Hi Farzi,

I think your idea of providing examples of what could be considered the
"market standard" of how to treat this kind of data would be the best way
to approach the RDRS SC. Just to drop a few others, Meta (
https://transparency.fb.com/reports/government-data-requests/country/),
Google (https://transparencyreport.google.com/user-data/overview?hl=en) and
TikTok (
https://www.tiktok.com/transparency/en-us/government-removal-requests-2023-1/)
have interesting reports that could deter most arguments against
implementing it for security reasons.

One could also point out that this isn't interesting just for human rights
and civil liberties, but also for other interest groups to identify
potentially problematic regions (f. ex., a country where, for some reason,
there is a spike of registrations being used for criminal activities
commonly identified as such all around the world).

Cordially,

*Pedro de Perdigão Lana*
Lawyer <https://www.sistemafiep.org.br/>, GEDAI/UFPR
<https://www.gedai.com.br/> Researcher
PhD Candidate (UFPR), LLM in Business Law (UCoimbra)
Board Member @ CC Brasil <https://br.creativecommons.net/>, ISOC BR
<https://isoc.org.br/> and IODA <https://ioda.org.br/>
This message is restricted to the sender and recipient(s). If received by
mistake, please reply informing it.


Em sex., 5 de abr. de 2024 às 18:00, farzaneh badii <
[log in to unmask]> escreveu:

> Dear NCSG,
> As you know RDRS (the system whereby requestors of domain name registrants
> personal data submit their request to access the data-it's a triage system)
> is now in operation. (been for a few months) There is a Standing Committee
> on RDRS that meets biweekly which discusses the technical issues of the
> system. In the report that RDRS issues, we usually can see the number of
> requests on behalf of law enforcement agencies but it does not specify
> which jurisdictions.
> It is common practice for different Internet organizations and
> tech-companies to report at least on the jurisdiction. For example, Apple
> has been publishing the LEA transparency reports, for example you can see
> which countries and how many apps were requested to be removed from the App
> Store:
> https://www.apple.com/legal/more-resources/docs/2022-App-Store-Transparency-Report.pdf
>
> Other Internet organizations also report on which countries requested
> data, here is for example a RIPE NCC transparency report:
> https://www.ripe.net/publications/docs/ripe-794/
>
> This topic has been of interest for NCSG for a long time because of its
> implications on human rights and civil liberty.
>
> I want to suggest that we bring this issue to RDRS SC and ask to open up
> the discussion on how we can have some minimal transparency in place. For
> example which countries the law enforcement agencies submit requests from.
> We can open up the conversation and also consider what measures to take not
> to disrupt ongoing investigations and come to a middle ground on this. This
> is not the only way we can request some minimal transparency but it could
> be a start.
>
> Stephanie is our representative on RDRS SC. Maybe she can bring up this
> issue in that group?
>
>
>
>
>
>
>
>
>
> Farzaneh
>