Here's a summary of my findings. Padmini Baruah V Year, B.A.LL.B. (Hons.) NLSIU, Bangalore On Mon, Oct 12, 2015 at 9:56 PM, Tamir Israel <[log in to unmask]> wrote: > Hi Padmini, > > In addition to the strong and independent adjudicator for information > request appeals that we discussed below (which will require encoding > appointment and independence criteria), the obligation to provide reasons > for every refusal, as well as clear rules limiting the imposition of > excessive fees on information requestors, I think it would be worthwhile > including a proactive disclosure mechanism. > > In doing so, I would go one step further than most proactive disclosure > mechanisms in FOI laws and add a mechanism by which individuals can request > categories of information / activity to be added to a list of information > that is periodically disclosed. Something similar to the Australian law: > 8(2) The agency must publish the following information: (g) information > in documents to which the agency routinely gives access in response to > requests under Part III (access to documents) > > Best, > Tamir > > > > On 10/12/2015 8:35 AM, Padmini wrote: > > Dear all, > > This thread has been extremely insightful as far as the LEA process is > concerned. Nonetheless, I would like to draw the conversation back to the > original point of concern that I had raised, name with respect to the *public > transparency *that the DIDP process is meant to enhance. It would be > great if we had some suggestions on how this could be enhanced. > > My analysis shows that there is a severe lack of responses from ICANN, and > there are overbroad exclusions. What are some best practices that you all > think should be adopted in this regard? It is crucial that there be > *meaningful* transparency and not mere lip service. > > Regards > > Padmini Baruah > V Year, B.A.LL.B. (Hons.) > NLSIU, Bangalore > > On Mon, Oct 12, 2015 at 2:47 AM, Tamir Israel <[log in to unmask]> wrote: > >> Thanks James and Rafik, >> >> This sounds good. I think I agree caution is advisable with respect to >> getting ICANN to impose a rigid framework (or oversee that framework), but >> it may be a useful way to impose a general transparency requirement? >> >> Best, >> Tamir >> >> >> On 10/11/2015 10:54 AM, James Gannon wrote: >> >> I reached out to some of the registrars and they are not aware of any >> formal process that LEAs would go through on the ICANN side, the process >> appears to be to merely forward straight to the registrar with no direct >> engagement with the LEA in question. We can/should put this question to >> Allan Grogan when he visits us as I think its an interesting one. >> >> -Jaes >> >> From: NCSG-Discuss on behalf of Rafik Dammak >> Reply-To: Rafik Dammak >> Date: Sunday 11 October 2015 at 2:49 p.m. >> To: "[log in to unmask]" >> Subject: Re: DIDP Analysis >> >> Hi Tamir, >> >> 2015-10-11 4:10 GMT+09:00 Tamir Israel <[log in to unmask]>: >> >>> Thanks Rafik, >>> >>> On second though, I think you are probably right. I know for .CA, LEA >>> requests go directly to CIRA but now that I think about it, it must be >>> because of the way our WHOIS is setup. It would make sense for LEA requests >>> to go to registrars rather than ICANN. >>> >>> >> ccTLD space is another world, even more diverse and unknwon :) >> >> >>> If that's the case though then, as you say, it might still be worth >>> exploring transparency reports, even if these end up coming from the GAC or >>> are imposed onto registrars via ICANN policy. As an accountability >>> mechanism, these reports are becoming fairly standard to have in the >>> telecommunications context.. >>> >> >> ICANN sounds receiving requests and it happened that its teams get >> involved in some operations which raised the issue about the expansion of >> ICANN remit . >> >> >>> >>> Not sure if the DIDP process is the most appropriate mechanism for it >>> though. Any thoughts on how something like that could be moved forward (or >>> reasons why it should not be moved forward) would be appreciated.. There >>> might be a clearer picture of how to design such a thing after the dublin >>> meeting (which, regrettably, I cannot attend). >>> >>> >> maybe not but the transparency report seems a good framework to start >> with if we talk about compliance and abuse reports. I won't think that >> ICANN should push the registrars