Hi Padmini,

In addition to the strong and independent adjudicator for information
request appeals that we discussed below (which will require encoding
appointment and independence criteria), the obligation to provide
reasons for every refusal, as well as clear rules limiting the
imposition of excessive fees on information requestors, I think it would
be worthwhile including a proactive disclosure mechanism.

In doing so, I would go one step further than most proactive disclosure
mechanisms in FOI laws and add a mechanism by which individuals can
request categories of information / activity to be added to a list of
information that is periodically disclosed. Something similar to the
Australian law: 8(2) The agency must publish the following information:
(g) information in documents to which the agency routinely gives access
in response to requests under Part III (access to documents)

Best,
Tamir


On 10/12/2015 8:35 AM, Padmini wrote:
> Dear all,
>
> This thread has been extremely insightful as far as the LEA process is
> concerned. Nonetheless, I would like to draw the conversation back to
> the original point of concern that I had raised, name with respect to
> the *public transparency  *that the DIDP process is meant to enhance.
> It would be great if we had some suggestions on how this could be
> enhanced.
>
> My analysis shows that there is a severe lack of responses from ICANN,
> and there are overbroad exclusions. What are some best practices that
> you all think should be adopted in this regard? It is crucial that
> there be *meaningful* transparency and not mere lip service.
>
> Regards
>
> Padmini Baruah
> V Year, B.A.LL.B. (Hons.)
> NLSIU, Bangalore
>
> On Mon, Oct 12, 2015 at 2:47 AM, Tamir Israel <[log in to unmask]
> <mailto:[log in to unmask]>> wrote:
>
>     Thanks James and Rafik,
>
>     This sounds good. I think I agree caution is advisable with
>     respect to getting ICANN to impose a rigid framework (or oversee
>     that framework), but it may be a useful way to impose a general
>     transparency requirement?
>
>     Best,
>     Tamir
>
>
>     On 10/11/2015 10:54 AM, James Gannon wrote:
>>     I reached out to some of the registrars and they are not aware of
>>     any formal process that LEAs would go through on the ICANN side,
>>     the process appears to be to merely forward straight to
>>     the registrar with no direct engagement with the LEA in question.
>>     We can/should put this question to Allan Grogan when he visits us
>>     as I think its an interesting one.
>>
>>     -Jaes
>>
>>     From: NCSG-Discuss on behalf of Rafik Dammak
>>     Reply-To: Rafik Dammak
>>     Date: Sunday 11 October 2015 at 2:49 p.m.
>>     To: "[log in to unmask]
>>     <mailto:[log in to unmask]>"
>>     Subject: Re: DIDP Analysis
>>
>>     Hi Tamir,
>>
>>     2015-10-11 4:10 GMT+09:00 Tamir Israel <[log in to unmask]
>>     <mailto:[log in to unmask]>>:
>>
>>         Thanks Rafik,
>>
>>         On second though, I think you are probably right. I know for
>>         .CA, LEA requests go directly to CIRA but now that I think
>>         about it, it must be because of the way our WHOIS is setup.
>>         It would make sense for LEA requests to go to registrars
>>         rather than ICANN.
>>
>>
>>     ccTLD space is another world, even more diverse and unknwon :)
>>      
>>
>>         If that's the case though then, as you say, it might still be
>>         worth exploring transparency reports, even if these end up
>>         coming from the GAC or are imposed onto registrars via ICANN
>>         policy. As an accountability mechanism, these reports are
>>         becoming fairly standard to have in the telecommunications
>>         context..
>>
>>
>>     ICANN sounds receiving requests and it happened that its teams
>>     get involved in some operations which raised the issue about the
>>     expansion of ICANN remit .
>>      
>>
>>
>>         Not sure if the DIDP process is the most appropriate
>>         mechanism for it though. Any thoughts on how something like
>>         that could be moved forward (or reasons why it should not be
>>         moved forward) would be appreciated.. There might be a
>>         clearer picture of how to design such a thing after the
>>         dublin meeting (which, regrettably, I cannot attend).
>>
>>
>>     maybe not but the transparency report seems a good framework to
>>     start with if we talk about compliance and abuse reports.  I
>>     won't think that ICANN should push the registrars and registries
>>     for a specific way to do it , but if we can work the contracted
>>     parties on that matter it will be worthy to explore. there are
>>     already some guidelines/principles/ framework that we can suggest
>>     here to registries and registrars. such transparency would
>>     protect more users interests.
>>
>>     Best,
>>
>>     Rafik 
>>
>>
>>         On 10/10/2015 9:28 AM, Rafik Dammak wrote:
>>>         Hi Tamir,
>>>         2015-10-10 2:11 GMT+09:00 Tamir Israel <[log in to unmask]
