Dear NCSG, 

As you know RDRS (the system whereby requestors of domain name registrants personal data submit their request to access the data-it's a triage system) is now in operation. (been for a few months) There is a Standing Committee on RDRS that meets biweekly which discusses the technical issues of the system. In the report that RDRS issues, we usually can see the number of requests on behalf of law enforcement agencies but it does not specify which jurisdictions. 

It is common practice for different Internet organizations and tech-companies to report at least on the jurisdiction. For example, Apple has been publishing the LEA transparency reports, for example you can see which countries and how many apps were requested to be removed from the App Store: https://www.apple.com/legal/more-resources/docs/2022-App-Store-Transparency-Report.pdf

Other Internet organizations also report on which countries requested data, here is for example a RIPE NCC transparency report: https://www.ripe.net/publications/docs/ripe-794/

This topic has been of interest for NCSG for a long time because of its implications on human rights and civil liberty. 

I want to suggest that we bring this issue to RDRS SC and ask to open up the discussion on how we can have some minimal transparency in place. For example which countries the law enforcement agencies submit requests from. We can open up the conversation and also consider what measures to take not to disrupt ongoing investigations and come to a middle ground on this. This is not the only way we can request some minimal transparency but it could be a start. 

Stephanie is our representative on RDRS SC. Maybe she can bring up this issue in that group?