Thanks Padmini

This is very interesting as 12% is a very low number and should be
explained by ICANN.

Based on the low numbers this could be clear evidence of the deliberate
misapplication and abuse of the DIDP rules by ICANN. Or, it could be
all legitimate responses by ICANN to requests. ICANN may argue that denial
( partial or otherwise) of the 88% requests were because they genuinely
were not within the ambit of the DIDP .

The numbers do raise serious questions , however I would not based my
conclusion solely upon the numbers.  We need to delve further and pair your
information with a few of the requests. That way we can assess for
ourselves the reasonableness of the refusals

Where a legitimate request for information is refused (hearing the facts of
the request) and denied by ICANN (hearing the reasons of the denial)
provides a clear picture of what is happening at ICANN.

great work Padmini.

regards

Karel DOUGLAS



On Wed, Oct 14, 2015 at 4:35 AM, Padmini <[log in to unmask]> wrote:

> Here's a summary of my findings.
>
>
>
> Padmini Baruah
> V Year, B.A.LL.B. (Hons.)
> NLSIU, Bangalore
>
> On Mon, Oct 12, 2015 at 9:56 PM, Tamir Israel <[log in to unmask]> wrote:
>
>> Hi Padmini,
>>
>> In addition to the strong and independent adjudicator for information
>> request appeals that we discussed below (which will require encoding
>> appointment and independence criteria), the obligation to provide reasons
>> for every refusal, as well as clear rules limiting the imposition of
>> excessive fees on information requestors, I think it would be worthwhile
>> including a proactive disclosure mechanism.
>>
>> In doing so, I would go one step further than most proactive disclosure
>> mechanisms in FOI laws and add a mechanism by which individuals can request
>> categories of information / activity to be added to a list of information
>> that is periodically disclosed. Something similar to the Australian law:
>> 8(2) The agency must publish the following information: (g) information
>> in documents to which the agency routinely gives access in response to
>> requests under Part III (access to documents)
>>
>> Best,
>> Tamir
>>
>>
>>
>> On 10/12/2015 8:35 AM, Padmini wrote:
>>
>> Dear all,
>>
>> This thread has been extremely insightful as far as the LEA process is
>> concerned. Nonetheless, I would like to draw the conversation back to the
>> original point of concern that I had raised, name with respect to the *public
>> transparency  *that the DIDP process is meant to enhance. It would be
>> great if we had some suggestions on how this could be enhanced.
>>
>> My analysis shows that there is a severe lack of responses from ICANN,
>> and there are overbroad exclusions. What are some best practices that you
>> all think should be adopted in this regard? It is crucial that there be
>> *meaningful* transparency and not mere lip service.
>>
>> Regards
>>
>> Padmini Baruah
>> V Year, B.A.LL.B. (Hons.)
>> NLSIU, Bangalore
>>
>> On Mon, Oct 12, 2015 at 2:47 AM, Tamir Israel <[log in to unmask]> wrote:
>>
>>> Thanks James and Rafik,
>>>
>>> This sounds good. I think I agree caution is advisable with respect to
>>> getting ICANN to impose a rigid framework (or oversee that framework), but
>>> it may be a useful way to impose a general transparency requirement?
>>>
>>> Best,
>>> Tamir
>>>
>>>
>>> On 10/11/2015 10:54 AM, James Gannon wrote:
>>>
>>> I reached out to some of the registrars and they are not aware of any
>>> formal process that LEAs would go through on the ICANN side, the process
>>> appears to be to merely forward straight to the registrar with no
>>> direct engagement with the LEA in question. We can/should put this question
>>> to Allan Grogan when he visits us as I think its an interesting one.
>>>
>>> -Jaes
>>>
>>> From: NCSG-Discuss on behalf of Rafik Dammak
>>> Reply-To: Rafik Dammak
>>> Date: Sunday 11 October 2015 at 2:49 p.m.
>>> To: "[log in to unmask]"
>>> Subject: Re: DIDP Analysis
>>>
>>> Hi Tamir,
>>>
>>> 2015-10-11 4:10 GMT+09:00 Tamir Israel <[log in to unmask]>:
>>>
>>>> Thanks Rafik,
>>>>
>>>> On second though, I think you are probably right. I know for .CA, LEA
>>>> requests go directly to CIRA but now that I think about it, it must be
>>>> because of the way our WHOIS is setup. It would make sense for LEA requests
>>>> to go to registrars rather than ICANN.
>>>>
>>>>
>>> ccTLD space is another world, even more diverse and unknwon :)
>>>
>>>
>>>> If that's the case though then, as you say, it might still be worth
>>>> exploring transparency reports, even if these end up coming from the GAC or
>>>> are imposed onto registrars via ICANN policy. As an accountability
>>>> mechanism, these reports are becoming fairly standard to have in the
>>>> telecommunications context..
>>>>
>>>
>>> ICANN sounds receiving requests and it happened that its teams get
>>> involved in some operations which raised the issue about the expansion of
>>> ICANN remit .
>>>
>>>
>>>>
>>>> Not sure if the DIDP process is the most appropriate mechanism for it