and registries for a specific way to do it >> , but if we can work the contracted parties on that matter it will be >> worthy to explore. there are already some guidelines/principles/ framework >> that we can suggest here to registries and registrars. such transparency >> would protect more users interests. >> >> Best, >> >> Rafik >> >>> >>> On 10/10/2015 9:28 AM, Rafik Dammak wrote: >>> >>> Hi Tamir, >>> 2015-10-10 2:11 GMT+09:00 Tamir Israel <[log in to unmask]>: >>> >>>> Perhaps a single independent commissioner-type may make the most sense. >>>> The trick I think would be to ensure independence. That tends to be >>>> easier to do if there are more than one, because you can allocate one >>>> per stakeholder group. Still, I think by encoding some criteria (no >>>> strong industry or ICANN affil for 2 years back or something; nomination >>>> committee w/CS representation; dedicated funding for independence) it >>>> can be done. >>>> >>>> Another quick thought here: I did not see a proactive disclosure section >>>> in the document. Would it be worth adding? >>>> >>>> Related, does anyone know if ICANN handles law enforcement requests or >>>> whether these are handled by the registrars? If so, it would seem that >>>> including the obligation to issue annual LEA transparency reports would >>>> not be out of line. >>>> >>>> >>> >>> to be honest, it is unclear how ICANN handle direct requests from LEA, >>> while we may get more information from registrars on the type of requests >>> they get. >>> there is some work going with the new Compliance Chief Officer >>> regarding how to handle requests or abuse reports (but not necessarily LEA) >>> . here a blog post with some updates >>> https://www.icann.org/news/blog/update-on-steps-to-combat-abuse-and-illegal-activity >>> (there are 2 sessions at ICANN meeting in wednesday 21st Oct >>> https://dublin54.icann.org/en/dublin54/schedule/wed-practices-combating-abuse >>> & https://dublin54.icann.org/en/dublin54/schedule/wed-compliance . I >>> invited weeks ago The Compliance Chief Officer to come to NCSG meeting in >>> Tuesday 20th Oct so we can discuss with him. >>> >>> I would highlight that LEAs have their GAC Public Safety working group >>> and it has several sessions in Dublin meeting too. that was shared by the >>> LEAs representatives who came to NCSG meeting in Buenos Aires. it will be >>> interesting to see what they are planning to do and push for. >>> >>> definitely, the idea of LEA transparency reports should be suggested . >>> >>> Best, >>> >>> Rafik >>> >>>> >>>> >>>> On 10/7/2015 8:46 AM, Michael Karanicolas wrote: >>>> > That's a very interesting idea. I feel like the structure of appeals >>>> > is probably the trickiest conceptual aspect of improving the DIDP, so >>>> > good to consider alternatives. I think in part it would depend on the >>>> > level of demand for information that ICANN gets, and how often appeals >>>> > go forward. It's also important to bear in mind that, whoever is >>>> > deciding these things, they need to have access to absolutely >>>> > everything ICANN has, and a high level of familiarity with the inner >>>> > workings of ICANN, so that they could determine, for example, whether >>>> > particular information would compromise the integrity of ICANN's >>>> > deliberative and decision-making process in line with the second >>>> > defined condition for nondisclosure. >>>> > >>>> > This is in addition to the qualities Karel mentions (robust, cost >>>> > effective, timely appeals) - which I also fully agree with. >>>> > >>>> > On Tue, Oct 6, 2015 at 2:12 PM, Tamir Israel <[log in to unmask]> >>>> wrote: >>>> >> On 10/6/2015 1:02 PM, Michael Karanicolas wrote: >>>> >>> This sort of brings us back to a fundamental challenge with >>>> reforming ICANN's >>>> >>> access to information system, which is the need for some sort of >>>> analogous independent branch (I'm not completely certain the Ombudsman fits >>>> the bill). >>>> >> On this point, I'm not sure how far we dare go here, but would it be >>>> >> unreasonable to set up an arb panel comparable to the ones private >>>> ones >>>> >> used for the UDRP (only, of course, appointed by a cross-stakeholder >>>> >> nomination committee and with strict independence criteria) for >>>> >> evaluating such things? >>>> >> >>>> >> Best, >>>> >> Tamir >>>> >> >>>> >>>> >>>> >>> >>> >> >> > >