Hi Padmini,

In addition to the strong and independent adjudicator for information request appeals that we discussed below (which will require encoding appointment and independence criteria), the obligation to provide reasons for every refusal, as well as clear rules limiting the imposition of excessive fees on information requestors, I think it would be worthwhile including a proactive disclosure mechanism.

In doing so, I would go one step further than most proactive disclosure mechanisms in FOI laws and add a mechanism by which individuals can request categories of information / activity to be added to a list of information that is periodically disclosed. Something similar to the Australian law: 8(2) The agency must publish the following information: (g) information in documents to which the agency routinely gives access in response to requests under Part III (access to documents)

Best,
Tamir


On 10/12/2015 8:35 AM, Padmini wrote:
[log in to unmask]" type="cite">
Dear all,

This thread has been extremely insightful as far as the LEA process is concerned. Nonetheless, I would like to draw the conversation back to the original point of concern that I had raised, name with respect to the public transparency  that the DIDP process is meant to enhance. It would be great if we had some suggestions on how this could be enhanced.

My analysis shows that there is a severe lack of responses from ICANN, and there are overbroad exclusions. What are some best practices that you all think should be adopted in this regard? It is crucial that there be meaningful transparency and not mere lip service.

Regards

Padmini Baruah
V Year, B.A.LL.B. (Hons.)
NLSIU, Bangalore

On Mon, Oct 12, 2015 at 2:47 AM, Tamir Israel <[log in to unmask]> wrote:
Thanks James and Rafik,

This sounds good. I think I agree caution is advisable with respect to getting ICANN to impose a rigid framework (or oversee that framework), but it may be a useful way to impose a general transparency requirement?

Best,
Tamir


On 10/11/2015 10:54 AM, James Gannon wrote:
I reached out to some of the registrars and they are not aware of any formal process that LEAs would go through on the ICANN side, the process appears to be to merely forward straight to the registrar with no direct engagement with the LEA in question. We can/should put this question to Allan Grogan when he visits us as I think its an interesting one.

-Jaes

From: NCSG-Discuss on behalf of Rafik Dammak
Reply-To: Rafik Dammak
Date: Sunday 11 October 2015 at 2:49 p.m.
To: "[log in to unmask]"
Subject: Re: DIDP Analysis

Hi Tamir,

2015-10-11 4:10 GMT+09:00 Tamir Israel <[log in to unmask]>:
Thanks Rafik,

On second though, I think you are probably right. I know for .CA, LEA requests go directly to CIRA but now that I think about it, it must be because of the way our WHOIS is setup. It would make sense for LEA requests to go to registrars rather than ICANN.


ccTLD space is another world, even more diverse and unknwon :)
 
If that's the case though then, as you say, it might still be worth exploring transparency reports, even if these end up coming from the GAC or are imposed onto registrars via ICANN policy. As an accountability mechanism, these reports are becoming fairly standard to have in the telecommunications context..

ICANN sounds receiving requests and it happened that its teams get involved in some operations which raised the issue about the expansion of ICANN remit .
 

Not sure if the DIDP process is the most appropriate mechanism for it though. Any thoughts on how something like that could be moved forward (or reasons why it should not be moved forward) would be appreciated.. There might be a clearer picture of how to design such a thing after the dublin meeting (which, regrettably, I cannot attend).


maybe not but the transparency report seems a good framework to start with if we talk about compliance and abuse reports.  I won't think that ICANN should push the registrars and registries for a specific way to do it , but if we can work the contracted parties on that matter it will be worthy to explore. there are already some guidelines/principles/ framework that we can suggest here to registries and registrars. such transparency would protect more users interests.

Best,

Rafik 

On 10/10/2015 9:28 AM, Rafik Dammak wrote:
Hi Tamir,
2015-10-10 2:11 GMT+09:00 Tamir Israel <[log in to unmask]>:
Perhaps a single independent commissioner-type may make the most sense.
The trick I think would be to ensure independence. That tends to be
easier to do if there are more than one, because you can allocate one
per stakeholder group. Still, I think by encoding some criteria (no
strong industry or ICANN affil for 2 years back or something; nomination
committee w/CS representation; dedicated funding for independence) it
can be done.

Another quick thought here: I did not see a proactive disclosure section
in the document. Would it be worth adding?

Related, does anyone know if ICANN handles law enforcement requests or
whether these are handled by the registrars? If so, it would seem that
including the obligation to issue annual LEA transparency reports would
not be out of line.



to be honest, it is unclear how ICANN handle direct requests from LEA, while we may get more information from registrars on the type of requests they get.
 there is some work going with the new Compliance Chief Officer regarding how to handle requests or abuse reports (but not necessarily LEA) . here a blog post with some updates https://www.icann.org/news/blog/update-on-steps-to-combat-abuse-and-illegal-activity (there are 2 sessions at ICANN meeting in wednesday 21st Oct https://dublin54.icann.org/en/dublin54/schedule/wed-practices-combating-abusehttps://dublin54.icann.org/en/dublin54/schedule/wed-compliance . I invited weeks ago The Compliance Chief Officer to come to NCSG meeting in Tuesday 20th Oct so we can discuss with him.

I would highlight that LEAs have their GAC Public Safety working group and it has several sessions in Dublin meeting too. that was shared by the LEAs representatives who came to NCSG meeting in Buenos Aires. it will be interesting to see what they are planning to do and push for.

definitely, the idea of LEA transparency reports should be suggested .

Best,

Rafik


On 10/7/2015 8:46 AM, Michael Karanicolas wrote:
> That's a very interesting idea. I feel like the structure of appeals
> is probably the trickiest conceptual aspect of improving the DIDP, so
> good to consider alternatives. I think in part it would depend on the
> level of demand for information that ICANN gets, and how often appeals
> go forward. It's also important to bear in mind that, whoever is
> deciding these things, they need to have access to absolutely
> everything ICANN has, and a high level of familiarity with the inner
> workings of ICANN, so that they could determine, for example, whether
> particular information would compromise the integrity of ICANN's
> deliberative and decision-making process in line with the second
> defined condition for nondisclosure.
>
> This is in addition to the qualities Karel mentions (robust, cost
> effective, timely appeals) - which I also fully agree with.
>
> On Tue, Oct 6, 2015 at 2:12 PM, Tamir Israel <[log in to unmask]> wrote:
>> On 10/6/2015 1:02 PM, Michael Karanicolas wrote:
>>> This sort of brings us back to a fundamental challenge with reforming ICANN's
>>> access to information system, which is the need for some sort of analogous independent branch (I'm not completely certain the Ombudsman fits the bill).
>> On this point, I'm not sure how far we dare go here, but would it be
>> unreasonable to set up an arb panel comparable to the ones private ones
>> used for the UDRP (only, of course, appointed by a cross-stakeholder
>> nomination committee and with strict independence criteria) for
>> evaluating such things?
>>
>> Best,
>> Tamir
>>