>>>> though. Any thoughts on how something like that could be moved forward (or
>>>> reasons why it should not be moved forward) would be appreciated.. There
>>>> might be a clearer picture of how to design such a thing after the dublin
>>>> meeting (which, regrettably, I cannot attend).
>>>>
>>>>
>>> maybe not but the transparency report seems a good framework to start
>>> with if we talk about compliance and abuse reports.  I won't think that
>>> ICANN should push the registrars and registries for a specific way to do it
>>> , but if we can work the contracted parties on that matter it will be
>>> worthy to explore. there are already some guidelines/principles/ framework
>>> that we can suggest here to registries and registrars. such transparency
>>> would protect more users interests.
>>>
>>> Best,
>>>
>>> Rafik
>>>
>>>>
>>>> On 10/10/2015 9:28 AM, Rafik Dammak wrote:
>>>>
>>>> Hi Tamir,
>>>> 2015-10-10 2:11 GMT+09:00 Tamir Israel <[log in to unmask]>:
>>>>
>>>>> Perhaps a single independent commissioner-type may make the most sense.
>>>>> The trick I think would be to ensure independence. That tends to be
>>>>> easier to do if there are more than one, because you can allocate one
>>>>> per stakeholder group. Still, I think by encoding some criteria (no
>>>>> strong industry or ICANN affil for 2 years back or something;
>>>>> nomination
>>>>> committee w/CS representation; dedicated funding for independence) it
>>>>> can be done.
>>>>>
>>>>> Another quick thought here: I did not see a proactive disclosure
>>>>> section
>>>>> in the document. Would it be worth adding?
>>>>>
>>>>> Related, does anyone know if ICANN handles law enforcement requests or
>>>>> whether these are handled by the registrars? If so, it would seem that
>>>>> including the obligation to issue annual LEA transparency reports would
>>>>> not be out of line.
>>>>>
>>>>>
>>>>
>>>> to be honest, it is unclear how ICANN handle direct requests from LEA,
>>>> while we may get more information from registrars on the type of requests
>>>> they get.
>>>>  there is some work going with the new Compliance Chief Officer
>>>> regarding how to handle requests or abuse reports (but not necessarily LEA)
>>>> . here a blog post with some updates
>>>> https://www.icann.org/news/blog/update-on-steps-to-combat-abuse-and-illegal-activity
>>>> (there are 2 sessions at ICANN meeting in wednesday 21st Oct
>>>> https://dublin54.icann.org/en/dublin54/schedule/wed-practices-combating-abuse
>>>> & https://dublin54.icann.org/en/dublin54/schedule/wed-compliance . I
>>>> invited weeks ago The Compliance Chief Officer to come to NCSG meeting in
>>>> Tuesday 20th Oct so we can discuss with him.
>>>>
>>>> I would highlight that LEAs have their GAC Public Safety working group
>>>> and it has several sessions in Dublin meeting too. that was shared by the
>>>> LEAs representatives who came to NCSG meeting in Buenos Aires. it will be
>>>> interesting to see what they are planning to do and push for.
>>>>
>>>> definitely, the idea of LEA transparency reports should be suggested .
>>>>
>>>> Best,
>>>>
>>>> Rafik
>>>>
>>>>>
>>>>>
>>>>> On 10/7/2015 8:46 AM, Michael Karanicolas wrote:
>>>>> > That's a very interesting idea. I feel like the structure of appeals
>>>>> > is probably the trickiest conceptual aspect of improving the DIDP, so
>>>>> > good to consider alternatives. I think in part it would depend on the
>>>>> > level of demand for information that ICANN gets, and how often
>>>>> appeals
>>>>> > go forward. It's also important to bear in mind that, whoever is
>>>>> > deciding these things, they need to have access to absolutely
>>>>> > everything ICANN has, and a high level of familiarity with the inner
>>>>> > workings of ICANN, so that they could determine, for example, whether
>>>>> > particular information would compromise the integrity of ICANN's
>>>>> > deliberative and decision-making process in line with the second
>>>>> > defined condition for nondisclosure.
>>>>> >
>>>>> > This is in addition to the qualities Karel mentions (robust, cost
>>>>> > effective, timely appeals) - which I also fully agree with.
>>>>> >
>>>>> > On Tue, Oct 6, 2015 at 2:12 PM, Tamir Israel <[log in to unmask]>
>>>>> wrote:
>>>>> >> On 10/6/2015 1:02 PM, Michael Karanicolas wrote:
>>>>> >>> This sort of brings us back to a fundamental challenge with
>>>>> reforming ICANN's
>>>>> >>> access to information system, which is the need for some sort of
>>>>> analogous independent branch (I'm not completely certain the Ombudsman fits
>>>>> the bill).
>>>>> >> On this point, I'm not sure how far we dare go here, but would it be
>>>>> >> unreasonable to set up an arb panel comparable to the ones private
>>>>> ones
>>>>> >> used for the UDRP (only, of course, appointed by a cross-stakeholder
>>>>> >> nomination committee and with strict independence criteria) for
>>>>> >> evaluating such things?
>>>>> >>
>>>>> >> Best,
>>>>> >> Tamir
>>>>> >>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>