impl at icann.org <mailto:gdd-gnso-ppsai-impl at icann.org>
>>> Subject: Re: [Gdd-gnso-ppsai-impl] Notes, action items from today's PP IRT meeting--feedback requested by 27 April
>>> 
>>>  
>>>  
>>> Regarding Section 4.2.2 “without limitations” is necessary to ensure legitimate instances not yet listed or thought of are covered.  Examples of additional causes beyond the control of the Provider:  war, terrorism, riots, power outage, internet outage, internet failure, server failure, foreign gov’t changes, labor disputes, etc.
>>> 
>>>  
>>> Steve’s comment:  (I think this refers to 4.1.2 of the revised document Amy sent out 4/17. ) This strikes me as a reasonable list of reasons why a provider would not be able to respond in a timely fashion to an LEA disclosure request (whether High Priority or Standard Priority), but not of reasons to deny altogether a request that otherwise meets the requirements of the specification.  Should we append this list to what is now 4.1.4 (following “acts of nature”)?  I would be much more comfortable  including “without limitations” there rather than in 4.1.2.
>>> 
>>>  
>>> Regarding Section 4.2.2.5 <http://4.2.2.5/> – I see no issue with redundancy and there is no harm in including this.  If anything, it protects against potential abuse (in parts of the world that are less democratic)
>>> 
>>>  
>>> Steve’s comment:  This refers to the “well founded” phrasing in 4.1.2.5.  I still have trouble understanding what would make a request that meets all the requirements of the specification not “well founded,” and believe I pointed out on the April 17 call why this situation differs from RAA 3.18.2 where “well-founded” appears (in short, that the RAA does not define what needs to go into an actionable LE request, and this specification does).  Can Sara or others provide an example of when this ground for refusal of an LEA request might come into play?  
>>> 
>>>  
>>> Regarding Section 4.2.6 – Not redundant and 100% necessary.  Particularly for providers in parts of the world that are less democratic.  We must remember this will be applied globally.  Belt and suspenders!  At ICANN61 this addition gave registrars that spoke with me the most comfort.
>>> 
>>>  
>>> Steve’s comment (this refers to the “due process” language now appearing in 4.1.6):  I think it is redundant and for that reason do not object to it.  “Foregoing due process within its applicable jurisdiction” is really a subset of 4.1.2.2, disclosure in contravention of applicable law.   Regarding the legitimate concerns about “less democratic” jurisdictions: remember that this entire specification only applies to disclosure requests received from LE authorities within the provider’s own jurisdiction.  If you choose to establish the provider within a “less democratic” jurisdiction, that provider still has to follow the laws of that jurisdiction, including the laws that define what process is due in a particular situation.     
>>> 
>>>  
>>> 
>>> Finally, I note that Staff is using the 24-hr timeframe as the default in the document instead of one business day as agreed by the registrars.  Since one business day is what the registrars have agreed to, should it not be the default until otherwise determined?
>>> 
>>>  
>>> Steve’s comments:  I have suggested putting the two options in square brackets, don’t care which one is listed first.
>>> 
>>> sara bockey
>>> sr. policy manager | GoDaddy™
>>> sbockey at godaddy.com <mailto:sbockey at godaddy.com>  480-366-3616
>>> skype: sbockey
>>> 
>>>  
>>> 
>>> This email message and any attachments hereto is intended for use only by the addressee(s) named herein and may contain confidential information. If you have received this email in error, please immediately notify the sender and permanently delete the original and any copy of this message and its attachments.
>>> 
>>>  
>>>  
>>> From: Gdd-gnso-ppsai-impl <gdd-gnso-ppsai-impl-bounces at icann.org <mailto:gdd-gnso-ppsai-impl-bounces at icann.org>> on behalf of Amy Bivins <amy.bivins at icann.org <mailto:amy.bivins at icann.org>>
>>> Reply-To: "gdd-gnso-ppsai-impl at icann.org <mailto:gdd-gnso-ppsai-impl at icann.org>" <gdd-gnso-ppsai-impl at icann.org <mailto:gdd-gnso-ppsai-impl at icann.org>>
>>> Date: Tuesday, April 17, 2018 at 10:53 AM
>>> To: "gdd-gnso-ppsai-impl at icann.org <mailto:gdd-gnso-ppsai-impl at icann.org>" <gdd-gnso-ppsai-impl at icann.org <mailto:gdd-gnso-ppsai-impl at icann.org>>
>>> Subject: [Gdd-gnso-ppsai-impl] Notes, action items from today's PP IRT meeting--feedback requested by 27 April
>>> 
>>>  
>>> Dear Colleagues, <>
>>>  
>>> Thank you for your participation on today’s privacy/proxy IRT call. For those who could not attend, I regret that we were unable to record this meeting (an issue with a new internal recording policy), but this was a one-time issue and all future meetings will be recorded. I’ve done my best to annotate the LEA specification document with the items we discussed, and have also attached the chat transcript.
