[Gnso-epdp-team] Notes and action items - EPDP Phase 2 Meeting #18 - 5 September 2019

Margie Milam margiemilam at fb.com
Fri Sep 6 19:22:39 UTC 2019

Hi –
Per my action item, please find attached the updated use case, based on yesterday’s discussion.  I am aware that Sarah has submitted additional comments on behalf of the RrSG–  we can discuss those next week along with any other contributions received on the case study.


On behalf of the BC

From: Gnso-epdp-team <gnso-epdp-team-bounces at icann.org> on behalf of Caitlin Tubergen <caitlin.tubergen at icann.org>
Date: Thursday, September 5, 2019 at 11:23 AM
To: "gnso-epdp-team at icann.org" <gnso-epdp-team at icann.org>
Subject: [Gnso-epdp-team] Notes and action items - EPDP Phase 2 Meeting #18 - 5 September 2019

Dear EPDP Team,

Please find notes and action items from today’s EPDP meeting below.

As a reminder, our next EPDP meeting will be on Monday, 9 September at 15:30 UTC (08:30 local time). Safe travels to Los Angeles!

Best regards,

Marika, Berry, and Caitlin


EPDP Phase 2 - Meeting #18

Thursday, 5 September 2019 at 14.00 UTC

Action Items

  1.  EPDP Leadership to distribute an initial draft F2F agenda by Saturday, 5 September (morning, European time).
  2.  EPDP Team to provide feedback on the initial proposal of the agenda by 15:00 UTC on Sunday, 8 September in order for feedback to be considered during the EPDP Leadership Team’s further refinement of the F2F agenda.
  3.  Chris Lewis-Evans to modify agreed-upon changes to LEA-2 use case. Following these updates, this use case will be parked.
  4.  EPDP Team Members to provide input to BC-3 in writing by tomorrow, 6 September. Margie to edit the use accordingly in advance of the F2F meeting. Please find a link to the Google Doc here: Identify owner of abusive domains and other related domains involved in civil legal claims related to phishing, malware, botnets, and other fraudulent activities (BC 3)<https://community.icann.org/download/attachments/111386876/BC-3%20Use%20Case%20-%20Investigate%20Abusive%20Domain.docx?version=1&modificationDate=1562486157000&api=v2>.


These high-level notes are designed to help the EPDP Team navigate through the content of the call and are not meant as a substitute for the transcript and/or recording. The MP3, transcript, and chat are provided separately and are posted on the wiki at: https://community.icann.org/x/ZwPVBQ.

EPDP Phase 2 - Meeting #18

Thursday, 5 September 2019 at 20.00 UTC

1.               Roll Call & SOI Updates (5 minutes)

·         Attendance will be taken from Zoom

·         Remember to mute your microphones upon entry to Zoom.

·         Please state your name before speaking for transcription purposes.

·         Please remember to review your SOIs on a regular basis and update as needed. Updates are required to be shared with the EPDP Team.

·         Farzaneh Badii noted she has recently changed employers and is no longer working at the Internet Governance Project

2.               Confirmation of agenda (Chair)

·         Proposal from Janis to review Item 6 after housekeeping.

3.               Welcome and housekeeping issues (Chair) (5 minutes)

a)                      Legal committee update

·         As noted last week, the four questions in Batch 1 were transmitted to Bird & Bird last Thursday.

·         Bird & Bird estimated that it could provide guidance on the four questions by the end of this week so that the Team can have the guidance going into its F2F meeting next week.

·         After reviewing the questions, Bird & Bird came back with two clarification questions, and the Legal Committee agreed to the responses during its last call.

b)                      Letter to Goran re. questions for input prior to F2F meeting

·         The EPDP Team’s questions to the Strawberry Team were submitted to Goran

·         Goran responded noting that he is busy with preparation of the Board retreat and is therefore not able to provide answers by today; however, he is looking forward to speaking to the Team during the F2F meeting.

