[NCAP-Discuss] About the brief from ICANN Legal on "Visible Interruption and Notification"

[Ram Mohan]

Thanks Matt. This is helpful.

I don't think there has been any notion of ill will or bad faith. The
transparency in publishing the brief helps clear the minds of any who might
think so.

Regards
Ram

On Thu, Jan 11, 2024, 3:51 PM Matt Larson <matt.larson at icann.org> wrote:

> Dear colleagues,
>
> The SO and AC leadership met this week in Washington, DC, and the topic of
> NCAP came up in the context of a discussion of a brief about “Visible
> Interruption and Notification” (formerly “Active Collision Assessment” and
> hereafter VIN, for lack of a shorter name or better abbreviation) that I
> requested from ICANN Legal. I was not in the room, but apparently there is
> concern about the existence of this brief and if it signals anything about
> ICANN org’s plans for NCAP Study 2. I’m writing this email to relate the
> history behind the brief and show that there is no ill intent.
>
> There has always been a contingent in the DG who strongly support VIN. As
> time passed, it became increasingly clear to me that the final Study 2
> report would almost certainly include a recommendation for VIN as a tool
> for the TRT. Back in the 2012 round, a similar (if not identical) idea was
> proposed and rejected for privacy and liability reasons. (Controlled
> Interruption was ultimately used instead as a name collision identification
> and notification technique.) I recalled the reception that the “honey pot”
> idea (as it was called then) from 2012 had received and didn’t want the org
> to be unprepared when Study 2 was published. So in March 2023 I briefed
> ICANN Legal on the technical details of VIN (then called Active Collision
> Assessment) and asked for an opinion on possible issues. That might seem a
> long time ago, but please recall that this group has thought Study 2 was
> always a couple months from completion for over a year. The document that
> ICANN Legal provided was written as legal advice for ICANN org. The brief
> is therefore labeled confidential attorney-client work product: not because
> the conclusions are secret (they’re not) but because I didn’t ask for a
> document suitable for publication. The intent at that point was a document
> for the org’s internal information. I believe I mentioned the brief
> informally to a few people as time passed: I certainly wasn’t hiding its
> existence.
>
> In my experience, a well-functioning legal department doesn’t tell you,
> “You can’t do that”. Instead, they say, “If you want to do that, you should
> consider these issues and risks”. Indeed, the brief doesn’t state “Don’t do
> VIN.” Rather, it outlines risks (chiefly related to privacy). My read of
> the brief is that it does take a somewhat pessimistic view of the viability
> of VIN because of the resulting privacy issues and resulting legal risks.
>
> At the October 2023 workshop, we talked extensively about the “toolbox” of
> techniques for the TRT, including VIN. I decided that it would be
> appropriate to mention the legal brief when the discussion turned to VIN. I
> was only able to give a high-level summary and couldn’t share the brief for
> reasons described above. As those present at the workshop remember, the
> group ultimately decided that considering legal issues was outside of the
> DG’s remit, and that the DG would stick to documenting what it felt were
> the best technical options. It would be up to others with different
> expertise to determine if any of those techniques had non-technical
> implications.
>
> I hope this (long) message makes it clear that there is nothing funny
> going on. The brief exists because one person (me) asked for it so the org
> wouldn’t be caught unprepared at what seemed to be the ever-imminent
> publication of Study 2. It’s not public because it’s (for now) confidential
> attorney-client work product. And I’ve explained the delay between the
> writing of the brief (March 2023) and my mentioning it in a wider context
> (October 2023).
>
> I’ve been involved in NCAP as long as everyone else, and the last thing I
> want is to see Study 2 thrown out or ignored. That’s not going to happen.
>
> I can understand that by now everyone is really curious about the brief.
> :-) I’ve asked ICANN Legal for a version that can be distributed more
> widely. Preparing it might be as simple as removing the attorney-client
> work product label (the content certainly seems innocuous to me) but that’s
> a decision for ICANN Legal.
>
> Also, at the request of the Board Technical Committee, I’m going to go
> back to Legal now that VIN is actually documented in Study 2 and ask them
> to update the analysis.
>
> So if anyone heard about the discussion this week in Washington and
> wondered what was going on, I hope this email clears up any possible
> confusion and allays any possible concerns.
>
> Matt (L.)
>
> _______________________________________________
> NCAP-Discuss mailing list
> NCAP-Discuss at icann.org
> https://mm.icann.org/mailman/listinfo/ncap-discuss
>
> _______________________________________________
> By submitting your personal data, you consent to the processing of your
> personal data for purposes of subscribing to this mailing list accordance
> with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and
> the website Terms of Service (https://www.icann.org/privacy/tos). You can
> visit the Mailman link above to change your membership status or
> configuration, including unsubscribing, setting digest-style delivery or
> disabling delivery altogether (e.g., for a vacation), and so on.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/ncap-discuss/attachments/20240111/d9018e54/attachment.html>