LISTSERV - NCSG-DISCUSS Archives

Hi Farzi,

I think your idea of providing examples of what could be considered the "market standard" of how to treat this kind of data would be the best way to approach the RDRS SC. Just to drop a few others, Meta (https://transparency.fb.com/reports/government-data-requests/country/), Google (https://transparencyreport.google.com/user-data/overview?hl=en) and TikTok (https://www.tiktok.com/transparency/en-us/government-removal-requests-2023-1/) have interesting reports that could deter most arguments against implementing it for security reasons.

One could also point out that this isn't interesting just for human rights and civil liberties, but also for other interest groups to identify potentially problematic regions (f. ex., a country where, for some reason, there is a spike of registrations being used for criminal activities commonly identified as such all around the world).

Cordially,

Pedro de Perdigão Lana

Lawyer, GEDAI/UFPR Researcher

PhD Candidate (UFPR), LLM in Business Law (UCoimbra)

Board Member @ CC Brasil, ISOC BR and IODA

This message is restricted to the sender and recipient(s). If received by mistake, please reply informing it.

Em sex., 5 de abr. de 2024 às 18:00, farzaneh badii <[log in to unmask]> escreveu:

Dear NCSG,
As you know RDRS (the system whereby requestors of domain name registrants personal data submit their request to access the data-it's a triage system) is now in operation. (been for a few months) There is a Standing Committee on RDRS that meets biweekly which discusses the technical issues of the system. In the report that RDRS issues, we usually can see the number of requests on behalf of law enforcement agencies but it does not specify which jurisdictions.
It is common practice for different Internet organizations and tech-companies to report at least on the jurisdiction. For example, Apple has been publishing the LEA transparency reports, for example you can see which countries and how many apps were requested to be removed from the App Store: https://www.apple.com/legal/more-resources/docs/2022-App-Store-Transparency-Report.pdf

Other Internet organizations also report on which countries requested data, here is for example a RIPE NCC transparency report: https://www.ripe.net/publications/docs/ripe-794/

This topic has been of interest for NCSG for a long time because of its implications on human rights and civil liberty.

I want to suggest that we bring this issue to RDRS SC and ask to open up the discussion on how we can have some minimal transparency in place. For example which countries the law enforcement agencies submit requests from. We can open up the conversation and also consider what measures to take not to disrupt ongoing investigations and come to a middle ground on this. This is not the only way we can request some minimal transparency but it could be a start.

Stephanie is our representative on RDRS SC. Maybe she can bring up this issue in that group?

Farzaneh