4.          Use case – second/final reading: Investigation of criminal activity against a victim in the jurisdiction of the investigating EU LEA requesting data from a local data controller [docs.google.com]<https://urldefense.proofpoint.com/v2/url?u=https-3A__docs.google.com_document_d_1bm8sdjrNHvNgftMK4f8s-2DU81FlNSIe2TVNlQKCXZy5k_edit&d=DwMGaQ&c=FmY1u3PJp6wrcrwll3mSVzgfkbPSS6sJms7xcl4I5cM&r=8K75qGdDlOta4kh6k2F0jrT195M3tF3J_Fxcz6EvuG2kYKDeA67ZTEnthHXAPVXH&m=_mVL-GaXnYh6zYbiXgemvPuXwKwPhCr8HhOWxjPlzqE&s=dCgrGyK9nAfgXiv1pnMsp51wM1sNobHTybLo8U3_TFw&e=>. (LEA 2) (15 minutes)

                               a. Overview of updates made in response to input received (GAC)

                                                b. Feedback from EPDP Team (subsection by subsection)

·         Subsection B

·         6(1)(c) and 6(1)(f) are listed here, but later in the document (in Subsection G) a balancing test is referenced, but there is no balancing test required for 6(1)(c)

·         Note in subsection G, a reference to 6(1)(f) will be added.

·         Subsection E

·         Section 2.2d - this supporting lawful basis appears to be mistaken

·         This just refers to the processing the LEA is carrying out.

·         Subsection J

·         Could the Team make a note here to start with a national authority here, and have the gov’t perhaps through their GAC rep say this is or is not a real law enforcement in a jx?

·         A national body could exist to authenticate others, but this does not exist currently.

·         Subsection O

·         In a situation like this, a CP may need to contact external counsel, which could take longer than two business days, so there is now a reference to an agreed time scale.

·         Is there a common understanding of automated substantive response? If not, perhaps replace “yes” with “maybe”.

·         Answer: no.

                                  c. Confirm next steps

Action item: Chris Lewis-Evans to modify agreed-upon items during this call, and this use case will be parked.

5.                        Use case – first reading: Identify owner of abusive domains and other related domains involved in civil legal claims related to phishing, malware, botnets, and other fraudulent activities (BC 3)<https://community.icann.org/download/attachments/111386876/BC-3%20Use%20Case%20-%20Investigate%20Abusive%20Domain.docx?version=1&modificationDate=1562486157000&api=v2> (30 minutes)

a)                      Intro to use case and overview of how/where this use case is different from SSAC 3 (BC)

·         The purpose of this use case relates to investigation, detection, and bringing civil claims regarding abusive domain names.

·         The SSAC use case, instead, deals with investigation and mitigation - it does not include bringing civil cases.

·         The SSAC use case deals mostly with criminal-related investigations, and this use case deals with civil claims.

·         Data elements - all data is used to identify other malicious domain names.

·         Lawful basis - still waiting for legal advice related to some of these legal bases. Establishment of legal claims is referred to as an exception under GDPR to certain types of processing.

·         There needs to be a trust accreditation that has been verified; this is not something that is open to anyone.

·         Subsection J - for accreditation, individuals and entities seeking accreditation should agree that data will be used only for legitimate and lawful purposes, terms related to use of data. There may be enhanced accreditation fees.

b)                     Feedback from EPDP Team

General Comments:

·         This use case could be divided b/w the first SSAC use case and a law enforcement use case.

·         This use case deserves discussion in Los Angeles b/c it takes a different spin. It does not seem to be accreditation-based and there is monetary compensation referenced. This use case creates more questions than answers.

·         This use case is dealing with companies trying to protect their own networks.

·         This use case seems to be proposing an access fee for large players that would give them access to data similar to the old WHOIS system.

·         This would involve queries that are specific to a known abusive domain name, not unlimited access to the database.

·         One job of the EPDP Team is to understand what options are allowable under the law. Figuring out what is allowable under the law is not the same as reverting to the old WHOIS system.

·         This use case is not asking for new functionality - this is something that is considered in the new gTLD program

·         Subsection C

·         For tech contact, the postal address will not be used for Tech Contact anymore.

·         Third bullet point (other domain names linked to registrant’s contact fields) - this gets into reverse WHOIS look-ups, which is problematic

·         May need legal advice here - if you obtain contact info for a domain name engaged in bad activity - receiving names based on identical contact information seems to be OK. This may be ripe for legal advice.