>>>         <mailto:[log in to unmask]>>:
>>>
>>>             Perhaps a single independent commissioner-type may make
>>>             the most sense.
>>>             The trick I think would be to ensure independence. That
>>>             tends to be
>>>             easier to do if there are more than one, because you can
>>>             allocate one
>>>             per stakeholder group. Still, I think by encoding some
>>>             criteria (no
>>>             strong industry or ICANN affil for 2 years back or
>>>             something; nomination
>>>             committee w/CS representation; dedicated funding for
>>>             independence) it
>>>             can be done.
>>>
>>>             Another quick thought here: I did not see a proactive
>>>             disclosure section
>>>             in the document. Would it be worth adding?
>>>
>>>             Related, does anyone know if ICANN handles law
>>>             enforcement requests or
>>>             whether these are handled by the registrars? If so, it
>>>             would seem that
>>>             including the obligation to issue annual LEA
>>>             transparency reports would
>>>             not be out of line.
>>>
>>>
>>>
>>>         to be honest, it is unclear how ICANN handle direct requests
>>>         from LEA, while we may get more information from registrars
>>>         on the type of requests they get.
>>>          there is some work going with the new Compliance Chief
>>>         Officer regarding how to handle requests or abuse reports
>>>         (but not necessarily LEA) . here a blog post with some
>>>         updates https://www.icann.org/news/blog/update-on-steps-to-combat-abuse-and-illegal-activity
>>>         (there are 2 sessions at ICANN meeting in wednesday 21st
>>>         Oct https://dublin54.icann.org/en/dublin54/schedule/wed-practices-combating-abuse
>>>         & https://dublin54.icann.org/en/dublin54/schedule/wed-compliance
>>>         . I invited weeks ago The Compliance Chief Officer to come
>>>         to NCSG meeting in Tuesday 20th Oct so we can discuss with him.
>>>
>>>         I would highlight that LEAs have their GAC Public Safety
>>>         working group and it has several sessions in Dublin meeting
>>>         too. that was shared by the LEAs representatives who came to
>>>         NCSG meeting in Buenos Aires. it will be interesting to see
>>>         what they are planning to do and push for.
>>>
>>>         definitely, the idea of LEA transparency reports should be
>>>         suggested .
>>>
>>>         Best,
>>>
>>>         Rafik
>>>
>>>
>>>
>>>             On 10/7/2015 8:46 AM, Michael Karanicolas wrote:
>>>             > That's a very interesting idea. I feel like the
>>>             structure of appeals
>>>             > is probably the trickiest conceptual aspect of
>>>             improving the DIDP, so
>>>             > good to consider alternatives. I think in part it
>>>             would depend on the
>>>             > level of demand for information that ICANN gets, and
>>>             how often appeals
>>>             > go forward. It's also important to bear in mind that,
>>>             whoever is
>>>             > deciding these things, they need to have access to
>>>             absolutely
>>>             > everything ICANN has, and a high level of familiarity
>>>             with the inner
>>>             > workings of ICANN, so that they could determine, for
>>>             example, whether
>>>             > particular information would compromise the integrity
>>>             of ICANN's
>>>             > deliberative and decision-making process in line with
>>>             the second
>>>             > defined condition for nondisclosure.
>>>             >
>>>             > This is in addition to the qualities Karel mentions
>>>             (robust, cost
>>>             > effective, timely appeals) - which I also fully agree
>>>             with.
>>>             >
>>>             > On Tue, Oct 6, 2015 at 2:12 PM, Tamir Israel
>>>             <[log in to unmask] <mailto:[log in to unmask]>> wrote:
>>>             >> On 10/6/2015 1:02 PM, Michael Karanicolas wrote:
>>>             >>> This sort of brings us back to a fundamental
>>>             challenge with reforming ICANN's
>>>             >>> access to information system, which is the need for
>>>             some sort of analogous independent branch (I'm not
>>>             completely certain the Ombudsman fits the bill).
>>>             >> On this point, I'm not sure how far we dare go here,
>>>             but would it be
>>>             >> unreasonable to set up an arb panel comparable to the
>>>             ones private ones
>>>             >> used for the UDRP (only, of course, appointed by a
>>>             cross-stakeholder
>>>             >> nomination committee and with strict independence
>>>             criteria) for
>>>             >> evaluating such things?
>>>             >>
>>>             >> Best,
>>>             >> Tamir
>>>             >>
>>>
>>>
>>>
>>
>>
>
>