>>> 
>>>  
>>> IRT Action Items
>>> 
>>> We are nearing the completion of discussions on the LEA Specification. Other than the item of clear disagreement among members of the IRT—the time period for high priority requests—we are largely in the refining stage. To that end, we have a few final proposed edits for the group to review and comment on—including some edits that were originally suggested by Sara Bockey a few weeks ago and supported by many registrar members of the IRT. If we don’t hear any opposition to these edits that would warrant further discussion, we will make these edits as requested in the draft we publish for comment.
>>> 
>>>  
>>> Today, we considered whether the LEA Framework Specification would be clearer if we reorganized it slightly, to make more clear where processes apply to high priority requests and when they don’t. I’ve included two versions of the draft—the one with “orig” at the end of the title—which includes the proposed edits without reorganizing, and the “reorganized” one. Please review both and respond to the list with your thoughts about the proposed reorganizing of this.
>>> 
>>>  
>>> Please provide any additional input you have on this draft no later than next Friday, 27 April. Please note, specifically, questions in the following sections:
>>> 
>>> Original Numbering
>>> 
>>> Reorganized Version
>>> 
>>> Section 2.1.10 (addition of “except in high priority” language at beginning of edit)
>>> 
>>> Same section
>>> 
>>> Section 3.2.1 (addition of the words “Standard Priority” to make clear this 2 business day receipt process doesn’t apply in high priority cases)
>>> 
>>> Moved to Section 3.2.2
>>> 
>>> Section 4.2.2 (inclusion of “without limitations” language, plus input about and question from Steve Metalitz—any other reasons that registrars feel would be reasonable for refusing disclosure?); Also see feedback, generally, from PSWG liaison, in meeting chat transcript (most pasted into specification document but cuts off at the end)
>>> 
>>> Same section
>>> 
>>> Section 4.2.2.5 <http://4.2.2.5/> (is this redundant? )
>>> 
>>> Same section
>>> 
>>> Section 4.2.6 (is this redundant?)
>>> 
>>> Same section
>>> 
>>>  
>>> 
>>> I’m also attaching the most recent draft de-accreditation procedure document. As mentioned on the list last week, upon further consideration on the ICANN org side we think we should add back in the proposed transition procedure for customers impacted by the de-accreditation or termination of a third-party provider (section 4). Please review and provide any further comments on this no later than 27 April.
>>> 
>>>  
>>> For next week, we are hoping to have the requested fees information ready for you to discuss. I’ll update you as soon as I can.
>>> 
>>>  
>>> Best,
>>> 
>>> Amy
>>> 
>>>  
>>> Amy E. Bivins
>>> 
>>> Registrar Services and Engagement Senior Manager
>>> 
>>> Registrar Services and Industry Relations
>>> 
>>> Internet Corporation for Assigned Names and Numbers (ICANN)
>>> 
>>> Direct: +1 (202) 249-7551
>>> 
>>> Fax:  +1 (202) 789-0104
>>> 
>>> Email: amy.bivins at icann.org <mailto:amy.bivins at icann.org>
>>> www.icann.org <http://www.icann.org/>
>>>  
>>> 
>>> 
>>> _______________________________________________
>>> Gdd-gnso-ppsai-impl mailing list
>>> Gdd-gnso-ppsai-impl at icann.org <mailto:Gdd-gnso-ppsai-impl at icann.org>
>>> https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl <https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl>
>> -- 
>> Bei weiteren Fragen stehen wir Ihnen gerne zur Verfügung.