·         Reverse WHOIS look-ups is not a matter of ICANN policy, so this is out of scope for this team’s work. This could become a PDP in the future but does not warrant getting legal advice.

·         Subsection D

·         Everything except 6(1)(f) is likely to run afoul of any interpretation of the law

·         Subsection F

·         Concerns - if you are representing that you are using the data for a certain purpose and then not following through with that, you may be abusing the system. This is something that needs to be monitored and part of the safeguards.

·         This is an issue but may not be indicative of abuse, but monitoring this would be extremely difficult

·         If an entity requests data for pursuing a claim and then doesn’t pursue it, it should be required to delete the data.

·         Remedial action is taken if the data is not used for its claimed purpose.

c)                      Confirm next steps

·         Action items: EPDP Team Members to provide input in writing by tomorrow, 6 September. Margie to edit the use accordingly in advance of the F2F meeting.

6.                            LA F2F Meeting (20 minutes)

a)                      Review proposed schedule and priorities identified

·         Support Staff circulated a survey, asking members to prioritize topics for F2F

·         Support Staff also circulated a list of outstanding issues, asking the Team to draft initial write-ups for the outstanding issues

·         Thanks to all for their patience as we learn to use a new tool (Clicktools)

·         The survey results have been posted in the chat.

·         In reviewing the document, please refer to the mean results and focus on the lowest numbers, which indicates the items voted as highest priority.

·         There is a clearer indication of preference if you look at the building blocks.

·         There is a clear priority to discuss authentication and accreditation.

·         The Leadership Team will also look at open questions and issues noted in the comments section when building the agenda.

·         Janis’ current thinking, which is subject to change as the agenda is built out, is to start with a general overview and if the Team views the SSAD in the same way conceptually. The Team would then review the building blocks that are seen as the highest priority. The Team would then meet with the CEO and Strawberry Team.

·         In terms of planning the program, it would be helpful to define objectives and things that need to be resolved in sequence as opposed to setting arbitrary time blocks for reviewing items on an agenda.

·         Janis will distribute an outline of the program by Saturday morning, European time.

·         Action item: EPDP Team to provide feedback on the initial proposal of the agenda by 15:00 UTC on Sunday, 8 September so any feedback can be factored in while the EPDP Leadership Team further refines the agenda.

b)                     Confirm materials to be reviewed / expected preparations

c)                      Confirm next steps

·         Action item: EPDP Team to provide feedback on the initial proposal of the agenda by 15:00 UTC on Sunday, 8 September so any feedback can be factored in while the EPDP Leadership Team further refines the agenda.

7.                            Any other business (5 minutes)

·         When will the EPDP meetings be held during ICANN66?

·         To review the current draft GNSO schedule, please see https://docs.google.com/spreadsheets/d/1JimSyz5laTsRNDN4CvyhPTQdCQYxfMrCro7_GjrTWqY/edit#gid=1857571399

·         Note this schedule is still a work in progress, but the all-day Saturday session is set in stone.

·         There is a plenary (high interest topic) session that focuses on the EPDP.

·         What are the start and end times for each day of the F2F?

·         Answer: sessions will start at 08:30 local time and end at 17:30 local time for Monday and Tuesday, and 08:00-3:00pm (late lunch to be served at 2pm) Wednesday

8.                            Wrap and confirm next EPDP Team meeting (5 minutes):

a)                      Welcome reception LA F2F meeting on Sunday 8 September, 18.00 – 19.30 local time (Doubletree)

b)                     Confirm action items

c)                      Confirm questions for ICANN Org, if any

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20190906/9aadf513/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: BC-3 Use Case - Investigate Abusive Domain 9-5.docx
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Size: 26058 bytes
Desc: BC-3 Use Case - Investigate Abusive Domain 9-5.docx
URL: <http://mm.icann.org/pipermail/gnso-epdp-team/attachments/20190906/9aadf513/BC-3UseCase-InvestigateAbusiveDomain9-5-0001.docx>

More information about the Gnso-epdp-team mailing list