[gnso-rds-pdp-wg] Who is in charge? (was Re: Why the thin data is necessary)]

jonathan matkowsky jonathan.matkowsky at riskiq.net
Thu Jun 8 09:38:03 UTC 2017 

I am not sure if calling a position you are advocating for naive is the
same as calling you naive, but it isn't helpful for sure.  We need to all
listen to each other when considering policy, and acknowledge the
importance of all stakeholders and seek to understand their points of view.

*We also need to try and build consensus*. We all have an obligation to
ensure that policy development and decision-making processes will reflect *the
public interest*, irrespective of personal interests and the interests of
the entity to which we as individuals might owe our appointment.

We all owe each other to behave in a professional manner and
demonstrate *appropriate
behavior*.
​ This includes acting in *good faith* with other participants.​  I want to
say that
​while I am certain it was not intended, that
 people
​will
 react emotionally when you single out APWG without
​ necessarily​
having any
​real need to
 do so
​ for purposes of discussion​
.
​ I know it upset me.​
​I think h
ow data is "shared" within APWG, an international coalition unifying the
global response to cybercrime across industry, government and
law-enforcement sectors and NGO communities
​is ​
a​
different issue than sharing Whois data.
​  I would encourage everyone to consider whether singling out a company
like has been done with DomainTools or APWG, is
appropriate or like I believe,
*foreseeably derails the consensus building efforts in violation of ICANN
Expected Standards of Behavior*.​

​On a side note, a
 threat researcher or analyst is not the equivalent of an investigator.  So
focusing on certifying investigators is irrelevant to any issue within the
working group.

Regards,
Jonathan Matkowsky



On Thu, Jun 8, 2017 at 11:55 AM, Stephanie Perrin <
stephanie.perrin at mail.utoronto.ca> wrote:

> Calling me naive, ill informed etc.  does not actually answer the question
> folks.  It is, I am afraid, a valid question.  What criteria does an
> organization like APWG apply, when it admits members and shares data with
> them?  How do you ensure you are not sharing data with organizations who
> are going to misuse it?  that data of course is much more that what we are
> talking about with thin data, but I did actually work on this issue on
> successive versions of the anti-spam legislation.  Oddly enough, government
> lawyers examining the issue (mostly from the competition bureau who deal
> with criminal matters) never labelled me "naive".
>
> Folks, can we please try to be polite to one another on this list?  When I
> have questions like this, I often check with experts before I ask.  They
> don't call me naive, they answer my questions.
>
> Thanks again.
>
> Stephanie
>
> On 2017-06-08 01:54, Neil Schwartzman wrote:
>
> My experience differs slightly. They aren’t ignored. The presence of these
> .TLDs is a strong indicator of abuse which bears further investigation.
>
> To the point at hand: I believe the notion of certifying private
> cybercrime investigators to be painfully naive (do I ignore reports from
> someone without a Internet Investigator License? Do we disallow them access
> to data?), impractical in the developed world, and deeply chauvinistic,
> patronizing and exclusionary to our colleagues in emerging nations where
> capacity building is exactly what’s needed to deal with next-gen abuse.
>
>
> On Jun 8, 2017, at 2:36 AM, allison nixon <elsakoo at gmail.com> wrote:
>
> We're getting there. Entire top level domains are already ignored on many
> networks like .science, .xyz, .pw, .top, .club, et cetera
>
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing listgnso-rds-pdp-wg at icann.orghttps://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
>
>
> _______________________________________________
> gnso-rds-pdp-wg mailing list
> gnso-rds-pdp-wg at icann.org
> https://mm.icann.org/mailman/listinfo/gnso-rds-pdp-wg
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/gnso-rds-pdp-wg/attachments/20170608/10873420/attachment-0001.html>

More information about the gnso-rds-pdp-wg mailing list