>> 
>> Mit freundlichen Grüßen,
>> 
>> Volker A. Greimann
>> - Rechtsabteilung -
>> 
>> Key-Systems GmbH
>> Im Oberen Werk 1
>> 66386 St. Ingbert
>> Tel.: +49 (0) 6894 - 9396 901
>> Fax.: +49 (0) 6894 - 9396 851
>> Email: vgreimann at key-systems.net <mailto:vgreimann at key-systems.net>
>> 
>> Web: www.key-systems.net <http://www.key-systems.net/> / www.RRPproxy.net <http://www.rrpproxy.net/>
>> www.domaindiscount24.com <http://www.domaindiscount24.com/> / www.BrandShelter.com <http://www.brandshelter.com/>
>> 
>> Folgen Sie uns bei Twitter oder werden Sie unser Fan bei Facebook:
>> www.facebook.com/KeySystems <http://www.facebook.com/KeySystems>
>> www.twitter.com/key_systems <http://www.twitter.com/key_systems>
>> 
>> Geschäftsführer: Alexander Siffrin
>> Handelsregister Nr.: HR B 18835 - Saarbruecken 
>> Umsatzsteuer ID.: DE211006534
>> 
>> Member of the KEYDRIVE GROUP
>> www.keydrive.lu <http://www.keydrive.lu/> 
>> 
>> Der Inhalt dieser Nachricht ist vertraulich und nur für den angegebenen Empfänger bestimmt. Jede Form der Kenntnisgabe, Veröffentlichung oder Weitergabe an Dritte durch den Empfänger ist unzulässig. Sollte diese Nachricht nicht für Sie bestimmt sein, so bitten wir Sie, sich mit uns per E-Mail oder telefonisch in Verbindung zu setzen.
>> 
>> --------------------------------------------
>> 
>> Should you have any further questions, please do not hesitate to contact us.
>> 
>> Best regards,
>> 
>> Volker A. Greimann
>> - legal department -
>> 
>> Key-Systems GmbH
>> Im Oberen Werk 1
>> 66386 St. Ingbert
>> Tel.: +49 (0) 6894 - 9396 901
>> Fax.: +49 (0) 6894 - 9396 851
>> Email: vgreimann at key-systems.net <mailto:vgreimann at key-systems.net>
>> 
>> Web: www.key-systems.net <http://www.key-systems.net/> / www.RRPproxy.net <http://www.rrpproxy.net/>
>> www.domaindiscount24.com <http://www.domaindiscount24.com/> / www.BrandShelter.com <http://www.brandshelter.com/>
>> 
>> Follow us on Twitter or join our fan community on Facebook and stay updated:
>> www.facebook.com/KeySystems <http://www.facebook.com/KeySystems>
>> www.twitter.com/key_systems <http://www.twitter.com/key_systems>
>> 
>> CEO: Alexander Siffrin
>> Registration No.: HR B 18835 - Saarbruecken 
>> V.A.T. ID.: DE211006534
>> 
>> Member of the KEYDRIVE GROUP
>> www.keydrive.lu <http://www.keydrive.lu/> 
>> 
>> This e-mail and its attachments is intended only for the person to whom it is addressed. Furthermore it is not permitted to publish any content of this email. You must not use, disclose, copy, print or rely on this e-mail. If an addressing or transmission error has misdirected this e-mail, kindly notify the author by replying to this e-mail or contacting us by telephone.
>> 
>> 
>> 
>> 
>> _______________________________________________
>> Gdd-gnso-ppsai-impl mailing list
>> Gdd-gnso-ppsai-impl at icann.org <mailto:Gdd-gnso-ppsai-impl at icann.org>
>> https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl <https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl>
>> 
>> 
>> 
>> _______________________________________________
>> Gdd-gnso-ppsai-impl mailing list
>> Gdd-gnso-ppsai-impl at icann.org <mailto:Gdd-gnso-ppsai-impl at icann.org>
>> https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl <https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl>
> _______________________________________________
> Gdd-gnso-ppsai-impl mailing list
> Gdd-gnso-ppsai-impl at icann.org
> https://mm.icann.org/mailman/listinfo/gdd-gnso-ppsai-impl

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gdd-gnso-ppsai-impl/attachments/20180504/93a385fe/attachment-0001.html>